I. Introduction: Themes and Notable Developments in Rulemaking & Enforcement

A. Heightened Enforcement

In our 2021 Year-End Review, we noted that the Division of Enforcement under this Administration had outlined its vision of aggressive, heightened enforcement through an escalation of existing remedies, including increased penalties, individual bars and admissions. The first half of 2022 reflected the Enforcement Division pursuing the playbook as forecasted.

In the first half of 2022, the Commission filed complaints or settled matters in many of its priority areas, such as digital assets and environmental, social and governance (“ESG”) disclosures, and assessed significantly heightened monetary penalties.[1]

The Commission also brought its first substantive enforcement action involving Regulation Best Interest (“Reg BI”).[2] Reg BI—which establishes a “best interest” standard for investment recommendations by broker-dealers—went into effect on June 20, 2020, and abrogates the prior suitability standard for retail customers. The SEC filed a complaint relating to the sale of allegedly high-risk bonds to a number of retail customers alleging, among other things, that the broker-dealer did not conduct adequate diligence on the bonds, did not adequately advise its brokers of the risks, and did not have adequate policies and procedures for compliance with Reg BI.

The Commission’s Reg BI action is also an example of its continuing emphasis on naming and/or charging individual respondents along with entities. Notwithstanding the alleged institutional shortcomings, the complaint also names five individual brokers who earned as little as $5,400 in commissions from the sale of the bonds. All the defendants are litigating the action.[3] (More details are provided in the Broker-Dealers section below.) The result inevitably increases the litigation burden on the Staff of the Enforcement Division.

B. The Age of Dissent

Also of note is the extent to which the Commission’s heightened enforcement agenda is routinely drawing public dissent from at least one of the Commissioners, Hester Peirce.

Commissioner Peirce has long been critical of the Commission’s approach to regulation of the market for digital assets. In February, she reiterated that same criticism in response to a settled enforcement action against a financial services company to which investors lend crypto assets in exchange for a variable interest rate generated through the use of the crypto assets in lending and investment activities. The settled enforcement action alleged, among other things, violations of the registration provisions of the Securities Act and Investment Company Act. Commissioner Peirce again criticized the Commission’s lack of flexibility in subjecting the respondent to challenging registration requirements of the Investment Company Act without a willingness to structure a workable exemption that would still accomplish the Commission’s regulatory mission. Commissioner Peirce admonished that if the Commission is sincere in its invitation to hear from participants in digital asset markets, then the Commission “need[s] to commit to working with these companies to craft sensible, timely, and achievable regulatory paths.”[4]

In another example, in response to a settled insider trading enforcement action, Commissioner Peirce undertook a granular analysis of the factual findings of the Commission’s order and criticized the sufficiency of the evidence to establish the elements of a violation. The Commission found that the respondent had misappropriated material nonpublic information from a business partner who was on the board of the issuer. In finding that the respondent had become aware of material nonpublic information, the order pointed to public facts that the business partner had joined the board in part to assist with pursuing strategic opportunities combined with the respondent “observing [the insider’s] increased activities” at the issuer. Describing the order’s series of inferences as “a rickety structure at best,” Commissioner Peirce noted that the order appears to endorse an unsupported approach to the standard of materiality in which “the existence of a relationship of trust and confidence somehow transmogrifies non-material, public information into material, non-public information.” Of course, as a settled order, the Commission’s theory of liability is not subject to the test of litigation.[5]

More recently, Commissioner Peirce dissented from a settled enforcement action against a broker-dealer for alleged violations of the suitability, compliance and recordkeeping provisions arising from the sale of certain variable rate structured products. Commissioner Peirce dissented because the settlement order recited that, in accepting the respondent’s offer, the Commission took into consideration the respondent’s remedial acts, which included adopting a policy that prohibits the sale of the securities at issue to retail customers. Commissioner Peirce argued that the “Commission’s orders should not intimate that certain types of investments are never suitable for particular classes of investors.” In particular, Commissioner Peirce noted that the Commission’s acknowledgment of, and reliance on, the remedial step taken by the respondent “may be read either as implying that an absolute prohibition on the sale of a specific product is the only acceptable remedial measure here or as an expectation for other firms dealing with retail clients.”[6]

In another recent example, Commissioner Peirce issued a lengthy public dissent from a settled enforcement action against an accounting firm because the action was based in part on an alleged failure of the respondent to update a response to a voluntary information request from the Staff, notwithstanding that the respondent firm investigated and self-reported the underlying issue to its primary regulator, the PCAOB. Commissioner Peirce sharply criticized the Commission’s position as “lack[ing] sound legal grounding,” “woefully misguided” and “patently unfair.”[7]

These examples are important in that persons and entities subject to investigation have an audience on the Commission, albeit a minority, that provides a potential counterweight to the most aggressive instincts of this Commission, and may be receptive to arguments or positions that are contrary to those advanced by the Enforcement Division. However, make no mistake: the majority of this Commission will continue to pursue an aggressive enforcement agenda for the remainder of this Administration.

C. Litigation Update

In mid-July, the United States Court of Appeals for the Second Circuit issued a decision in SEC v. Rio Tinto plc, definitively limiting the way that the SEC has interpreted the boundaries of scheme liability after the Supreme Court’s decision in Lorenzo v. SEC. The SEC argued in Rio Tinto that alleged misstatements and omissions in annual reports and offering documents could form the basis of a scheme liability claim. The Second Circuit disagreed, holding that Lorenzo did not abrogate prior caselaw that scheme liability requires fraudulent conduct beyond mere misstatements and omissions. Our prior client alert provides additional information regarding the decision.

D. Commissioner and Senior Staffing Update

In the first half of 2022, the Commission experienced a number of changes in its senior staff, as well as the addition of a new Commissioner (with another Commissioner joining in July).

In June, Mark T. Uyeda was sworn into office as a Commissioner, filling the position most recently held by Elad Roisman.[8] He is the first Asian Pacific American to serve as a Commissioner at the SEC. He served on the staff of the SEC for 15 years before his appointment to the Commission, including as a Senior Advisor to various Commissioners and in roles in the Division of Investment Management. Commissioner Uyeda, a Republican, and Jaime Lizárraga, a Democrat, were both confirmed by the Senate earlier that month.[9] Mr. Lizárraga most recently served as a Senior Advisor to House Speaker Nancy Pelosi, and previously worked on the Democratic staff of the House Financial Services Committee.[10] He was sworn in on July 18 to fill the seat of Allison Herren Lee following her departure from the Commission.

At the staff level, the Division of Examinations, in particular, saw significant changes in leadership. Daniel S. Kahl, Acting Director of the Division, left the SEC in March.[11] Following Mr. Kahl’s departure, Richard R. Best left his post as Director of the New York Regional Office to serve as Acting Director and, later, Director of the Division of Examinations.[12] In January, the Division’s Deputy Director since 2018, Kristin Snyder, also left the agency.[13] Ms. Snyder had also led the Investment Adviser/Investment Company (IA/IC) examination program, including the Private Funds unit, since 2016. Following her departure, Joy Thompson has been serving as Acting Deputy Director and Acting Associate Director of the Private Funds Unit, and Natasha Vij Greiner has been serving as Acting Co-National Associate Director of the IA/IC examination program.

There was significant turnover at the regional offices, with five of eleven regional offices experiencing changes in leadership. Those changes, as well as other changes in the senior staffing of the Commission, include:

In February, Lori H. Price was named Acting Director of the Office of Credit Ratings, replacing Ahmed A. Abonamah, who left the agency that month.[14]
Also in February, Kelly L. Gibson, Director of the SEC’s Philadelphia Regional Office since 2020, left the agency.[15] Scott Thompson and Joy Thompson have been serving as Acting Co-Directors of the Philadelphia Regional Office following Ms. Gibson’s departure.
In March, Lara Shalov Mehraban began serving as Acting Director of the New York Regional Office following Richard R. Best’s transition to his new role in the Division of Examinations.[16]
Also in March, Erin E. Schneider, Director of the SEC’s San Francisco Regional Office since 2019, left the agency.[17] Monique C. Winkler has been serving as Acting Regional Director following Ms. Schneider’s departure.
In June, Tracy S. Combs was named Director of the Salt Lake Regional Office.[18] Combs previously served in the agency’s Division of Enforcement, including as counsel to the Director of Enforcement since 2021. Tanya Beard, who served as Acting Director prior to Ms. Comb’s appointment, remains in the Salt Lake Regional Office as Assistant Regional Director of Enforcement.
In July, Kurt. L. Gottschall, Director of the Denver Regional Office since 2018, left the SEC.[19] Jason J. Burt and Thomas M. Piccone have been serving as Co-Acting Regional Directors following Mr. Gottschall’s departure.

E. SPACs

The SEC continued its focus on Special Purpose Acquisition Companies (“SPACs”) in the first half of 2022. While there were no enforcement actions specifically related to SPACs, the SEC, in March, proposed new rules intended to enhance disclosure and investor protection in initial public offerings (“IPOs”) by SPACs and in subsequent business combinations between SPACs and private operating companies (“de-SPAC transactions”).[20] SEC Chair Gary Gensler described these proposed rules as crucial to “help ensure” that “disclosure[,] standards for marketing practices[,] and gatekeeper and issuer obligations” as applied in the traditional IPO context also apply to SPACs.[21] Chair Gensler further observed that “[f]unctionally, the SPAC target IPO is being used as an alternative means to conduct an IPO.”[22]

The proposed rules, which include new rules and amendments to existing rules, involve four key components:

Disclosure and Investor Protection: creating specific disclosure requirements with respect to, among other things, compensation paid to sponsors, potential conflicts of interest, dilution, and the fairness of the business combination, for both the SPAC IPOs and de‑SPAC transactions;
Business Combinations Involving Shell Companies: deeming a business combination transaction involving a reporting shell company and a private operating company as a “sale” of securities under the Securities Act of 1933 (the “Securities Act”) and amending the financial statement requirements applicable to transactions involving shell companies. Furthermore, the rules will amend the current “blank check company” definition to make clear that SPACs cannot rely on the safe harbor provision under the Private Securities Litigation Reform Act of 1995 when marketing a de-SPAC transaction;
Projections: expanding and updating the Commission’s guidance on the presentation of projections in filings with the Commission to address the reliability of such projections; and
New Safe Harbor under the Investment Company Act of 1940: creating a safe harbor that SPACs may rely on to avoid being subject to registration as investment companies under the Investment Company Act of 1940. The safe harbor would (i) require SPACs to hold only assets comprising of cash, government securities, or certain money market funds; (ii) require the surviving entity to be engaged primarily in the business of the target company; and (iii) impose a time limit, from the SPAC IPO, of 18 months for the announcement (and 24 months for the completion) of the de-SPAC transaction.

For a more detailed discussion of these proposed rules, see our prior alert on the subject.

F. Cybersecurity

The SEC continued its history of rulemaking in the area of cybersecurity matters during the first half of 2022.

1. Public Companies

In March, the SEC proposed further amendments to its rules which would require, among other things, current reporting about material cybersecurity incidents and periodic reporting to provide updates about previously reported cybersecurity incidents.[23] The proposal also would require periodic reporting about a public company’s policies and procedures to identify and manage cybersecurity risks; the registrant’s board of directors’ oversight of cybersecurity risk; and management’s role and expertise in assessing and managing cybersecurity risk and implementing cybersecurity policies and procedures. The proposal further would require annual reporting or certain proxy disclosure about the board of directors’ cybersecurity expertise, if any.

For a more detailed discussion of the proposed rule, see our prior alert on the subject.

2. Investment Management

In February, the SEC voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures.[24] The proposed rules would require advisers and funds to adopt and implement written cybersecurity policies and procedures. The proposed rules also would require advisers to report significant cybersecurity incidents affecting the adviser or its fund or private fund clients to the Commission on a new confidential form, and to publicly disclose cybersecurity risks and significant cybersecurity incidents that occurred in the last two fiscal years in their brochures and registration statements. Additionally, the proposal would set forth new recordkeeping requirements for advisers and funds.

For further discussion of the proposed rule, see our prior alert regarding 2022 rule proposals targeting advisers to private funds.

G. ESG

The Division of Enforcement’s Climate and ESG Task Force, led by Sanjay Wadhwa, Deputy Director of the Division of Enforcement, has ramped up its efforts since its founding in May 2021, reportedly using “sophisticated data analysis to mine and assess information” to identify “material gaps or misstatements” in issuer’s disclosures and disclosures relating to investment advisers’ and funds’ ESG strategies.[25] Meanwhile, the Commission is also engaged in a number of rulemaking efforts relating to ESG.

1. Public Companies

In March, the SEC proposed rule changes that would require registrants to include certain climate-related disclosures in their registration statements and periodic reports.[26] The proposed rule changes would require a registrant to disclose information about (i) the issuer’s governance of climate-related risks and relevant risk management processes; (ii) how any climate-related risks identified by the registrant have had or are likely to have a material impact on its business and consolidated financial statements, which may manifest over the short-, medium-, or long-term; (iii) how any identified climate-related risks have affected or are likely to affect the registrant’s strategy, business model, and outlook; and (iv) the impact of climate-related events, and transition activities on the line items of a registrant’s consolidated financial statements, as well as on the financial estimates and assumptions used in the financial statements.

For public companies that already conduct scenario analyses, have developed transition plans, or publicly set climate-related targets or goals, the proposed amendments would require certain disclosures to enable investors to learn about those aspects of the registrants’ climate risk management.

The proposed rules also would require a registrant to disclose information about its direct greenhouse gas (“GHG”) emissions and indirect emissions from purchased electricity or other forms of energy, as well as from upstream and downstream activities in its value chain. The proposed rules provide a safe harbor for liability and an exemption from certain disclosure requirements for smaller reporting companies. Under the proposed rule changes, accelerated filers and large accelerated filers would be required to include an attestation report from an independent attestation service provider, with additional phase-ins over time.

According to Chair Gensler, the SEC has received 14,500 comment letters on the proposal.[27] For a more detailed discussion of the proposal, see our prior alert on the subject.

2. Investment Management

In May, the SEC proposed amendments to rules and reporting forms applying to certain registered investment advisers, advisers exempt from registration, registered investment companies, and business development companies.[28] The proposed amendments seek to categorize certain types of ESG strategies broadly and require funds and advisers to provide more specific disclosures in fund prospectuses, annual reports, and adviser brochures based on the ESG strategies they pursue. Funds focused on the consideration of environmental factors generally would be required to disclose the GHG emissions associated with their portfolio investments. Funds claiming to achieve a specific ESG impact would be required to describe the specific impacts they seek to achieve and summarize their progress on achieving those impacts. Funds that use proxy voting or other engagement with issuers as a significant means of implementing their ESG strategy would be required to disclose information regarding their voting of proxies on particular ESG-related voting matters and information concerning their ESG engagement meetings. Finally, the proposal would require certain ESG reporting on Forms N-CEN and ADV Part 1A.

In May, the SEC also proposed amendments to the Investment Company Act “Names Rule” with the stated goal of “moderniz[ing] the Names Rule for today’s markets,” including for ESG-related funds.[29] The current rule requires registered investment companies whose names suggest a focus in a particular type of investment to adopt a policy to invest at least 80% of the value of their assets in those types of investments. The proposed amendments would extend the requirement to any fund name with terms suggesting that the fund focuses in investments that have (or whose issuers have) particular characteristics, including fund names with terms such as “growth” or “value,” or terms indicating that the fund’s investment decisions incorporate one or more ESG-related factors.

An investment adviser ESG-related disclosure case is described below in III.B.

H. Whistleblower Awards

Coming off a record-breaking year, the pace and size of whistleblower awards has slowed in the first half of 2022. Through June of this year, the SEC’s whistleblower program has awarded approximately $88 million to 22 separate whistleblowers. This is less than half of the payments awarded during the same time period in 2021, which saw nearly $200 million in awards to 45 individuals.

Still, the whistleblower program remains significant for the Commission, with approximately $1.3 billion paid to 273 individuals since the program’s inception in 2012. Further, the SEC remains committed to incentivizing whistleblowers to come forward with information, and to rewarding their efforts. In February, the SEC proposed two amendments to whistleblower program rules aimed at further enticing whistleblowers to come forward.[30] The first proposed change would allow the Commission to pay whistleblower awards, even if the awards might otherwise be paid under another federal agency program.[31] The second change would affirm the SEC’s discretionary authority to consider the dollar amount of potential awards for the sole purpose of increasing any award under Rule 21F-6, which would preclude considering the dollar amount to decrease any award.[32]

Significant whistleblower awards granted during the first half of this year include:

Three awards in January, including a payment of over $13 million to a whistleblower who “promptly” notified the Commission of an ongoing fraud and provided “extensive” assistance thereafter, which led to the opening of an investigation and a successful enforcement action;[33] an award totaling more than $4 million to three whistleblowers in two separate enforcement proceedings, all described as providing “critical” information during the investigation;[34] and awards totaling more than $40 million to four whistleblowers, two of whom received a combined $37 million for providing “key evidence,” while the third received approximately $1.8 million for providing information which prompted a separate related action, and the fourth received a $1.5 million award for providing information that “shaped the staff’s instigative strategy.”[35]
Four awards in March, including a payment of more than $3.5 million to a whistleblower for contributing to the success of two enforcement actions and helping save the SEC staff time and resources;[36] an award of approximately $14 million to a whistleblower whose online report and outreach to staff exposed an ongoing fraud and prompted a successful enforcement action along with restitution to investors;[37] awards totaling approximately $3 million to three whistleblowers who provided information that prompted the SEC staff to open investigations and provided ongoing assistance in three separate actions;[38] and an award of $1.25 million to a whistleblower who provided “high-quality information and exemplary cooperation,” including identifying witnesses and explaining key documents, which led to a successful enforcement action and saved the SEC staff time and resources.[39]
An award in April of $6 million to five whistleblowers in a single enforcement proceeding who each provided ongoing assistance, in the form of either key documents or firsthand accounts of misconduct.[40]
An award in May totaling nearly $3.5 million to four whistleblowers who provided information which led to a successful enforcement action. Three of these whistleblowers provided the SEC with information that led to the opening of a new investigation, while the fourth provided analysis, which “focused the staff’s attention on new allegations.”[41]

II. Public Company Actions

Public company accounting and disclosure cases continued to comprise a significant portion of the SEC’s cases in the first half of 2022, and included a range of financial reporting, disclosure, and professional responsibility enforcement actions.

A. Financial Reporting

In February, the SEC announced settled charges against a healthcare company and two former employees for alleged accounting improprieties stemming from intra-company foreign exchange transactions that resulted in a purported misstatement of the company’s net income.[42] The SEC alleged that, from 1995 to 2019, the company used a non-GAAP convention for converting non-U.S. dollar transactions, assets, and liabilities on its financial statements. The SEC further alleged that, beginning in 2009, the company purposefully used this convention for the purpose of generating foreign exchange accounting gains and avoiding losses of the same. Further, the SEC alleged that one former employee did not take steps to investigate the company’s consistently generated gains. Without admitting or denying the allegations, the company and its former employees agreed to cease and desist from future violations. The company agreed to pay an $18 million fine, and the former employees agreed to pay nearly $315,000 combined in civil penalties and disgorgement.

In April, the SEC announced a settled action against a pest control company and a former executive for allegedly making improper accounting adjustments through reducing accounting reserves without analyzing appropriate criteria under GAAP in order to meet quarterly earnings per share targets.[43] The SEC further alleged that the company and former executive failed to adequately memorialize the basis for these accounting entries and that the company failed to document other quarterly entries from 2016 to 2018. Without admitting or denying the allegations, the company and executive agreed to cease and desist from future violations, and pay penalties of $8 million and $100,000, respectively. The company’s penalty was the highest yet under the SEC’s earnings per share (“EPS”) initiative, which relies on data analytics to uncover hard-to-detect accounting and disclosure violations.

In June, the SEC announced a settled action against a telecommunications-support technology company and several of its senior employees for improper accounting practices, including improperly recognizing revenue on multiple transactions and misleading the company’s auditors.[44] The SEC alleged that, from 2013 to 2017, senior employees of the company improperly accounted for three categories of transactions which resulted in overstating revenue in pursuit of meeting earnings targets: (1) transactions without persuasive evidence of an arrangement; (2) acquisitions and divestitures where revenue was recognized on license agreements instead of netting those amounts against purchase prices; and (3) license and hosting transactions where it recognized revenue upfront, instead of rated over the term of the arrangement. The SEC also alleged that certain employees attempted to conceal that revenue had been improperly recognized upfront when, instead, it was contingent on future events. Without admitting or denying the SEC’s findings, the company agreed to cease and desist from further violations and pay a $12.5 million civil penalty; three former employees and one current employee settled for civil penalties ranging from $15,000 to $90,000; and the company’s former general counsel agreed to pay a $25,000 penalty and to a suspension from appearing or practicing as an attorney before the SEC for 18 months. The company’s founder and former CEO, while not charged with misconduct, agreed to reimburse the company $1.3 million in stock sale profits and bonuses, and return shares of company stock. Additionally, the SEC filed a complaint in the Southern District of New York against both the company’s former CFO and the former Controller, seeking civil penalties, restitution, bars, and permanent injunctions. That litigation remains ongoing.

B. Public Statements and Filing Disclosures

In January, the SEC settled an action—without any monetary penalties—against a private technology company after it made significant remedial efforts in the wake of an internal investigation into misconduct by its now-former CEO.[45] As profiled in our last update, the SEC issued a complaint against the then-CEO of the company, after he allegedly inaccurately claimed the company had achieved strong and consistent revenue and customer growth in order to push it to a “unicorn” valuation of over $1 billion. The company’s Board of Directors conducted an internal investigation leading to the CEO’s removal and a revised valuation down to $300 million. The Board instituted other remedial measures, including the repayment of investors, hiring of new senior management, expansion of its board, and institution of processes and procedures to increase transparency and accuracy of deal reporting. The SEC highlighted these remedial actions and the company’s extensive cooperation in the matter as factors counseling against imposing a penalty. Accordingly, the company settled the complaint for a permanent injunction against further violations without admitting or denying wrongdoing.

In April, the SEC filed a complaint against a former executive of a Brazilian reinsurance company for making allegedly false statements claiming that a large, multi-national conglomerate had recently made a substantial investment in the company.[46] The SEC alleged that, in February 2020, the executive planted misleading stories with the media, created and shared fabricated shareholder lists purporting to show substantial purchases of the company’s stock by the conglomerate, and shared information with analysts and investors purporting to show this investment. The SEC alleged that, as a result of this information, the reinsurance company’s stock price rose by more than 6% during the following 24 hours, and dropped more than 40% after the conglomerate denied the investment. The SEC filed a complaint against the former executive seeking a permanent injunction, officer and director bar, and civil monetary penalties. The Department of Justice also announced criminal charges against the individual.

In May, the SEC announced settled charges against a healthcare supply chain company and a complaint against its former CEO and Chairman of the Board for making allegedly false statements regarding the company’s plan to distribute COVID-19 rapid test kits.[47] The SEC alleged that, in April 2020, the company issued a press release announcing a “committed purchase order” for two million COVID-19 test kits, as well as an ongoing commitment to purchase two million more test kits every week for nearly six months. However, the company allegedly had neither an executed purchase agreement nor a supplier for the tests. The SEC alleged that after the announcement, the company, which was struggling financially at the time, saw a 425% increase in stock price from the prior trading day. Without admitting or denying the allegations, the company agreed to a settlement that included permanent injunctions, a $125,000 penalty, and more than $500,000 in disgorgement. The U.S. Attorney’s Office for the District of New Jersey and the U.S. Department of Justice’s Criminal Division also announced criminal charges against the former CEO.

C. Gatekeepers

In June, the Commission instituted a settled action against a credit rating agency and its CEO for allegedly violating various conflict of interest rules.[48] The SEC’s complaint alleged that the CEO engaged in sales and marketing activities related to a client while, at the same time, determining that client’s credit rating, in violation of Rules 17g-5(c)(8)(i)–(ii) of the Exchange Act. The complaint also alleged that the agency violated Rule 17g-5(c)(1) (the “Ten Percent Rule”) by allegedly continuing to issue and maintain ratings for another client, even though that client had contributed more than 10% of the agency’s revenues in the prior fiscal year. Lastly, the SEC alleged that the agency did not establish, maintain, and enforce sufficient internal controls to manage these conflicts of interest. Without admitting or denying the SEC’s findings, both the agency and its CEO agreed to pay a total of $2 million in civil penalties, as well as over $146,000 in disgorgement.

Also in June, the SEC instituted a settled action against an audit firm and three of its partners for alleged improper professional conduct after failing to investigate two clients’ financial statements despite known concerns about the accuracy of one client’s goodwill impairment calculations and another’s related party transactions.[49] The SEC alleged that, in 2016 and 2017, the audit firm and its partners allegedly improperly accepted its clients’ determination that their goodwill had not been impaired or reduced in value, despite internal beliefs that the goodwill valuation methods employed by the clients were insufficient. The SEC also alleged that the audit firm’s quality control systems led to the failure to adhere to adequate professional auditing standards. Without admitting or denying the allegations, the audit firm agreed to pay a $1.9 million penalty, to be censured, and to retain an independent consultant to review and evaluate certain control policies and procedures. The partners, without admitting or denying the allegations, agreed to each pay penalties ranging from $20,000 to $30,000; two partners additionally agreed to one- and three-year suspensions to practicing before the SEC, and the third partner agreed to a censure. The audit firm’s two clients at issue previously settled with the SEC related to the same financial disclosures, but with different outcomes: one of the audit firm’s clients and the client’s employees agreed to a settlement involving multi-million dollar monetary fines, restitution, and injunctive relief in June 2019;[50] the other client agreed to a no-penalty settlement without admitting or denying wrongdoing.[51]

Also in June, the SEC settled an action with an accounting firm relating to cheating by the firm’s employees on CPA ethics exams over a number of years, which was aggravated by the SEC’s perceived failure by the firm to correct its response to an earlier SEC voluntary request for information regarding the matter.[52] In June 2019, in the wake of a settlement with a different accounting firm regarding a similar issue, the firm received a voluntary information request from the SEC regarding complaints about cheating on CPA ethics exams, and the SEC asked for a response only one day later. The firm complied with the short response timeline, but its response did not include a relevant whistleblower report that was first made the same day the firm received the voluntary information request, and of which the legal department was not aware of its existence at the time of its initial response to the SEC. After becoming aware of this report, the firm conducted an internal investigation into the issue and later reported its results to the PCAOB. However, the SEC reasoned that the firm had violated the PCAOB’s professionalism rules because it did not promptly supplement its initial response to the SEC’s June 2019 voluntary information request with information about the whistleblower’s report. The firm settled the SEC’s allegations, agreeing to pay a $100 million fine, as well as to engage two independent consultants to make recommendations for further internal improvements. As noted above, Commissioner Peirce issued a forceful dissent from the settlement, arguing that the SEC’s “unduly punitive terms” were overly focused on the firm’s “imperfect compliance” with the SEC staff’s request to respond with information the next day, and ignored the “central issue” of cheating by the auditing professionals employed by the firm.[53]

III. Investment Advisers

A. Misuse of Investor Funds

In January, the SEC charged a financial adviser (dual registered representative of a broker-dealer and investment adviser) for allegedly misappropriating nearly $6 million from a client[54] over a six-year period and using the money for personal expenses, and to repay money that he had taken from another client. The SEC alleged the adviser created false account statements, forged signatures on documents, and altered financial records to cover up his actions. The SEC is seeking injunctive relief, disgorgement, and civil penalties. The U.S. Attorney’s Office for the Southern District of Florida filed parallel criminal charges.

In March, the SEC announced fraud charges against an investment adviser for allegedly using investor funds for personal expenses and a Ponzi-like scheme.[55] According to the SEC, the adviser told investors that their pooled money would be invested using a proprietary algorithm. The SEC alleged that, instead, the adviser used investor funds to pay off his own personal expenses and to repay previous investors while misleading current investors about their returns. The same adviser was permanently barred from the securities industry in a 1992 SEC enforcement action.[56] In the current case, the SEC is seeking an injunction, disgorgement, and penalties against the adviser. The U.S. Attorney’s Office for the District of New Jersey brought parallel criminal charges.

In May, the SEC charged a hedge fund and its sole owner for allegedly misappropriating millions of investors’ funds.[57] According to the SEC, over a period of nearly five years, the hedge fund and its owner raised approximately $39 million from more than 100 investors and thereafter made inaccurate statements about the fund’s performance (incurring $27 million in trading losses), falsified investors account documents, misrepresented the fact that the fund did not have an auditor, engaged in a Ponzi-like scheme with new investor funds being paid to earlier investors, and took money from the fund to pay for personal expenses, including jewelry. The SEC sought and obtained emergency relief and an asset freeze against the hedge fund and its owner, and the litigation remains ongoing.

B. Material Misrepresentations

In February, the SEC announced a settled action against a robo-adviser based on allegations that it made misleading statements and failed to comply with its own representations that it was compliant with Shari’ah law.[58] The SEC alleged the robo-adviser promoted its own proprietary funds when no such funds existed, then used investor funds to seed an exchange-traded fund without any disclosure to the investors. In addition, the SEC claimed that the robo-adviser promoted itself as compliant with Shari’ah law, including marketing an income purification process, but then took no actions to ensure this compliance. Without admitting or denying the allegations, the adviser agreed to a cease-and-desist order, to retain an independent compliance consultant, and to pay a $300,000 penalty.

In February, the SEC announced charges against the former Chief Investment Officer and founder of an investment adviser to a mutual fund and a hedge fund, based on allegations that the CIO significant overvalued assets, resulting in his receipt of $26 million of improper profit distributions.[59] According to the SEC, the CIO altered documents describing the funds’ valuation policies and sent forged term sheets to the auditor of the mutual and private funds. The former CIO was removed from his position in February 2021 after the SEC’s Staff showed the firm information suggesting that the CIO had been adjusting the company’s third-party pricing model. Shortly thereafter, at the mutual fund’s request, the SEC issued an order suspending redemptions.[60] The U.S. Attorney’s Office for the Southern District of New York is pursuing parallel criminal charges.

In March, the SEC announced a settled action against an investment adviser for using its discretionary trading authority to invest advisory clients in proprietary mutual funds and failing to disclose the corresponding conflict of interest.[61] Without admitting or denying the allegations, the adviser agreed to a cease-and-desist order, to obtain an independent compliance consultant, and to pay disgorgement and penalties totaling $30 million.

In March, the SEC announced a settled action against a venture capital fund adviser and its CEO for allegedly making misstatements about the adviser’s management fees and otherwise breaching its operating agreement.[62] The SEC alleged that certain promotional material advertised a management fee that was much lower than what the adviser actually assessed. In addition, the SEC claimed that the adviser made cash transfers between various funds that were not authorized by the adviser’s operating agreement. Without admitting or denying the allegations, the adviser agreed to repay $4.7 million to the affected private funds along with a $700,000 penalty; the CEO agreed to pay a $100,000 penalty.

In April, the SEC announced a settled action against an asset manager and its former co-CEOs based on alleged misrepresentations about the asset manager’s prospects for growth.[63] According to the SEC, the asset manager overstated its assets by including amounts provisionally committed by clients who had no obligation to ultimately invest with the manager. The SEC alleged that the inclusion of these investments inflated the asset manager’s value and led investors to vote in favor of a merger for the asset manager that would result in higher paying jobs for the co-CEOs. Without admitting or denying the allegations, the co-CEOs and asset manager agreed to a cease-and-desist order and to pay a $10 million penalty.

In May, the SEC charged an investment firm for alleged misstatements and omissions about ESG considerations in making investment decisions for certain mutual funds that it managed.[64] The SEC’s order alleged that, from July 2018 to September 2021, the firm represented or implied in various statements that all investments in the funds had undergone an ESG quality review. But according to the SEC, numerous investments held by certain funds did not have an ESG quality review score as of the time of investment. Without admitting or denying the SEC’s findings, the firm agreed to a cease-and-desist order, a censure, and to pay a $1.5 million penalty.

Also in May, the SEC announced a settled action against a variable annuities principal underwriter for alleged sales practice misconduct by its wholesalers.[65] The SEC alleged employees of the wholesaler caused exchange offers to be made to customers and clients of its affiliated retail broker-dealer and investment adviser to switch from one variable annuity to another to increase sale commissions Notably, this case represents the first-ever enforcement proceeding under Section 11 of the Investment Company Act of 1940, which, absent an exception, prohibits any principal underwriter from making or causing to be made an offer to exchange the securities of registered unit investment trusts (including variable annuities) unless the terms of the offer have been approved by the SEC. Without admitting or denying the allegations, the respondent agreed to a cease-and-desist order and to pay a $5 million penalty.

Also in May, the SEC announced charges and settlements with an investment adviser and three of the adviser’s former senior portfolio managers for allegedly concealing the downside risks of an options trading strategy from approximately 114 institutional investors who invested approximately $11 billion in the strategy between 2016 and 2020.[66] According to the complaint and consent orders, the lead portfolio manager, with the assistance of two senior managers, manipulated financial reports and other information provided to investors to conceal the magnitude of the strategy’s risk and the strategy’s actual performance. In one instance, the senior portfolio managers allegedly reduced losses in one scenario in a risk report sent to investors from approximately negative 42.15% to negative 4.15%. The SEC alleged that the group took several steps to conceal their conduct, including by providing false testimony to the SEC. In settling the action, the investment adviser, which pleaded guilty to criminal charges, admitted that its conduct violated securities laws and agreed to a cease-and-desist order, a censure, and payment of $349.2 million in disgorgement and prejudgment interest and a fine of $675 million. Two of the three portfolio managers also consented to orders that included associational and penny stock bars as well as monetary relief to be determined in the future. The SEC’s litigation against the lead portfolio manager is ongoing.

In June, the SEC announced a settled action against an investment adviser and two affiliated companies based on allegations that the affiliates did not sufficiently describe in their historical disclosures how allocating a portion of a clients’ funds to cash could affect the performance of their portfolios under certain market conditions.[67] The SEC also alleged that the companies did not adequately disclose an affiliated bank’s ability to earn interest from the cash deposits. The SEC concluded, however, that each of the alleged disclosure deficiencies was fully corrected in November 2018. Without admitting or denying the allegations, the companies agreed to a cease-and-desist order, providing for their payment of approximately $187 million in disgorgement and penalties.

Also in June, the SEC announced a settled action against an investment adviser for allegedly contravening its agreements by allocating certain deal-related expenses across its private equity fund clients in a non-pro rata manner and failing to properly disclose the allocations.[68] According to the SEC, investors in the private equity funds included pension funds, foundations and endowments, other institutional investors, and high net worth individuals. Without admitting or denying the SEC’s allegations, the investment adviser agreed to a cease-and-desist order and to pay a $1 million penalty.

In June, the SEC announced a settled action against an investment adviser based upon allegations that the firm’s financial advisers did not adequately understand the risks associated with an options trading strategy that they recommended to approximately 600 advisory clients between February 2016 and February 2017 clients and thus the recommendations may not have been in the clients’ best interest.[69] Without admitting or denying the SEC’s allegations, the company agreed to a cease-and-desist order and agreed to pay a fine of $17.4 million and disgorgement and prejudgment interest of $7.2 million.

C. New Regulations

In addition to the cybersecurity and ESG-related rule proposals discussed in Section IE above, we note that in February, the SEC proposed a dramatic overhaul to the regulation of private fund advisers.[70] Among other changes, the proposed rules would require private fund advisers to provide investors with quarterly statements regarding fund fees, expenses, and performance. The proposed rule would also prohibit these advisers from giving certain kinds of preferential treatment to investors and would require disclosure to all current and prospective investors in a fund of any preferential rights granted to any investors of the fund.

For a more detailed discussion of the rule proposal, see our prior alert on the subject and the comment letter submitted by the Private Investment Funds Forum, of which GDC was a co-author.

We also note the upcoming November 2022 implementation deadline for the new Marketing Rule, which replaced the former Advertising and Solicitation rules, and caused the SEC to withdraw or modify roughly 200 No Action letters.[71]

IV. Broker-Dealers

A. Misrepresentation

In May, the SEC announced a settled action against a broker-dealer and its co-founder based on allegations that they misled customers as to restricting the purchase of so-called meme stocks in late January 2021.[72] According to the order, the broker-dealer halted purchases of the stocks for about 10 minutes, but after, the broker-dealer and its co-founder stated that it never restricted trading. Without admitting or denying the SEC’s charges, the broker-dealer and co-founder agreed to retain an independent compliance consultant and pay $100,000 and $25,000 fines, respectively.

B. Form-Filling Violations

In February, the SEC announced settled charges against 12 firms, six investment advisers and six broker-dealers, based on allegations that each of the firms failed to timely file and deliver the Form CRS to their existing and/or prospective retail clients and customers.[73] In June 2019, the SEC adopted Form CRS, which SEC-registered investment advisers and broker-dealers that offer services to retail investors are required to file and keep current with the SEC, deliver to existing and prospective clients and customers beginning no later than June/July 2020, and prominently post on their websites the most recently filed version thereof. The SEC alleged that the sanctioned 12 firms missed the regulatory deadlines and, in certain instances, failed to include required information and language in their respective Form CRS. Without admitting or denying the SEC’s findings, the firms each agreed to be censured, to a cease-and-desist order, and to pay civil penalties varying from $10,000 to $97,523.

In May, the SEC announced settled charges against a broker-dealer and investment adviser for allegedly failing to file over 30 suspicious activity reports (“SARs”) between April 2017 and October 2021, which are used to identify and investigate potentially suspicious activity.[74] The SEC’s order alleged that for a nine-month period, the firm failed to file at least 25 SARs as a result of its deficient implementation and testing of a new anti-money laundering (“AML”) transaction monitoring and alert system. The SEC further alleged that the firm failed to file at least nine additional SARs due to its failure to process wire transfer data into its AML transaction monitoring system on dates on which there was a bank holiday without a corresponding brokerage holiday. The order describes the firm’s substantial cooperation and voluntary remedial measures, as well as a thorough internal investigation conducted by the firm, the findings of which were shared with Staff. Notwithstanding, in its press release the SEC characterized the firm as a recidivist, citing to a prior settlement in 2017 relating to an alleged failure to file 50 SARs. Without admitting or denying the SEC’s findings, the firm agreed to a censure, a cease-and-desist order, and to pay a fine of $7 million.

C. Regulation Best Interest (“BI”)

As discussed in the introduction, in June, the SEC charged a broker-dealer and five of its registered representatives for allegedly violating Reg BI when recommending and selling L Bonds to retirees and other retail investors.[75] According to the SEC’s complaint, over a 10-month period, the broker’s registered representatives recommended and sold retail investors approximately $13.3 million in the bonds. According to the SEC, the bond’s issuer described the product as high risk, illiquid, and only suitable for customers with substantial financial resources. In the SEC’s first substantive Reg BI case, the SEC alleges violations of the broker-dealer’s Care Obligation (which requires that the registered representative have a reasonable basis to believe their recommendation is in the best interest of the customer), and Compliance Obligation (which requires that the broker-dealer maintain and enforce written policies and procedures designed to achieve compliance with Reg BI). The SEC is seeking permanent injunctions, disgorgement, and civil penalties.

V. Cryptocurrency and Other Digital Assets

Despite the recent current crypto winter (cryptocurrencies reportedly having lost trillions in value since market highs in 2021), digital assets continue to be a leading-edge asset class and a primary focus for the SEC’s Division of Enforcement, as evidenced by multiple enforcement actions in the first half of 2022, as well as expected rulemaking proposals and dramatic staffing increases in the Commission’s digital asset securities unit.

A. Agency Updates

In May, the SEC announced the allocation of 20 additional positions to the newly renamed Crypto Assets and Cyber Unit (formerly known as the Cyber Unit) in the Division of Enforcement, which will grow to 50 dedicated positions—nearly doubling the size of the unit.[76] According to the SEC, the expanded Crypto Assets and Cyber Unit will focus on investigating securities law violations related to: digital asset offerings; digital asset exchanges; digital asset lending and staking products; decentralized finance (“DeFi”) platforms; non-fungible tokens (“NFTs”); and stablecoins.

B. Fraud

In January, the SEC announced charges against an Australian citizen and two companies he founded for allegedly making false and misleading statements in connection with an unregistered offer and sale of digital asset securities.[77] According to the SEC’s complaint, the Founder claimed to have raised $40.7 million through his companies in an initial coin offering (“ICO”), and allegedly told investors that the ICO proceeds would be used to develop a new technology. Instead, however, he diverted more than $5.8 million in ICO proceeds to gold mining entities. The SEC also alleged that the Founder and his companies did not register their offers and sales of tokens with the Commission, and knowingly sold them to groups of investors without determining whether the underlying investors were accredited. Without admitting or denying the allegations, the Founder and his companies consented to a permanent injunction, and to permanently disable the tokens and remove them from digital asset trading platforms. The Founder further agreed to an officer or director bar, and a penalty of $195,000.

In March, the SEC announced that it charged two individuals with allegedly defrauding retail investors out of more than $124 million through two unregistered offerings of securities involving a digital token.[78] In its complaint, the SEC alleged that the defendants—in roadshows, YouTube videos, and other materials—falsely claimed that its crypto coin was supported by one of the largest crypto mining operations in the world, but that the defendants previously abandoned mining operations after generating less than $3 million in total mining revenue. As alleged, the defendants incorrectly stated that the crypto coin had a $250 million crypto mining operation and was producing $5.4 million to $8 million per month in mining revenues. According to the complaint, the two individuals also arranged for a public website to display a wallet of an unrelated third party showing more than $190 million in assets as of November 2021, even though the coin’s wallets were allegedly worth less than $500,000. Moreover, the complaint alleged that the individuals manipulated the crypto coin’s price and misused investor funds for personal expenses. In a parallel action, the U.S. Attorney’s Office for the Southern District of New York unsealed criminal charges against one of the individuals.

In May, the SEC announced charges against a corporation, its two founders, and two entities controlled by one of its founders.[79] According to the SEC’s complaint, the two founders sold mining packages to investors and promised daily returns of 1%, paid weekly, for a period of up to 52 weeks. The complaint also alleged that, in its early days, investors were promised returns in Bitcoin, but later, defendants required investors to withdraw their investments in the corporation’s own token. The complaint also alleged that investors were required to redeem those tokens on a “fake” crypto asset trading platform created and managed by one of the corporation’s founders, but when investors tried to liquidate their tokens on that asset trading platform, they encountered purported errors and were required to either buy another mining package or forfeit their investments. In April, the United States District Court for the Southern District of Florida issued a temporary restraining order against all of the defendants and an order freezing defendants’ assets, among other relief.

C. Registration and Disclosure

In February, the SEC announced that it charged a company with failing to register the offers and sales of its retail crypto lending product.[80] According to the SEC’s order, the company offered and sold a lending product to the public, through which investors lent crypto assets to the company in exchange for the company’s promise to provide a variable monthly interest payment. The SEC alleged that the lending products were securities, and the company therefore was required to register its offers and sales of the products but failed to do so or to qualify for an exemption from SEC registration. The SEC also alleged that the company operated for more than 18 months as an unregistered investment company because it issued securities and also held more than 40% of its total assets, excluding cash, in investment securities, including loans of crypto assets to institutional borrowers. Finally, the SEC alleged that the company made a false and misleading statement for more than two years on its website concerning the level of risk in its loan portfolio and lending activity. Without admitting or denying the SEC’s allegations, the company agreed to pay a $50 million penalty, cease its unregistered offers and sales of the lending product, and attempt to bring its business within the provisions of the Investment Company Act within 60 days. Finally, in parallel actions, the company agreed to pay an additional $50 million in fines to 32 states to settle similar charges. At the time of the settlement, the company was actively engaged in litigation with multiple states including the New Jersey Attorney General. (Prior to assuming his current role as the Director of the SEC’s Enforcement Division, Gurbir Grewal was the Attorney General for New Jersey.)

In May, the SEC also announced that it settled charges against a technology company for making allegedly inadequate disclosures concerning the impact of cryptomining on the company’s gaming business.[81] The SEC’s order found that, during consecutive quarters in fiscal year 2018, the company failed to disclose that cryptomining was a significant element of its material revenue growth. Specifically, the SEC alleged that the company did not disclose in its Forms 10-Q significant earnings and cash flow fluctuations related to a “volatile business” for investors to ascertain the likelihood that past performance was indicative of future performance. The SEC also alleged that the company’s omissions about the growth of the company’s gaming business were misleading given that the company made statements about how other parts of the company’s business were driven by demand for crypto. Without admitting or denying the SEC’s findings, the company agreed to a cease-and-desist order and to pay a $5.5 million penalty.

VI. Insider Trading

In January, the SEC announced insider trading charges against three Florida residents for allegedly trading in advance of market-moving announcements by three companies.[82] The SEC alleged that one of the individuals obtained non-public information from an insider family member and used it to trade in advance of one company’s earnings announcement, another company’s tender offer, and a third company’s merger announcement, gaining more than $600,000 in personal brokerage profits. The individual allegedly tipped off two friends, who also allegedly traded ahead of these announcements and who were likewise charged by the SEC. According to the SEC’s complaint, one of the tippees used various accounts to trade ahead of all three announcements, resulting in profits of over $4 million; the other tippee allegedly reaped profits of approximately $120,000. The SEC’s complaint seeks permanent injunctions and civil penalties. The U.S. Attorney’s Office of the District of Massachusetts announced criminal charges against the three men for the same conduct.

In March, the SEC filed a complaint against three software engineers of a communications tech company and four of their associates for allegedly trading on confidential information ahead of the company’s positive earnings announcement for the first quarter of 2020.[83] The SEC alleged that the software engineers had learned through their company’s databases that the company’s customers had increased usage of the company’s products and services in response to health measures imposed by the COVID-19 pandemic. The SEC further alleged that the software engineers discussed in a group chat that the company’s stock price would “rise for sure,” after which they tipped off, or used the brokerage accounts of, four of their family members and close friends to trade stock and options in advance of the earnings announcement to generate more than $1 million in profit. The SEC’s action is pending in the Northern District of California. The U.S. Attorney’s Office for the Northern District of California announced criminal charges against one of the tippees.

In April, the SEC announced a settled action against a former accountant of a large multinational restaurant chain for an alleged long-running scheme to trade on confidential information the accountant obtained through his role at the company in advance of the company’s earnings announcements.[84] The SEC alleged that, from 2015 to 2020, the employee engaged in trades across multiple different brokerage accounts tied to himself and family members in advance of earnings announcements, resulting in more than $960,000 in profits. Without admitting or denying the allegations, the accountant consented to an order permanently enjoining him from future violations and to a penalty of over $1.9 million. He also agreed to a suspension from appearing or practicing before the SEC.

In June, the SEC announced settled insider trading charges against a former software engineer of an online gambling company and his longtime friend for allegedly trading on confidential information about the gambling company’s interest in acquiring a mobile sports media company.[85] The SEC alleged that the software engineer purchased 500 out-of-the-money call options on the target mobile sports media company in the weeks and days leading up to the announcement of the acquisition, despite being told not to trade on the information he received. The SEC also alleged that he tipped off his friend about the impending deal through an encrypted messaging application, resulting in approximately $600,000 in combined profits. Without admitting or denying the allegations, the two individuals agreed to a permanent injunction, disgorgement, and civil penalties totaling more than $11,000. The U.S. Attorney’s Office for the Eastern District of Pennsylvania also announced criminal charges against the former software engineer.

VII. Trading and Markets

In March, the SEC commenced an action against five individuals for operating a call center in Colombia that allegedly employed high-pressure sales tactics and made misleading statements to sell the stock of at least 18 small companies trading in U.S. markets.[86] The SEC alleged that the defendants’ call centers employed false personas—including fake names, websites, and phone numbers—to appear as investment management firms. According to the complaint, the call centers then generated over $58 million in trading by making misleading or false statements about the stocks’ prospects for success. The SEC alleged that the defendants received roughly $10 million in exchange for their promotion of these thinly traded stocks. The SEC’s complaint seeks a permanent injunction, disgorgement and civil penalties, and a penny stock bar against the defendants. The complaint also names three additional individuals and one entity as relief defendants and seeks disgorgement from these parties as well.

In April, the SEC brought an action against an individual for making an allegedly false and misleading tender offer announcement.[87] According to the SEC’s complaint, the defendant allegedly placed an advertisement in the New York Times announcing a proposed purchase of all existing stock of a large defense company at a substantial premium. The SEC alleged that this offer was false and misleading because neither the defendant nor his company had the resources necessary to complete the transaction. Moreover, the complaint alleged that the defendant failed to disclose a series of bankruptcies and default judgments and mischaracterized the operations and assets of his company’s corporate parent. The complaint seeks injunctive relief, a monetary penalty, and an officer and director bar against the defendant. In a parallel action, the U.S. Attorney’s Office for the Southern District of New York announced criminal charges against the defendant.

Also in April, the Commission, in three separate complaints, commenced actions against 15 individuals and one entity for engaging in a complex series of allegedly fraudulent microcap operations spanning three continents and generating more than $194 million in illicit proceeds.[88] The SEC alleged that, over many years, various defendants acquired, via offshore companies, majority interests in the penny stocks of at least 17 issuers. Thereafter, the SEC alleged that certain defendants funded promotional campaigns for these stocks to increase demand, at which point some defendants allegedly sold their stocks for significant profits. Two of the three complaints further allege that some defendants used encrypted messaging services and code names to communicate with each other and with offshore trading platforms about the scheme to avoid being detected by regulators. The press release announcing these enforcement actions stated that more than 20 countries’ law enforcement authorities and securities regulators contributed to the SEC’s investigation, which is also associated with parallel criminal actions by the U.S. Attorney’s Office for the Southern District of New York.

Also in April, the SEC filed an action against the owner of an investment firm, as well as the firm’s CFO, head trader, and chief risk officer based on allegations of securities fraud based on misrepresentations and omissions as well as market manipulation, all relating to the trading of certain securities over a seven-month period.[89] The SEC alleged that the owner had purchased, on margin, billions of dollars of total return swaps, resulting in bank counterparties taking on significant positions in the equity securities of the relevant symbols for the purpose of hedging the risk of the swaps. According to the SEC, these swap purchases were intended to drive up the price of the securities. The CFTC also brought a complaint relating to misrepresentations and omissions—but did not allege market manipulation—and the U.S. Attorney’s Office for the Southern District of New York also announced that it is pursuing criminal charges against the individuals involved for the same conduct.

In June, the SEC announced a settled action against an investment adviser based on allegations that on seven occasions between December 2020 and February 2021 the firm violated Rule 105 of Regulation M of the Exchange Act by buying stock shortly after shorting that same stock during a restricted period (i.e., before a covered public offering).[90] The order explains that the firm had relevant policies and procedures and that its systems detected the possible violations both before and after the firm participated in the offerings. In each instance, according to the SEC, the firm’s traders and compliance department bypassed the systematic alerts and exceptions based on their own miscalculations of the restricted period. Thereafter, according to the order, the firm self-identified its errors and the violations, voluntarily and proactively remediated the errors and self-reported the violations to the SEC. Without admitting or denying the SEC’s allegations, the firm agreed to pay a fine of $200,000 and $6.7 million in disgorged profits.

VIII. Municipal Securities

In March, the SEC announced a settled action against a school district and its former CFO, alleging that they misled investors who purchased $20 million in municipal bonds.[91] The SEC also announced settled charges against the district’s auditor for alleged impropriety in connection with an audit of the district’s financial statements. According to the SEC’s complaint and orders, the district and CFO provided investors with misleading financial statements containing inflated general fund reserves and omitted payroll and construction liabilities. The district, without admitting or denying any findings, agreed to settle the SEC’s charges by consenting to a cease-and-desist order. The former CFO, also without admitting or denying the allegations, agreed to pay a $30,000 penalty and not participate in future municipal offerings. The auditor, without admitting or denying any findings, agreed to a suspension of at least three years from appearing or practicing before the SEC as an accountant and from certain auditor roles.

In June, the SEC brought an action against a town, its former mayor, the town’s unregistered municipal adviser, and the adviser’s owner, for allegedly misleading investors who purchased $5.8 million in municipal bonds across two offerings to finance the development of a water system and improvements to a sewer system.[92] According to the SEC’s complaints and order, the town submitted false financial projections, created by the municipal adviser with approval by the then-mayor, overstating the number of sewer customers in order to mislead a state agency commission that needed to approve the offerings. In turn, the town and its then-mayor allegedly failed to disclose to investors that approval of the bonds was based on the allegedly false projections or that the mayor had misused proceeds from prior offerings. Without admitting or denying the findings, the town agreed to settle with the SEC by consenting to a cease-and-desist order, while the municipal adviser and its owner also agreed pay disgorgement and civil penalties in amounts to be determined at a later date.

Also in June, the SEC instituted an action against a city, its former finance director, and its school district’s former CFO, alleging that they misled investors who purchased $119 million in municipal bonds.[93] The SEC also instituted an action against the city’s municipal adviser and its principal for allegedly misleading investors and breaching their fiduciary duty to the city. According to the SEC’s complaint, the defendants provided investors with misleading bond offering documents that failed to disclose the district’s financial distress stemming from spending on teacher salaries. The SEC alleged that the district’s former CFO was aware the district was facing at least a $25 million budget shortfall but misled a credit rating agency regarding the magnitude of the budget shortfall. The school district’s former CFO agreed to settle with the SEC, without admitting or denying any findings, and to pay a $25,000 penalty.

______________________________

[1] See, e.g., SEC Press Release, BlockFi Agrees to Pay $100 Million in Penalties and Pursue Registration of its Crypto Lending Product (Feb. 14, 2022), available at https://www.sec.gov/news/press-release/2022-26; SEC Press Release, Ernst & Young to Pay $100 Million Penalty for Employees Cheating on CPA Ethics Exams and Misleading Investigation (June 28, 2022), available at https://www.sec.gov/news/press-release/2022-114.

[2] SEC Press Release, SEC Charges Firm and Five Brokers with Violations of Reg BI (June 16, 2022), available at https://www.sec.gov/news/press-release/2022-110.

[3] Id.

[4] SEC Statement, Statement on Settlement with BlockFi Lending LLC (Feb. 14, 2022) (Commissioner Hester M. Peirce), available at https://www.sec.gov/news/statement/peirce-blockfi-20220214.

[5] SEC Statement, Statement on In the Matter of Lloyd D. Reed (Apr. 5, 2022) (Commissioner Hester M. Peirce), available at https://www.sec.gov/news/statement/peirce-lloyd-reed-20220405.

[6] SEC Statement, Statement Regarding In the Matter of Aegis Capital Corporation (July 28, 2022) (Commissioner Hester M. Peirce), available at https://www.sec.gov/news/statement/peirce-statement-aegis-capital-corporation-072822.

[7] SEC Statement, When Voluntary Means Mandatory and Forever: Statement on In the Matter of Ernst & Young LLP (June 28, 2022) (Commissioner Hester M. Peirce), available at https://www.sec.gov/news/statement/peirce-statement-ernst-and-young-062822.

[8] SEC Press Release, Mark T. Uyeda Sworn In as SEC Commissioner (June 30, 2022), available at https://www.sec.gov/news/press-release/2022-118.

[9] SEC Statement, Statement on Senate Confirmation of Jaime Lizárraga and Mark Uyeda (June 16, 2022), available at https://www.sec.gov/news/statement/commissioners-statement-confirmation-lizararago-uyeda.

[10] White House Press Release, President Biden Announces Key Nominees (Apr. 6, 2022), available at https://www.whitehouse.gov/briefing-room/statements-releases/2022/04/06/president-biden-announces-key-nominees-10/.

[11] SEC Press Release, SEC Announces New Leadership in Examinations Division and New York Regional Office (Mar. 24, 2022), available at https://www.sec.gov/news/press-release/2022-49.

[12] SEC Press Release, Richard R. Best Named Director of Division of Examinations (May 24, 2022), available at https://www.sec.gov/news/press-release/2022-87.

[13] SEC Press Release, Kristin Snyder, Deputy Director of Division of Examinations, to Leave SEC (Jan. 27, 2022), available at https://www.sec.gov/news/press-release/2022-13.

[14] SEC Press Release, Lori H. Price Named Acting Director of the Office of Credit Ratings; Ahmed Abonamah to Leave SEC (Feb. 1, 2022), available at https://www.sec.gov/news/press-release/2022-16.

[15] SEC Press Release, Kelly L. Gibson, Director of the Philadelphia Regional Office, to Leave the SEC; Scott Thompson and Joy Thompson named Office Acting Co-Heads (Feb. 11, 2022), available at https://www.sec.gov/news/press-release/2022-25.

[16] SEC Press Release, SEC Announces New Leadership in Examinations Division and New York Regional Office (Mar. 24, 2022), available at https://www.sec.gov/news/press-release/2022-49.

[17] SEC Press Release, San Francisco Regional Director Erin E. Schneider to Leave Agency (Mar. 25, 2022), available at https://www.sec.gov/news/press-release/2022-51.

[18] SEC Press Release, Tracy S. Combs Named Director of SEC’s Salt Lake Regional Office (June 29, 2022), available at https://www.sec.gov/news/press-release/2022-115.

[19] SEC Press Release, Denver Regional Director Kurt L. Gottschall to Leave SEC (June 29, 2022), available at https://www.sec.gov/news/press-release/2022-116.

[20] U.S. Securities and Exchange Commission, Proposed Rule (RIN 3235-AM90), Special Purpose Acquisition Companies, Shell Companies, and Projections (Mar. 30, 2022), available at https://www.gibsondunn.com/sec-proposes-rules-to-align-spacs-more-closely-with-ipos/https://www.gibsondunn.com/2022-mid-year-securities-enforcement-update/#_edn1.

[21] SEC Press Release, SEC Proposes Rules to Enhance Disclosure and Investor Protection Relating to Special Purpose Acquisition Companies, Shell Companies, and Projections (Mar. 30, 2022), available at https://www.sec.gov/news/press-release/2022-56.

[22] Id.

[23] SEC Press Release, SEC Proposes Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies (Mar. 9, 2022), available at https://www.sec.gov/news/press-release/2022-39.

[24] SEC Press Release, SEC Proposes Cybersecurity Risk Management Rules and Amendments for Registered Investment Advisers and Funds (Feb. 9, 2022), available at https://www.sec.gov/news/press-release/2022-20.

[25] Spotlight on Enforcement Task Force Focused on Climate and ESG Issues, available at https://www.sec.gov/spotlight/enforcement-task-force-focused-climate-esg-issues.

[26] SEC Press Release, SEC Proposes Rules to Enhance and Standardize Climate-Related Disclosures for Investors (Mar. 21, 2022), available at https://www.sec.gov/news/press-release/2022-46.

[27] SEC Statement, Remarks at Financial Stability Oversight Counsel Meeting (July 28, 2022) (Chair Gary Gensler), available at https://www.sec.gov/news/speech/gensler-statement-financial-stability-oversight-council-meeting-072822.

[28] SEC Press Release, SEC Proposes to Enhance Disclosures by Certain Investment Advisers and Investment Companies About ESG Investment Practices (May 25, 2022), available at https://www.sec.gov/news/press-release/2022-92.

[29] SEC Press Release, SEC Proposes Rule Changes to Prevent Misleading or Deceptive Fund Names (May 25, 2022), available at https://www.sec.gov/news/press-release/2022-91.

[30] SEC Press Release, SEC Proposed Changes to Two Whistleblower Program Rules (Feb. 10, 2022), available at https://www.sec.gov/news/press-release/2022-23.

[31] Id.

[32] Id.

[33] SEC Press Release, SEC Awards Over $13 Million to Whistleblower (Jan. 6, 2022), available at https://www.sec.gov/news/press-release/2022-2.

[34] SEC Press Release, SEC Issues Awards Totaling More Than $4 Million to Whistleblowers (Jan. 10, 2022), available at https://www.sec.gov/news/press-release/2022-5.

[35] SEC Press Release, SEC Issues Awards Totaling More Than $40 Million to Four Whistleblowers (Jan. 21, 2022), available at https://www.sec.gov/news/press-release/2022-7.

[36] SEC Press Release, SEC Awards More Than $3.5 Million to Whistleblower (Mar. 8, 2022), available at https://www.sec.gov/news/press-release/2022-38.

[37] SEC Press Release, SEC Awards Approximately $14 Million to Whistleblower (Mar. 11, 2022), available at https://www.sec.gov/news/press-release/2022-40.

[38] SEC Press Release, SEC Issues Awards Totaling Approximately $3 Million to Three Whistleblowers (Mar. 18, 2022), available at https://www.sec.gov/news/press-release/2022-45.

[39] SEC Press Release, SEC Awards $1.25 Million to Whistleblower (Mar. 25, 2022), available at https://www.sec.gov/news/press-release/2022-52.

[40] SEC Press Release, SEC Issues $6 Million Award to Five Whistleblowers (Apr. 25, 2022), available at https://www.sec.gov/news/press-release/2022-67.

[41] SEC Press Release, SEC Issues Nearly $3.5 Million Award to Four Whistleblowers (May 6, 2022), available at https://www.sec.gov/news/press-release/2022-80.

[42] SEC Press Release, SEC Charges Health Care Co. and Two Former Employees for Accounting Improprieties (Feb. 22, 2022), available at https://www.sec.gov/news/press-release/2022-31.

[43] SEC Press Release, Atlanta-Based Pest Control Company, Former CFO Charged with Improper Earnings Management (Apr. 18, 2022), available at https://www.sec.gov/news/press-release/2022-64.

[44] SEC Press Release, SEC Charges New Jersey Software Company and Senior Employees with Accounting-Related Misconduct (June 7, 2022), available at https://www.sec.gov/news/press-release/2022-101.

[45] SEC Press Release, Remediation Helps Tech Company Avoid Penalties (Jan. 28, 2022), available at https://www.sec.gov/news/press-release/2022-14.

[46] SEC Press Release, SEC Charges Senior Executive of Brazilian Company with Fraud (Apr. 18, 2022), available at https://www.sec.gov/news/press-release/2022-63.

[47] SEC Press Release, SEC Charges Company and Former CEO with Misleading Investors about the Sale of COVID-19 Test Kits (May 31, 2022), available at https://www.sec.gov/news/press-release/2022-94.

[48] SEC Press Release, SEC Charges Egan-Jones Ratings Co. and CEO with Conflict of Interest Violations (June 21, 2022), available at https://www.sec.gov/news/press-release/2022-111.

[49] SEC Press Release, SEC Charges CohnReznick LLP and Three Partners with Improper Professional Conduct (June 8, 2022), available at https://www.sec.gov/news/press-release/2022-102.

[50] SEC Press Release, SEC Adds Fraud Charges Against Purported Cryptocurrency Company Longfin, CEO, and Consultant (June 5, 2019), available at https://www.sec.gov/news/press-release/2019-90.

[51] SEC Press Release, SEC Obtains Final Judgment Against Sequential Brands Group, Inc. for Failing to Timely Impair Goodwill (Dec. 15, 2021), available at https://www.sec.gov/litigation/litreleases/2021/lr25289.htm.

[52] SEC Press Release, Ernst & Young to Pay $100 Million Penalty for Employees Cheating on CPA Ethics Exams and Misleading Investigation (June 28, 2022), available at https://www.sec.gov/news/press-release/2022-114.

[53] SEC Statement, When Voluntary Means Mandatory and Forever: Statement on In the Matter of Ernst & Young LLP (June 28, 2022) (Commissioner Hester M. Peirece), available at https://www.sec.gov/news/statement/peirce-statement-ernst-and-young-062822.

[54] SEC Press Release, Former Financial Advisor Charged with Stealing $5.8 Million from Client (Jan. 24, 2022), available at https://www.sec.gov/news/press-release/2022-8.

[55] SEC Press Release, SEC Charges Previously-Barred Investment Adviser with Fraud (Mar. 7, 2022), available at https://www.sec.gov/news/press-release/2022-35.

[56] SEC News Digest, David Schamens Barred (May 19, 1992), available at https://www.sec.gov/news/digest/1992/dig051992.pdf.

[57] SEC Press Release, SEC Halts Alleged Ongoing $39 Million Fraud by Hedge Fund Adviser (May 25, 2022), available at https://www.sec.gov/news/press-release/2022-90.

[58] SEC Press Release, SEC Charges Robo-Adviser with Misleading Clients (Feb. 10, 2022), available at https://www.sec.gov/news/press-release/2022-24.

[59] SEC Press Release, SEC Charges Infinity Q Founder with Orchestrating Massive Valuation Fraud (Feb. 17, 2022), available at https://www.sec.gov/news/press-release/2022-29.

[60] Investment Company Act Release No. 34198 (Feb. 21, 2021), available at https://www.sec.gov/rules/ic/2021/ic-34198.pdf.

[61] SEC Press Release, City National Rochdale to Pay More Than $30 Million for Undisclosed Conflicts of Interest (Mar. 3, 2022), available at https://www.sec.gov/news/press-release/2022-33.

[62] SEC Press Release, SEC Charges Venture Capital Fund Adviser with Misleading Investors (Mar. 4, 2022), available at https://www.sec.gov/news/press-release/2022-34.

[63] SEC Press Release, Medley Management and Former Co-CEOs to Pay $10 Million Penalty for Misleading Investors and Clients (Apr. 28, 2022), available at https://www.sec.gov/news/press-release/2022-73.

[64] SEC Press Release, SEC Charges BNY Mellon Investment Adviser for Misstatements and Omissions Concerning ESG Considerations (May 23, 2022), available at https://www.sec.gov/news/press-release/2022-86.

[65] SEC Press Release, SEC Charges RiverSource Distributors with Improper Switching of Variable Annuities (May 25, 2022), available at https://www.sec.gov/news/press-release/2022-89.

[66] SEC Press Release, SEC Charges Allianz Global Investors and Three Former Senior Portfolio Managers with Multibillion Dollar Securities Fraud (May 17, 2022), available at https://www.sec.gov/news/press-release/2022-84.

[67] SEC Press Release, Schwab Subsidiaries Misled Robo-Adviser Clients about Absence of Hidden Fees (June 13, 2022), available at https://www.sec.gov/news/press-release/2022-104.

[68] SEC Press Release, SEC Charges Private Equity Adviser for Failing to Disclose Disproportionate Expense Allocations to Fund (June 14, 2022), available at https://www.sec.gov/news/press-release/2022-107.

[69] SEC Press Release, UBS to Pay $25 Million to Settle SEC Fraud Charges Involving Complex Options Trading Strategy (June 29, 2022), available at https://www.sec.gov/news/press-release/2022-117.

[70] SEC Press Release, SEC Proposes to Enhance Private Fund Investor Protection (Feb. 9, 2022), available at https://www.sec.gov/news/press-release/2022-19.

[71] Information Update, Division of Investment Management Staff Statement Regarding Withdrawal and Modification of Staff Letters Related to Rulemaking on Investment Adviser Marketing (Oct. 2021), available at https://www.sec.gov/files/2021-10-information-update.pdf

[72] SEC Press Release, SEC Charges TradeZero America and Co-Founder with Deceiving Customers about Meme Stock Trading Halts (May 24, 2022), available at https://www.sec.gov/news/press-release/2022-88.

[73] SEC Press Release, SEC Charges 12 Additional Financial Firms for Failure to Meet Form CRS Obligations (Feb. 15, 2022), available at https://www.sec.gov/news/press-release/2022-27.

[74] SEC Press Release, SEC Charges Wells Fargo Advisors With Anti-Money Laundering Related Violations (May 20, 2022), available at https://www.sec.gov/news/press-release/2022-85.

[75] SEC Press Release, SEC Charges Firm and Five Brokers with Violations of Reg BI (June 16, 2022), available at https://www.sec.gov/news/press-release/2022-110.

[76] SEC Press Release, SEC Nearly Doubles Size of Enforcement’s Crypto Assets and Cyber Unit (May 3, 2022), available at https://www.sec.gov/news/press-release/2022-78.

[77] SEC Press Release, SEC Charges ICO Issuer and Founder with Defrauding Investors (Jan. 6, 2022), available at https://www.sec.gov/news/press-release/2022-3.

[78] SEC Press Release, SEC Charges Siblings in $124 Million Crypto Fraud Operation that included Misleading Roadshows, YouTube Videos (Mar. 8, 2022), available at https://www.sec.gov/news/press-release/2022-37.

[79] SEC Press Release, SEC Halts Fraudulent Cryptomining and Trading Scheme (May 6, 2022), available at https://www.sec.gov/news/press-release/2022-81.

[80] SEC Press Release, BlockFi Agrees to Pay $100 Million in Penalties and Pursue Registration of its Crypto Lending Product (Feb. 14, 2022), available at https://www.sec.gov/news/press-release/2022-26.

[81] SEC Press Release, SEC Charges NVIDIA Corporation with Inadequate Disclosures about Impact of Cryptomining (May 6, 2022), available at https://www.sec.gov/news/press-release/2022-79.

[82] SEC Press Release, SEC Charges Three Florida Residents in Multi-Million Dollar Insider Trading Scheme (Jan. 6, 2022), available at https://www.sec.gov/news/press-release/2022-4.

[83] SEC Press Release, SEC Charges Seven California Residents in Insider Trading Ring (Mar. 28, 2022), available at https://www.sec.gov/news/press-release/2022-55.

[84] SEC Press Release, Former Domino’s Pizza Accountant to Pay Nearly $2 Million Penalty for Insider Trading (Apr. 21, 2022), available at https://www.sec.gov/news/press-release/2022-66.

[85] SEC Press Release, SEC Charges Former Employee of Online gambling Company with Insider Trading (June 13, 2022), available at https://www.sec.gov/news/press-release/2022-105.

[86] SEC Press Release, SEC Charges Call Center Operators in $58 Million Penny Stock Scheme (Mar. 15, 2022), available at https://www.sec.gov/news/press-release/2022-41.

[87] SEC Press Release, SEC: Takeover Bid of Fortune 500 Company was a Sham (Apr. 5, 2022), available at https://www.sec.gov/news/press-release/2022-58.

[88] SEC Press Release, SEC Uncovers $194 Million Penny Stock Schemes that Spanned Three Continents (Apr. 18, 2022), available at https://www.sec.gov/news/press-release/2022-62.

[89] SEC Press Release, SEC Charges Archegos and its Founder with Massive Market Manipulation Scheme (Apr. 27, 2022), available at https://www.sec.gov/news/press-release/2022-70.

[90] SEC Press Release, SEC Charges Weiss Asset Management with Short Selling Violations (June 14, 2022), available at https://www.sec.gov/news/press-release/2022-106.

[91] SEC Press Release, SEC Charges Texas School District and its Former CFO with Fraud in $20 Million Bond Sale (Mar. 16, 2022), available at https://www.sec.gov/news/press-release/2022-43.

[92] SEC Press Release, SEC Charges Louisiana Town and Former Mayor with Fraud in Two Municipal Bond Deals (June 2, 2022), available at https://www.sec.gov/news/press-release/2022-97.

[93] SEC Press Release, SEC Charges Rochester, NY, and City’s Former Executives and Municipal Advisor with Misleading Investors (June 14, 2022), available at https://www.sec.gov/news/press-release/2022-108.

The following Gibson Dunn lawyers assisted in the preparation of this client update: Mark Schonfeld, Richard Grime, Barry Goldsmith, Tina Samanta, David Ware, Lauren Cook Jackson, Timothy Zimmerman, Luke Dougherty, Zoey Goldnick, Kate Googins, Ben Gibson, Jimmy Pinchak, and Sean Brennan*.

Gibson Dunn is one of the nation’s leading law firms in representing companies and individuals who face enforcement investigations by the Securities and Exchange Commission, the Department of Justice, the Commodities Futures Trading Commission, the New York and other state attorneys general and regulators, the Public Company Accounting Oversight Board (PCAOB), the Financial Industry Regulatory Authority (FINRA), the New York Stock Exchange, and federal and state banking regulators.

Our Securities Enforcement Group offers broad and deep experience. Our partners include the former Director of the SEC’s New York Regional Office, the former head of FINRA’s Department of Enforcement, the former United States Attorneys for the Central and Eastern Districts of California and the District of Maryland, and former Assistant United States Attorneys from federal prosecutors’ offices in New York, Los Angeles, San Francisco and Washington, D.C., including the Securities and Commodities Fraud Task Force.

Securities enforcement investigations are often one aspect of a problem facing our clients. Our securities enforcement lawyers work closely with lawyers from our Securities Regulation and Corporate Governance Group to provide expertise regarding parallel corporate governance, securities regulation, and securities trading issues, our Securities Litigation Group, and our White Collar Defense Group.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work or any of the following:

Securities Enforcement Practice Group Leaders:
Richard W. Grime – Washington, D.C. (+1 202-955-8219, [email protected])
Mark K. Schonfeld – New York (+1 212-351-2433, [email protected])

Please also feel free to contact any of the following practice group members:

New York
Zainab N. Ahmad (+1 212-351-2609, [email protected])
Reed Brodsky (+1 212-351-5334, [email protected])
Joel M. Cohen (+1 212-351-2664, [email protected])
James J. Farrell (+1 212-351-5326, [email protected])
Barry R. Goldsmith (+1 212-351-2440, [email protected])
Mary Beth Maloney (+1 212-351-2315, [email protected])
Alexander H. Southwell (+1 212-351-3981, [email protected])
Lawrence J. Zweifach (+1 212-351-2625, [email protected])
Tina Samanta (+1 212-351-2469, [email protected])

Washington, D.C.
Stephanie L. Brooker (+1 202-887-3502, [email protected])
Daniel P. Chung (+1 202-887-3729, [email protected])
M. Kendall Day (+1 202-955-8220, [email protected])
Jeffrey L. Steiner (+1 202-887-3632, [email protected])
Patrick F. Stokes (+1 202-955-8504, [email protected])
F. Joseph Warin (+1 202-887-3609, [email protected])
Lauren Cook Jackson (+1 202-955-8293, [email protected])
David C. Ware (+1 202-887-3652, [email protected])

San Francisco
Winston Y. Chan (+1 415-393-8362, [email protected])
Thad A. Davis (+1 415-393-8251, [email protected])
Charles J. Stevens (+1 415-393-8391, [email protected])
Michael Li-Ming Wong (+1 415-393-8234, [email protected])

Palo Alto
Michael D. Celio (+1 650-849-5326, [email protected])
Paul J. Collins (+1 650-849-5309, [email protected])
Benjamin B. Wagner (+1 650-849-5395, [email protected])

Denver
Robert C. Blume (+1 303-298-5758, [email protected])
Monica K. Loseman (+1 303-298-5784, [email protected])

Los Angeles
Michael M. Farhang (+1 213-229-7005, [email protected])
Douglas M. Fuchs (+1 213-229-7605, [email protected])
Nicola T. Hanna (+1 213-229-7269, [email protected])
Debra Wong Yang (+1 213-229-7472, [email protected])

* Sean Brennan and Jimmy Pinchak are recent law graduates working in the firm’s Washington, D.C., and New York offices, respectively.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Gibson Dunn has surveyed the comment letters submitted by public and private energy companies and related industry associations regarding the proposed rules by the Securities and Exchange Commission (the “SEC” or “Commission”) on climate change disclosure requirements for U.S. public companies and foreign private issuers (the “Proposed Rules”).[1]

Based on our review of these comment letters, we have seen general support for transparent and consistent climate-related disclosures, along with a concern that the Proposed Rules do not reconcile with the SEC’s stated objective “to advance the Commission’s mission to protect investors, maintain fair, orderly and efficient markets, and facilitate capital formation, not to address climate-related issues more generally.”[2] Overarching themes included (i) general support for the Commission’s decision to base the Proposed Rules on the Task Force on Climate-Related Financial Disclosures (“TCFD”) framework and Greenhouse Gas Protocol (“GHG Protocol”), (ii) concern with deviation from the long-standing materiality threshold, (iii) concern that the Proposed Rules would overload investors with immaterial, uncomparable, or unreliable data, and (iv) questions as to whether the Proposed Rules would cause an unintended chilling effect on companies to set internal emissions reduction targets or other climate-related goals to avoid additional liability risks in disclosing such goals. The proposed disclosure requirements receiving the most comments from energy industry companies relate to (i) the Greenhouse Gas (“GHG”) emissions reporting (particularly Scope 3 emissions) and (ii) the amendments to financial statement disclosure in Regulation S-X (particularly the 1% materiality threshold). In addition to these higher-level observations, this client alert also provides a more granular review of the energy industry’s comments on specific provisions of the Proposed Rules.

I. Background on the Proposed Rules

The proposed climate change reporting framework laid out in the 500+ page Proposed Rules is extensive and detailed, with disclosure requirements that are mostly prescriptive rather than principles-based. Rather than creating a new stand-alone reporting form, the Commission proposed amending Regulation S-K and Regulation S-X to create a climate change reporting framework within existing registration statements and reports under the Securities Act of 1933 (the “Securities Act”) and the Securities Exchange Act of 1934 (the “Exchange Act”).

The Proposed Rules would amend (i) Regulation S-K to require a new, separately captioned “Climate-Related Disclosure” section in applicable SEC filings, which would cover a range of climate-related information, and (ii) Regulation S-X to require certain climate-related financial statement metrics and related disclosures in a separate footnote to companies’ annual audited financial statements. While brief summaries of certain of the proposed disclosure requirements are provided in this alert, for a more detailed description of the Proposed Rules, we encourage you to read our prior alert, “Summary of and Considerations Regarding the SEC’s Proposed Rules on Climate Change Disclosure (link),” and view our webcast, “Understanding the SEC Rule Proposal on Climate Change Disclosure (link).”

II. Comment Letter Highlights

To contribute to our understanding of the general reaction of the energy industry to the Proposed Rules, we conducted a survey of what we believe are all comment letters submitted to the SEC through June 17, 2022 (the deadline for comment submissions) by public and private energy and energy services companies and related industry associations. Of the 62 comment letters we reviewed, 31 such comment letters were submitted by U.S. public reporting companies, 10 such comment letters were submitted by non-reporting companies, and the remaining 21 comment letters were submitted by industry associations. The following charts highlight the frequency of comments by the 31 public reporting companies and the 21 industry associations on a particular requirement in the Proposed Rules. The specific comments are described more fully in the sections following the chart. We note that not all comment letters addressed each particular requirement, and we did not assume that the absence of a comment on a proposed requirement by any company or association suggests approval of such proposed disclosure requirement.

[chart]

III. Reactions to Proposed Reg. S-K Amendments

We summarize below the most frequent comments on the following proposed Reg. S-K disclosure requirements:

1. GHG Emissions Reporting
2. Climate-related risks
3. Climate-related risk oversight & management
4. Climate-related impacts on strategy, business model & outlook
5. Attestation of GHG Emissions
6. Targets, Goals & Transition Plans

A. GHG Emissions Reporting

Proposed Item 1504 of Reg. S-K would require companies to disclose Scope 1, Scope 2 and, in some cases, Scope 3 “GHG emissions … for [their] most recently completed fiscal year, and for the historical fiscal years included in [their] consolidated financial statements in the filing, to the extent such historical GHG emissions data is reasonably available.” The Commission based the GHG emissions disclosure requirements in the Proposed Rules on the GHG Protocol, which is a leading accounting and reporting standard for GHG emissions.

With respect to Scope 3 emissions, all reporting companies (other than smaller reporting companies) would be required to disclosure Scope 3 emissions, only if material or if the company has set a GHG emissions reduction target or goal that includes its Scope 3 emissions. The Proposed Rules presume that Scope 3 emissions are likely to be material for “oil and gas product manufacturers.”

The Proposed Rules include a limited safe harbor from liability for Scope 3 disclosures, providing that such disclosures will not be deemed fraudulent, “unless it is shown that such statement was made or reaffirmed without a reasonable basis or was disclosed other than in good faith.”

90% of public company letters and 90% of industry association letters commented on the GHG emissions reporting requirements, with particular focus on (i) the disclosure requirements in the Proposed Rule as compared to existing GHG emissions reporting requirements of the Environmental Protection Agency (“EPA”), (ii) the materiality of GHG emissions as defined, particularly with respect to Scope 3 emissions, and (iii) safe harbors for GHG emissions disclosure.

Sample Comments on GHG Emissions Reporting:

“We . . . suggest that the SEC work with the EPA to ensure its standards for Scopes 1 and 2 GHG emissions are sound and consistent. The Proposal acknowledges that the EPA already requires, and makes available to the public, reporting of certain GHG emissions, and we believe the EPA is best positioned to regulate emissions reporting from a scientific standpoint.”
“The SEC should not require GHG intensity disclosures for registrants that are not primarily involved in production activities, as such disclosures could lead to confusion and inaccurately suggest to investors that such data is comparable. Alternatively, the disclosure requirements should provide flexibility to account for differences in underlying business operations, including allowing midstream companies to report GHG intensity on a reasonable and supportable normalized basis of their choosing, or perhaps on a standardized basis developed and adopted by the industry over time (e.g., GHG intensity based on a ratio of emissions relative to throughput).”
“[T]he Proposal would require registrants to report GHG emissions data for certain entities, such as joint ventures, over which they have no operational control. . . . For those [joint ventures] that we do not operate, there is a potential barrier for [us] to obtain required GHG data, as a joint venture partner may (i) not have the necessary information, (ii) be unwilling to provide it, or (iii) calculate it using methodologies or assumptions that conflict with those used by [us]. This will increase the liability for registrants if they are unable to obtain or cannot verify the accuracy of information that is not within their control. The SEC should allow registrants to report GHG emissions on an operated basis (vs. on an equity ownership basis), meaning the registrant would report emissions from assets operated by either the registrant or entities under its direct control.”
“[T]here is an absence of materiality qualifiers applicable to the disclosure of Scope 1 and Scope 2 GHG emissions and, for Scope 3 GHG emissions, the materiality qualifier is ill-defined and somewhat esoteric. Gross emissions data should not be overemphasized, and the [EPA’s Greenhouse Gas Reporting Program (“GHGRP”)] and [California’s Regulation for the Mandatory Reporting of Greenhouse Gas Emissions (“MRR”)] have well-defined and understood reporting thresholds. . . . [R]egistrants who are subject to the GHGRP or MRR [should be allowed] to report GHG emissions in their SEC filings in a manner consistent with those programs.”
“Adopting standards that correspond to the GHG Protocol would provide investors with comparable disclosures to those which companies have made historically and to those made by companies not subject to the Commission’s reporting requirements. However, the standards in the Rule Proposal differ significantly from those in the GHG Protocol. For example, the Rule Proposal requires companies to set organizational boundaries for GHG emissions disclosure using the same scope of entities and holdings as those included in their consolidated financial statements. Conversely, the GHG Protocol allows for an equity share or control boundary. This difference in boundaries could lead to companies reporting significantly different emissions than they have historically. Deviating from the GHG Protocol would only serve to confuse investors with differences from companies’ previous GHG emissions disclosure and unnecessarily increase compliance costs as companies would need to recalculate their emissions disclosure both historically and going forward. We urge the Commission to revise the emission standards in the Rule Proposal to match those of the GHG Protocol.”

Sample Comments on Scope 3 Emissions:

“[T]he materiality of Scope 3 emissions must be evaluated on a case-by-case, registrant-by-registrant basis and does not lend itself to across-the-board presumptions of materiality, such as the Proposal implies for ‘oil and gas product manufacturers’. As a strictly exploration and production company, we are not ‘product manufacturers’ but this vague definition creates more uncertainty and underscores the need for Scope 3 materiality to be assessed at a specific registrant level, not by prescriptive assertions within proposed rulemaking.”
“While midstream companies . . . are not generally oil and gas manufacturers, we are concerned with the risk that this presumption creates. . . . In addition, there is currently no standard or guidance for the midstream sector to define, measure or report on Scope 3 emissions. If pipeline companies are required to report emissions attributable to upstream, downstream and end-use activities that are not within our control and are highly uncertain and unreliable, this would result in significant double or multiple counting of emissions across companies.”
“[R]equiring Scope 3 reporting, which includes all ‘upstream’ and ‘downstream’ emissions, . . . would be incredibly cost prohibitive, even with delayed compliance and ‘good faith’ safe harbor protections, and would limit innovation from companies in our supplier base. . . . Because [we have] thousands of vendors and customers, the variability in terms of their use of different methodologies, assumptions and speculation is self-evident. It would be difficult for us to attest even that the information was made on a ‘reasonable’ basis, since we will not be able to obtain sufficient access to the information required to generate Scope 3 emissions reports.”
“Scope 3 disclosure – upstream and downstream – will remain a challenge for many companies during the next few years, until clear methodologies and estimation tools are put in place for each of the 15 categories defined by the GHG Protocol. Providing accurate and faithful estimates will be subject to a large magnitude of uncertainty. [The company] therefore suggests to allow Scope 3 disclosure with a 5 to 10% uncertainty range.”
“Scope 3 emissions methodology double-counts emissions overall, since ‘the scope 3 emissions for one organization are the scope 1 and 2 emissions of another organization.’ Reporting across all 15 categories of Scope 3 emissions will also count the same emissions multiple times by the same party or by different parties in the value chain from initial production to ultimate sale and use of a product. . . . [T]he Proposal as currently written will likely end up enshrining the current, flawed approach as a feature of regulation, with advancement in reporting methodologies contingent on future SEC rulemaking.”

Sample Comments on Safe Harbors for GHG Emissions:

“At a minimum, the Proposed Rule should include Scope 1 and Scope 2 reporting (the latter of which registrants will necessarily need to rely on other entities to provide), as well as any discussion of scenario analysis, within the safe harbor presently proposed for Scope 3 GHG emissions.”
“Considering the nascent nature of the GHG reporting contemplated by the Proposal compared to traditional SEC reporting requirements, [the company] urges the Commission to provide stronger safe harbor protection from liability for all scopes of GHG emissions disclosures.”
“[W]hile we support the disclosure of Scopes 1 and 2 GHG emissions, to the extent the SEC concludes this information should be included in SEC reports, the data should be furnished, not filed, because these metrics are subject to a significant degree of technical estimation and numerous assumptions.”

B. Climate-Related Risks

Proposed Item 1502 of Reg. S-K would require companies to describe “climate-related risks reasonably likely to have a material impact on the registrant, including on its business or consolidated financial statements, which may manifest over the short, medium, and long term.” Based on the definition of “climate-related risks” in the Proposed Rules, companies would need to consider not only the direct impact of climate change on their financial statements and business, but also the indirect impacts on their “value chains.” These “climate-related risks” would be categorized as either a “physical risk” (i.e., related to physical impacts of climate change) or “transition risk” (i.e., related to the transition to a lower-carbon economy).

48% of public company letters and 43% of industry association letters expressed concern about the climate-related risk disclosure requirements, with particular focus on the definitions of “physical risk” and “transition risk,” the assessment of risks over longer time horizons, and the practicality of assessing risks for a registrant’s value chain.

Sample Comments:

“Risks, to the extent they are material, are currently disclosed in the Risk Factors section of our periodic reports and registration statements filed with the Commission. We believe certain aspects of the Proposal’s climate-related risk disclosures that require prospective disclosures will create compliance challenges and lead to volumes of information immaterial to investors. For example, the requirement to disclose risks over the near-, medium- and long-term presents a particularly tricky challenge given the complexity of modeling scenarios and making materiality determinations over extended periods of time, and such assessments may only serve to obscure material near-term risks.”
“Assessing risk of a registrant’s value chain . . . . is especially onerous for a midstream infrastructure company . . . who provides federally regulated transportation services for shippers without necessarily knowing where the product being shipped originated or where it will go or how it will be used once it leaves the pipeline. Even if [a midstream infrastructure company] could reliably identify companies in its value chain and the myriad of climate-related risks they may face, [such company] does not possess special inside information that would allow it to assess the climate-related risk of its value chain for purposes of assessing materiality.”
“[The] expansive definition of climate-related risks including the impacts on our value chains will require us to expend significant resources to assess and measure potential exposure from an endless list of parties outside of our own operations over which we have no control.”
“We request that the Commission remove the requirement to assess physical risks related to the entities with which a registrant does business, apply a materiality threshold to the assessment of direct physical risks, and provide additional clarification on the definitions of physical climate risks (g., ‘water stress,’ ‘wildfire prone,’) on issues such as frequency and severity to ensure the scope of the analysis required under the Proposed Rule is clear. To the extent that the Commission determines that separate disclosures on physical risks as applied to a registrant’s supply chain will be required, it should create a new definition for ‘supply chain risks.’ Disclosures made pursuant to this new definition should then be limited to the extent that such risks are material and identifiable and should be clarified so as not to require registrants to incur costs associated with collecting data from third parties if the information is not readily available.”
“[I]f the Proposed Rules are passed in their current form, it would be the first time that the Commission has required risk disclosures to be specified over prescribed time frames; this would be a significant departure from past practice. . . . The Proposed Rules do not provide a specific range of years to define short-, medium- and long-term time horizons. Instead, the Commission provides flexibility for registrants to select the time horizons and to describe how they define them. As such, the time horizons selected will vary widely across companies, resulting in information that is not comparable or consistent for investors.”
“The detail required in this proposed disclosure – including, for example, requirements for disclosure of specific locations of properties at physical risk (with location defined as a ZIP code or other similar postal code) – would result in disclosure of extensive information that we do not believe would be decision-useful to investor. At the same time, this level of detail could result in unintended negative consequences, including security concerns, competitive harm and conflicts with contractual obligations for a company.”

C. Climate-Related Risk Oversight & Management

Proposed Item 1501 of Reg. S-K would require companies to describe “the [board’s] oversight of climate-related risks” and “management’s role in assessing and managing climate-related risks.” With respect to the board’s role, disclosure would be required as to whether any directors have “expertise in climate-related risks.” In addition, proposed Item 1503 of Reg S-K would require companies to describe, if applicable, “any process the registrant has for identifying, assessing, and managing climate-related risks.”

39% of public company letters and 29% of industry association letters commented on board and management oversight of climate-related risks, with particular focus on the requirement for a “climate expert” on the board, such board member’s liability as a “climate expert” and the impact such requirement would have on the director selection process.

Sample Comments:

“Elevating particular facets of candidate experience above others, by compelling specific disclosure on those topics, creates a value-laden one-size-fits-all disclosure framework that ignores these important differences between companies and their board needs. Over the long term, this will likely impede the ability of boards and their nominating/governance committees to exercise appropriate judgment in candidate selection based on what they view as the most critical attributes needed for their particular businesses (versus feeling compelled to check certain boxes specified by the Commission).”
“While the disclosure requirements around board and management climate-related expertise and decision-making are dressed up as mere disclosure requirements, the aim and practical effect are clear: By requiring extensive annual disclosures on one particular topic, the Commission is necessarily highlighting it above other issues relevant to good governance and effective operations and ensuring that all public companies will pay particular attention to climate-related issues.”
“[T]here is little incentive for an individual to join a board of directors as a designated expert if there is potential for increased liability, including liability under Section 11 of the Securities Act. While we would urge the Commission to delete this disclosure requirement, if nonetheless adopted, the Proposed Rule should provide a safe harbor clarifying that such an expert designation would not impose any duties, obligations, or liability that is greater than the duties, obligations, and liability imposed on such person as a member of the board of directors in the absence of such designation or identification, similar to the safe harbor proposed in the Commission’s cybersecurity proposal.”
“We have serious concerns that the Proposed Rule will remove or impair the company’s flexibility to select (or maintain) the right board members for the job, potentially elevating climate-related expertise over other business considerations in order to comply with the Proposed Rule. The board of a company is responsible for overseeing all aspects of the business, and the Proposed Rule—focused on climate as it is—ensures the overemphasis on one particular aspect of operations, thereby skewing the focus of boards.”
“We do not believe that an in-depth discussion on climate-related expertise is necessary for investors to be able to understand how the board manages oversight of climate-related risks. However, to the extent that the Commission would require disclosure of such information, we recommend that the proxy disclosure rules be revised to require disclosure about any climate-related experience or expertise of board members.”
“The Commission should provide additional guidance as to whether a director’s expertise in climate-related risks can be demonstrated through Board education or whether such expertise must be demonstrated by prior professional experience, as it does with respect to the Audit Committee Financial Expert designation.”

D. Climate-Related Impacts on Strategy, Business Model & Outlook

Proposed Item 1502 of Reg. S-K would also require companies to describe “the actual and potential impacts of any [identified] climate-related risks … on the registrant’s strategy, business model, and outlook.” Pursuant to this requirement, companies that use scenario analysis would be required to disclose the specific scenarios considered along with parameters, assumptions, analytical choices and projected financial impacts under each scenario. In addition, for companies that have set an internal price on carbon (i.e., an estimate of the cost of carbon emissions for planning purposes), the proposed rules would require detailed disclosure on such carbon pricing.

35% of public company letters and 29% of industry association letters commented on the disclosure requirements for climate-related strategies, business models and outlooks, with particular focus on the unique and competitive nature of a registrant’s climate strategy, as well as the fact that scenario analyses are based on assumptions and forecasts that may change over time.

Sample Comments:

“Certain disclosures required under the Proposal such as internal carbon price and scenario analyses constitute competitive differentiators, the disclosure of which could cause competitive harm. Effective scenario analysis requires business plans and forecasts to assess the company’s exposure to climate-related risks and plan for transition scenarios. Disclosing this information would divulge sensitive information to the public and competitors. We therefore request the Commission consider providing additional safeguards or exclusions for information that a company deems to be competitively sensitive.”
“Unless the SEC provides a detailed framework mandating specific scenarios and a common set of assumptions, this disclosure will inevitably result in a lack of comparability between issuers. Furthermore, it is important to note that these exercises utilize “scenarios,” which reflect potential outcomes over the long term, but these scenarios are not forecasts, and no representation is being made as to the accuracy of the underlying assumptions or the likelihood or occurrence. Including this information in financial reports as required under the Proposed Rule may afford them an undue sense of accuracy.”
“While scenario analysis is a helpful tool, required disclosure of each scenario that a company simulates could result in the disclosure of commercially and strategically sensitive information, to the detriment of that company and its investors, which could penalize and disincentivize companies from taking prudent steps to manage risk through robust and varied scenario analyses. Moreover, disclosure of each scenario that a company simulates could result in disclosure of significant amounts of immaterial information that may only be of interest to competitors, not investors. Furthermore, because a company simulates a range of scenarios that could include those that management believes would have a remote likelihood of occurring, the Commission should not mandate disclosure of all scenario analyses, including input parameters, that a company performs.”
“We believe that the Commission should specify that a registrant is not required to disclose internal carbon prices in any circumstances.”
“We believe that registrants should be required to disclose information about an internal carbon price. Indeed, an internal carbon price is a multifaceted tool that can support companies in assessing climate-related risks and opportunities in the transition to a low-carbon economy. . . . However, there are different approaches both in the definition and application of an internal carbon price. . . . For this reason, we recommend not to mandate a particular carbon pricing methodology.”

E. Attestation of GHG Emissions

Proposed Item 1505 of Reg. S-K would require large accelerated filers and accelerated filers to obtain an attestation report from a GHG emissions attestation provider covering disclosure of Scope 1 and Scope 2 emissions.

35% of public company letters and 29% of industry association letters commented on the attestation requirement for Scope 1 and Scope 2 emissions, with particular focus on the expense and lack of availability of assurance providers.

Sample Comments:

“The attestation requirements will further add to the complexity and cost of compliance. The assurance obligation significantly adds to the time burden by effectively requiring the work to be ‘done again’ (even if just by reviewing the original work) in order for a third-party to provide such assurance. This would be difficult enough for limited assurance, but could become nearly impossible when looking for reasonable assurance. Given the rapidly evolving nature of emissions monitoring and climate data analysis, the methodologies for analyzing this information is still in relatively frequent flux, and achieving reasonable assurance on the time frame in the Proposed Rules may well be impossible; and, if not impossible, prohibitively costly.”
“One challenge that we potentially see with assurance requirements specifically could be availability and cost-effectiveness of qualified independent resources to perform limited reasonable assurance reviews on an annual basis. The supply of available, qualified auditors will be especially limited early on, and the high demand could mean companies are unable to secure and/or afford these resources until further development in this field takes place, which could take several years.”
“[T]he SEC should phase in attestation requirements to allow for a sufficient market of GHG attestation provides to develop, and once phased in, require only limited assurance attestation.”
“The Commission must provide clear guidelines for the accounting and attestation of emissions before reporting companies can be expected to provide results that are verifiable under attestation standards. Current guidelines, including those in the GHG Protocol and GRI, allow degrees of flexibility in interpretations that would be difficult to audit for lack of clear subject matter criteria. . . . The Commission has identified this flexibility as a concern in the Proposed Rule, but we do not believe that it has provided sufficient information to resolve these concerns.”

F. Targets, Goals & Transition Plans

Proposed Item 1506 of Reg. S-K would require detailed disclosures if a company has “set any targets or goals related to the reduction of GHG emissions, or any other climate-related target or goal (e.g., regarding energy usage, water usage, conservation or ecosystem restoration, or revenues from low-carbon products) such as actual or anticipated regulatory requirements, market constraints, or other goals established by a climate-related treaty, law, regulation, policy, or organization.” In addition, registrants would be required to disclose any use of carbon offsets or Renewable Energy Credits (RECs).

29% of public company letters and 33% of industry association letters commented on the disclosure requirements related to climate-related targets, goals and transition plans, with particular focus on the comparability of such disclosure across registrants and the chilling effect such disclosure may have on a registrant’s implementing goals or transition plans.

Sample Comments:

“A registrant should control the timing and extent to which it communicates with investors and other stakeholders about any ‘transition plan’ that it may have adopted. The Proposed Rule may compel companies to disclose potentially sensitive and competitive information earlier than is appropriate. . . . Requiring this disclosure also will likely to have a chilling effect on the progress of goals and sustainability initiatives at companies that are at the early stages of addressing the transition to a low carbon economy.”
“There are no standard methodologies for developing climate-related goals and targets, transition plans, or internal carbon prices. Accordingly, this information would not be comparable across companies and would not be decision-useful to investors.”
“We . . . believe registrants should disclose plans and progress toward meeting material short-term targets and goals only, (i.e., those set within the next five (5) years) where it is possible to make definitive plans. . . . Plans and progress toward meeting long-term targets and goals are inherently less certain and are very likely to evolve over time as circumstances and technologies improve, and we have a number of options to meet these objectives, but have not yet committed to one path. Therefore, we believe that detailed disclosures on medium- and long-term goals and targets would not be material to investors and could potentially be misleading.”
“The Proposal’s requirement to provide detailed disclosures applicable to all climate-related targets and goals that a company has set may have the unintended consequence of significantly limiting a company’s willingness to set new internal and external targets and goals to advance its environmental performance. . . . An alternative that could further the SEC’s goals and not result in these potential negative consequences would be to limit the disclosure requirements related to targets and goals to a company’s material climate-related targets and goals.”
“[T]he Proposal’s requirement for detailed disclosure regarding a company’s use of carbon offsets would result in public disclosure of commercially sensitive, yet likely immaterial information, such as highly negotiated prices associated with different offset-generating projects. To promote comparability of useful information, an alternative to the current provision in the Proposal could require, to the extent material, disclosure of carbon offsets and renewable energy credits inventory volume and annual retirement volume at a summarized level in the same disclosure as GHG emissions and for the same time period. This summarized version of the information would effectively convey comparable information while avoiding competitive harm concerns.”

IV. Reactions to Proposed Reg. S-X Amendments

The Proposed Rules would amend Reg. S-X to require certain climate-related financial information (specifically, financial impact metrics, expenditure/cost metrics and financial estimates and assumptions) and related disclosures in a separate footnote to companies’ annual audited financial statements.

77% of public company letters and 38% of industry association letters commented on the proposed amendments to Reg. S-X, with particular focus on the 1% materiality threshold and the proposed definitions around the required financial metrics. Several commenters requested the Commission forego the amendments to Reg. S-X in their entirety.

Sample Comments:

“[The company] requests that the Commission withdraw its proposed amendments to Regulation S-X. Alternatively, [the company] requests that the Commission bifurcate its rulemaking, deferring the proposed amendments to Regulation S-X until it is better positioned to issue a supplemental notice of proposed rulemaking that provides improved guideposts for assessing potential climate-related financial impacts.”
“At the outset, the premise that climate-related disclosures should be linked to the parameters of a company’s consolidated financial statements is unprecedented and conflicts with existing emissions reporting regimes used by [the company] and others in [the] industry. . . . [I]mposing disclosure requirements that partially overlap others already in place adds to the burdens on companies in preparing required information. At a minimum, registrants should have the flexibility to determine the appropriate parameters for evaluating climate-related information in preparing any required disclosure in order to conform with that company’s operations and other reporting obligations. This would better promote the Commission’s goal of generating reliable disclosure by companies.”
“[W]e believe the inclusion of information about climate events and transition plans through a principles-based framework focused on information most material to investors would align with the recently adopted amendments to modernize, simplify, and enhance certain financial disclosure requirements in Regulation S-K. We recommend that relevant financial impact metrics be included in the Form 10-K in some combination of Item 1 Business, Item 7 MD&A and/or the proposed Item 6 Climate-Related Disclosure under the provisions of Regulation S-K rather than within Item 8 Financial Statements under the provisions of Regulation S-X.”

We summarize below the most frequent comments on the following proposed Reg. S-X amendments:

1. Materiality threshold of 1%
2. Financial impact and expenditure/cost metrics; financial estimates and assumptions
3. Time period covered

A. Materiality Threshold of 1%

The financial metrics under proposed Rules 14-01 and 14-02 of Reg. S-X would require quantified disclosure if the absolute value of all climate-related impacts or expenditures/costs, as applicable, with respect to a corresponding financial statement line item represents at least 1% of that line item.

68% of public company letters and 33% of industry association letters commented on the 1% materiality threshold for the proposed financial metrics, with particular focus on how such a low threshold would likely result in great cost to the registrant and an overload of immaterial information to investors.

Sample Comments:

“One percent has never been, and is not, an appropriate threshold when quantitatively evaluating materiality for a financial statement line item; additionally, any individual line item may not be material for a given company. Applying a one percent threshold to every financial statement line item would require companies to collect data at a threshold much lower than one percent to demonstrate completeness and evaluate whether the threshold is met. This exercise would lead to excessive costs in collecting a substantial amount of data that is immaterial to investors. Furthermore, there is no other financial statement disclosure requirement under Regulation S-X that requires any similar disclosure for any other specific type of risk.”
“The 1% threshold is . . . significantly below the ‘initial step’/rule of thumb of 5% used by some registrants/auditors in assessing materiality. While the SEC Staff openly acknowledges that a purely quantitative threshold is not conclusive, setting the threshold at 1% is very low by any normative standard and by the SEC’s own logic in Staff Accounting Bulletin: No. 99 (‘SAB No. 99’), and not dispositive for purposes of a registrant’s materiality determination.”
“The 1% line-item threshold applicable to the impacts of severe weather or climate transition plan efforts (together, “climate-related impacts”) would not provide investors with consistently decision-useful information. . . . [W]hile materiality includes both qualitative and quantitative assessments, we believe it would be unusual for a climate-related impact to be qualitatively material yet have a quantitative value comprising just 1% of a line item. Indeed, this is even more likely to be the case since the 1% threshold is to be met by aggregating the absolute values of individual climate-related impacts. As a result, this footnote disclosure is unlikely to inform a reasonable shareholder’s investment or voting decision, and would only serve to increase compliance costs.”
“Public companies will need to conduct extensive and costly assessments of potential impacts to determine if they trigger the reporting threshold and revise controls on their financial reporting systems to account for the unprecedented 1% reporting threshold. Thus, notwithstanding if a registrant has to disclose such information, it will still need to engage in data calculation and subsequent calculations to determine whether it falls below the threshold for materiality.”
“[T]he materiality threshold of 1% of an individual line item is significantly lower than other thresholds in Regulation S-X implying that this information is more sensitive than any other measure of financial performance in the financial statements. Since the amount in which to apply this threshold is based on an aggregate number on an absolute basis, processes and controls will need to be in place to capture all transactions to have a complete population to analyze for disclosure, creating a significant burden to preparers.”

B. Financial Impact and Expenditure/Cost Metrics; Financial Estimates & Assumptions

The proposed amendments to Regulation S-X would require companies to disclose, subject to the 1% line-item threshold, (i) the financial impacts of severe weather events, other natural conditions and transition activities on any relevant line items in the company’s financial statements, and (ii) expenditures and capitalized costs to mitigate the risks of severe weather events or other natural conditions and expenditures related to transition activities. In addition, companies would be required to disclose whether estimates and assumptions underlying the amounts reported in the financial statements were impacted by risks and uncertainties associated with, or known impacts from, severe weather events and other natural conditions, the transition to a lower-carbon economy or any disclosed climate-related targets.

61% of public company letters and 19% of industry association letters commented on the disclosure requirements for financial metrics, estimates and assumptions, with particular focus on the definitions of “severe weather events” and “transition activities” and the difficulty in breaking out financial impacts and expenditures from standard business operations.

Sample Comments:

“With respect to our business, one of the largest event-driven impacts to our financial statements is from the movement in commodity prices, which are directly and indirectly impacted in any given period by a multitude of supply, demand and other factors. Thus, it is impossible for us to measure and determine the impact of a single climate or weather-related event on our revenues and certain other financial statement line items or on commodity prices, nor can we bifurcate the impact of macroeconomic events from climate change events. This would be impractical to measure and report even if the Commission were to raise the threshold for reporting from one percent to a higher percentage threshold.”
“Quantifying and providing the proposed financial impact metrics when the impact is the result of a mixture of factors, including events unrelated to climate, may be impractical. In such situations, we believe the Commission should permit a registrant to disclose that it was unable to make the required determination. Moreover, it would be helpful if the Commission could provide examples to illustrate impracticability.”
“[T]he metrics proposed would provide no detail as to the underlying cause for the negative or positive impact from climate-related events or transition activities. The amount disclosed for each line item could be comprised of a number of smaller events that aggregate to an amount requiring disclosure under the Proposed Rules and would not identify which climate-related risks may have driven the amounts disclosed.”
“In particular, we request additional specificity in regards to how, in preparing the proposed climate-related financial statement metrics, registrants should determine the financial impact of transition activities or climate-related physical risks and expenditures related to transition activities and the mitigation of physical risks. As currently drafted, for example, the proposed rules are unclear on how companies should distinguish climate-related impacts and expenditures from those that are part of normal business operations in order to apply the one percent threshold for disclosure.”
“Attempting to assess the financial impact of energy transition risk will require companies to translate predictions about the actions of regulatory bodies, new technologies, changes in market behavior, and a host of other variables, into financial consequences, which, due to the fact that there is no standardized method for making such determinations, means that consistent, comparable, and reliable disclosure is unlikely to be achieved.”

C. Time Period Covered

Proposed Rule 14-01 of Reg. S-X would require the financial statement disclosures discussed above to be provided for a company’s most recently completed fiscal year and for each historical fiscal year included in the financial statements in the applicable filing.

35% of public company letters and 19% of industry association letters commented on the applicable time period for financial statement disclosures, with particular focus on the requirement to provide disclosure for historical periods prior to implementation of any final rule.

Sample Comments:

“The Proposed Rule represents a significant sea change in financial reporting practices, and new processes and controls will have to be put in place to assess and identify relevant data. This will be a daunting task in and of itself, but being required to retroactively apply this requirement to historical financial data with the degree of accuracy that investors expect with respect to financial reporting is unfeasible.”
“Under the Rule Proposal, large accelerated and accelerated filers with calendar year-ends would be required to file the assured GHG emissions metrics by March 1 and March 16, respectively. Under the EPA Rule, those same companies are required to submit unverified metrics by March 31. While we expect that the Rule Proposal’s deadline would be difficult for companies that do not report GHG emissions, even companies that have adopted GHG emissions reporting practices meant to comply with the EPA Rule would incur significant costs to adapt their controls and procedures to meet the Form 10-K reporting deadline. . . . Given the significant burden of completing the GHG emissions reporting and assurance processes within the proposed time frame, the likelihood that disclosures would be undermined by the need to further rely on assumptions and estimates in order to meet such time frame, and the significant cost savings that could be realized with a deadline that occurs after the publication of GHG emissions reports under the EPA Rule, we recommend that the Commission extend the deadline for GHG emissions disclosure.”
“The required historical information will be difficult to obtain for periods prior to the current period when the Proposed Rules first take effect. . . . With the aim to reduce compliance burden, we would welcome a provision that permits the presentation of climate-related financial statement metrics only for the most recently completed fiscal year when the Proposed Rules first take effect and for subsequent years.”
“The proposed rules should not require the retrospective disclosure of historic climate-related information, which would introduce data inherently exposed to a greater risk of inaccuracy and difficulty to assure given, in particular, that registrants would have had no opportunity to implement the systems and processes to collect the required data for those prior years.”
“Compliance with the disclosure timeline contemplated by the Proposed Rule would be extremely onerous for [the association’s] members and other registrants, as it would require the assembly of data for calendar year 2021, which has already passed. For some registrants, systems needed to track the information required under the Proposed Rule were not in place to track all the required info at the time the Proposed Rule was issued, and attempting to retroactively determine that data will be extremely burdensome, if not impossible. For example, without a system to track fuel usage for fleet vehicles, going back and compiling that historical information with any reasonable degree of accuracy would not be possible.”

V. Other Significant Reactions to the Proposed Rules

A. Materiality

Very few items in the Proposed Rules are predicated on materiality. Other than in the context of Form 10-Q updating, only the climate change risk disclosures, the Scope 3 emissions disclosure requirement (i.e., disclosure required either if material or if included in a GHG emissions reduction target or goal), and certain details regarding emissions disclosures are predicated on materiality (and in the case of risk disclosures, the standard is “reasonably likely” to have a material impact).

52% of public company letters and 43% of industry association letters commented in some way that the Proposed Rules deviated from the long-standing, judicially accepted understanding of “materiality” under the federal securities laws.

Sample Comments:

“The Proposed Rules depart from the general, long-standing materiality constraint on required disclosures. While the Commission has previously mandated certain disclosures irrespective of a materiality threshold, that is the exception. The general guidepost for disclosures in federal securities law has been information that a reasonable investor would consider important in deciding how to vote or make an investment decision. However, the Proposed Rules eschew a materiality standard in some areas and apply a modified version in others.”
“We believe that climate-related risks should be disclosed based on the materiality standard that has been used by the Commission for many years and which is consistent with well-established and time-tested Supreme Court precedents. . . . This definition of materiality is foundational to the function of U.S. capital markets. Other frameworks for ESG disclosure have competing and non-aligned definitions of materiality when compared to the SEC’s well-established precedent . . . and we believe disclosures effectively requiring a different materiality framework are likely to create confusion and uncertainty for investors and registrants alike.”
“[The company] believes it is critical for the Commission to maintain the time-tested materiality standard that serves as the cornerstone of the securities disclosure system: information is material if there is a substantial likelihood that a reasonable investor would consider it important or significant in deciding whether to buy or sell a security. . . . The fact that climate-related information is valuable or interesting to many stakeholders does not make it material. We believe that companies are best positioned to determine materiality standards for disclosure of climate-related information, in light of their specific business circumstances, and to engage with their investors to determine what information is most useful to them.”
“The proposed rules, if adopted, would effectively compel all boards and management of public companies (but only of public companies) to subordinate their judgment of materiality to the SEC’s and treat essentially any and all climate-related matters, including any amount of Scope I and Scope II emissions, as material, regardless of whether there is a substantial likelihood that a reasonable shareholder would consider it important.”
“The Proposed Rule substantially deviates from the longstanding conception of materiality under the federal securities laws which is supported by related case law. For decades, the existing concept of materiality has advanced the best interests of investors, encouraged capital formation, and helped ensure the integrity of our capital markets. In contrast, the Proposed Rule calls for the disclosure of granular climate-related information that is often immaterial under the standard of materiality that the United States Supreme Court handed down decades ago.”

B. Implementation Timing

The Proposed Rules provide for a phase-in implementation schedule, assuming that final rules are adopted and effective by the end of 2022. Large accelerated filers would be required to comply with the disclosure requirements (other than Scope 3) beginning with fiscal year-end 2023 (for years 2023, 2022 and 2021), accelerated and non-accelerated filers would be required to comply beginning with fiscal year-end 2024 (for years 2024, 2023 and 2022 if included in the Form 10-K) and smaller reporting companies would be required to comply beginning with fiscal year-end 2025 (for years 2025, 2024 and 2023 if included in the Form 10-K). Disclosure on Scope 3 emissions would be required the succeeding year for large accelerated, accelerated and non-accelerated filers.

52% of public company letters and 29% of industry association letters commented with concerns that the implementation timeline would be too short for registrants to comply with the final rules once adopted.

Sample Comments:

“The timeline for implementing the Proposed Rule is far too aggressive. If adopted as proposed, the compliance date for the proposed disclosures (other than Scope 3 emissions disclosure) in annual reports for large accelerated filers . . . could be as early as the fiscal year 2023. That suggests that the necessary systems for compliance be in place by the end of this year and that we would have already needed to have them in place to the extent necessary for comparison to prior periods. For any adopted rule, there should be a multi-year transition period, even for large accelerated filers.”
“Many companies will not have the necessary expertise or staff to adequately respond to the reporting requirements. As a result, they will need to rely heavily on outside consultants, which will further increase compliance costs. . . . This problem is compounded by the relatively brief phase-in period for compliance with the Rule Proposal. . . . One solution would be to extend the transition period for emissions disclosures by one or two years to allow companies to effectively implement the internal controls and procedures required for emissions disclosures.”
“To enable compliance with the Proposed Rules, companies will need to expend significant effort to enhance data collection (including from third parties in their value chain), validation, reporting, control design, and third-party verification. . . . [The company] strongly recommends that the Commission extend the proposed implementation timeline such that the proposed disclosures, including GHG emission metrics, be required no earlier than for the 2024 fiscal year (filed in 2025), and preferably longer. It is critical to give registrants with sufficient time to ensure that their data is available and reliable in time for filing in the 10-K.”
“As the Commission’s proposed standard would be different than [the EPA’s and other GHG] reporting standards, such difference would create additional burden on the underlying processes and systems for gathering the information. . . . As such, we believe that registrants need time to digest the Commission’s final rule and implement tracking mechanisms and/or system enhancements. . . . We recommend that the Commission provide a transition period of at least one year from the issuance of the final rule until the start of the first reporting period provided the Commission modifies the financial metric disclosure requirements as recommended herein or a transition period of at least two years if the final rule is issued substantially as proposed.”
“We therefore respectfully ask the Commission to review and consider delaying the implementation timeline for all registrants and the phase-in periods for Scopes 1 and 2 emissions disclosure and assurance to at least five (5) years following the adoption of the final rules. This recommendation is consistent with the implementation timeline adopted for major recent changes to financial reporting standards such as the Financial Accounting Standards Board’s (FASB) implementation timeline for each of the revenue recognition and lease accounting standards, each of which provided public companies with significantly longer implementation timelines. . . . And prior to their issuance, the FASB worked for several years with stakeholders, including the financial statement preparer community, to finalize these rules. Neither rule contemplated changes that are as significant as those set forth in the Proposal.”

C. Increased Cost of Being a Public Company

The Commission estimates that annual direct costs to comply with the proposed rules (including both internal and external resources) would range from $490,000 (smaller reporting companies) to $640,000 (non-smaller reporting companies) in the first year and $420,000 to $530,000 in subsequent years.[3]

52% of public company letters and 43% of industry association letters raised concerns about the actual (and economic) cost of the Proposed Rules. Many believe the SEC underestimated the implementation costs, and a handful of companies provided quantitative estimates as to actual cost.

Sample Comments:

“We are . . . concerned about the cost, complexity and practicability of complying with parts of the Proposal (in particular, the proposed amendments to Regulation S-X) that will be borne by registrants of all sizes, and which we believe, will significantly exceed the estimates set forth in the Proposal. Our company expects implementation costs in the $100-500 million range, and annual costs for on-going compliance in the $10-25 million range — costs that will ultimately be borne by investors and the public markets.”
“This additional reporting [on GHG emissions] will come at a high costs: EPA estimated if it lowered its own de minimis reporting thresholds from 25,000 to 1,000 metric tons of CO₂e per year it would cost an additional $266 million (in 2006 dollars). . . . EPA updated the reporting requirements for petroleum and natural gas systems in 2010. In doing so, EPA estimated that the incremental cost to reduce the bright line threshold from 25,000 to 1,000 would cost an additional $54.43 million (2006 dollars). . . . Based on EPA’s figures, the Proposed Rule could mean an additional cost to [the company] of $7,000,000 or more in 2006 dollars just to track and report Scope 1 emissions from additional facilities. These figures also suggest that the Commission has not fully accounted for the cost of this rule.”
“[The company] estimates the cost of voluntarily reporting Scope 3 GHG emissions to be more than $1 million. . . . This does not include accounting personnel to incorporate Scope 3 emissions reporting into our Form 10-K or any commercial efforts needed to amend contracts or attempt to gather and verify Scope 3 emissions data across our value change to the extent it can be identified. Furthermore, [the company] estimates implementing the amendments to Regulation S-X would also be in the millions of dollars.”
“[A small cap public company] estimate[s] that the total annual cost of satisfying the disclosure requirements set forth in the Proposal would be approximately $500,000 to $800,000, which would be significant for a company of our size.”
“We believe the Commission’s cost estimates are significantly understated for large accelerated filers. . . . Currently, [the company’s] climate-related disclosures activities in line with TCFD recommendations require time and several million dollars in costs for data and information collection, IT system solutions, services provided and other related tools, techniques, and expertise. This does not include the significant additional time and cost of assurance of our performance data and disclosures.”
“[W]e believe the SEC has significantly underestimated the costs of compliance, which we believe would be many multiples of the projected $640,000 per year initially and would likely increase over time.”
“The cost of registrants trying to report in alignment with just certain aspects of TCFD for their first time on a voluntarily basis can be around $500,000. This does not account for the level of rigor, financial line items, attestation, and liability costs associated with complying with this Proposed Rule. The actual cost for complete alignment to TCFD could be up to $1,000,000 per registrant over several years. This does not include the annual cost associated with preparing for and conducting attestation.”
“[B]y only considering the costs of compliance to the public companies that are required to file, SEC misses completely the costs to companies that supply SEC filers, the largest being the induced requirement to gather and report their GHG emissions to the filing company as a condition of their supply relationship. . . . [B]ecause filing companies will have to undertake the herculean task of estimating their Scope 3 emissions, they will have no other choice but to require their suppliers to provide their GHGs, even if those suppliers have no regulatory requirement otherwise to report to SEC or EPA.”

D. Timing Deadlines for Reporting

The Proposed Rules would require the new climate-related disclosure to be included annually in the registrant’s Form 10-K (and Form 20-F for foreign private issuers). By requiring disclosures in Form 10-K, large accelerated filers will need to finalize both the traditional year-end financial reporting and the new climate-related disclosure no later than 60 calendar days after the fiscal year end.

45% of public company letters and 24% of industry association letters commented on the reporting timeline for the new climate-related disclosure requirements, with many requesting additional time to prepare the necessary disclosure.

Sample Comments:

“We have experience with reporting GHG emissions data and understand the time commitments and complexities involved to gather, model, analyze and verify the accuracy of such data. In addition to our disclosure of Scope 1 GHG emissions data in our Form 10-K, we also include Scope 2 and Scope 3 emissions data in our Climate Report, which is published significantly later in the year compared to our Form 10-K filing. We recommend that registrants be allowed to provide preliminary emissions data . . . for the most recently completed fiscal year as an estimated amount in the Form 10-K with final emissions data, with the corresponding attestation report on Scope 1 and Scope 2 emissions, provided in a subsequent reporting period (either later in the year on Form 10-Q or the following year Form 10-K).”
“The Proposal’s requirement for all climate-related disclosures to be provided in a registrant’s annual report on Form 10-K will prove challenging. Registrants already face significant pressure to meet existing annual and quarterly reporting deadlines, and the addition of climate-related disclosures, particularly quantitative disclosures that will need to be accompanied by assurance, will only increase such pressures. Moving GHG emissions disclosures and assurance to a separate report, such as furnishing within a specialized disclosure in Form SD with a later reporting deadline in the calendar year, will provide companies with additional time to properly collect GHG emissions data and assurance providers sufficient time to render their opinions. As an alternative, it may also be advisable to report GHG emissions on a one-year lag to ensure sufficient time for reporting and assurance.”
“The SEC financial reporting timelines are not consistent with current regulatory and voluntary reporting timelines. Currently our regulatory and voluntary reporting is based on verified annual data for the prior fiscal year. This means that GHG emissions data are collected and submitted to applicable regulators at the end of the first quarter following the reporting period. Voluntary disclosures such as our annual sustainability report and CDP submission are typically published at the end of the second quarter following the end of the reporting period. Transitioning to a reporting schedule that is consistent with SEC deadlines for Form 10-K will require an additional, parallel reporting process which will incorporate significant estimates (e.g., for the prior 4th quarter), reducing the accuracy of the information and its usefulness to investors and will impose a major burden on our existing reporting systems. A separate mid-year climate disclosure requirement would help ease the transition and avoid the potential need to update these disclosures based on actual data received after the Form 10-K filing deadline.”

E. Liability

The Proposed Rules would treat all climate-related disclosures as “filed” rather than “furnished” (other than those included in a foreign private issuer’s Form 6-K, which generally are “furnished”). This means that, in addition to general anti-fraud liability under Rule 10b-5 under the Exchange Act, such disclosures would be subject to incremental liability under Section 18 of the Exchange Act and, to the extent such disclosures are included or incorporated by reference into Securities Act registration statements, subject to liability under Sections 11 and 12 of the Securities Act.

45% of public company letters and 43% of industry association letters commented on liability concerns, with many requesting the climate-related disclosures be “furnished” rather than “filed” and that safe harbor protections from Sections 11, 12 and 17(a) of the Securities Act and Sections 10(b) and 18 of the Exchange Act be afforded for certain of the proposed disclosure requirements, including any forward-looking information and GHG emissions disclosure.

Sample Comments:

“Due to the long-term and uncertain nature of certain climate-related information, particularly while associated frameworks and standards are still evolving, [the company] believes that climate-related disclosures should be furnished to, rather than filed with the Commission, and not be included as part of any annual or quarterly Sarbanes-Oxley Act certifications.”
“[W]e believe that the new climate report should be treated as “furnished” instead of “filed” for purposes of liability under the Exchange Act, and not automatically incorporated by reference into Securities Act registration statements (where strict liability applies). This approach would appropriately recognize the novel and complex nature of the proposed disclosure requirements – including, among other items, GHG emissions data, scenario planning, targets and goals, and the detailed nature of many of the proposed requirements – which go far beyond information that has been required in SEC filed reports. In these circumstances, treating the information as furnished would provide appropriate liability protection while continuing to make the information widely available via the SEC’s EDGAR system.”
“[I]f climate information is subject to liability under Section 18 of the Securities Exchange Act and the strict liability provisions of Section 11 of the Securities Act, issuers are likely to disclose information in the most limited manner possible, and they may be unwilling to provide additional information that could give investors context. For these reasons, until climate-related estimation, monitoring and measurement methodologies and processes are sufficiently mature to support the more rigorous liability standards, we believe it would be more appropriate to remove the private right of action under 10b-5 with respect to such disclosures, or allow registrants to furnish climate-related disclosures as part of a separate disclosure report, formally furnished to the SEC, or make such disclosures through existing sustainability reports.”
“As climate change views and related rules and interpretations continue to evolve, we would appreciate the ability to furnish rather than file any mandated climate-related disclosures, particularly any disclosure requirements subject to significant interpretation or differences of opinion. Allowing such disclosures to be furnished and strengthening safe harbors around good faith disclosures will encourage greater disclosure transparency while climate and sustainability views evolve into greater uniformity.”
“There should exist a meaningful safe harbor for the entirety of any final rule considering the unique challenges that the SEC itself recognizes registrants must overcome to meet the proposed climate-related disclosure obligations. The SEC should enhance the safe harbor to recognize the evolving nature and inherent uncertainties of assessing climate risks to the level of granularity (e.g., risks to specific locations and assets) required in the Proposed Rule. Registrants should be shielded from liability for forward-looking statements and any inaccuracy in the reporting of the many metrics that necessarily involve uncertainty and subjective or speculative judgment calls.”

F. SEC Authority to Implement Proposed Rules

26% of public company letters and 81% of industry association letters commented on whether the Commission has the authority to implement the Proposed Rules.

Several of these commenters also raised the First Amendment concern noted by Commissioner Hester Peirce in her dissent to the Proposed Rules. Commissioner Peirce expressed a view that the proposal exceeds the Commission’s statutory limits of authority “by using the disclosure framework to achieve objectives that are not [the Commission’s] to pursue and by pursuing those objectives by means of disclosure mandates that may not comport with First Amendment limitations on compelled speech.”[4]

Sample Comments:

“The Proposal, as currently written, suffers from legal flaws that will undermine the validity of any final rule and the Commission’s objectives. Although information regarding climate risks and transition opportunities is important to many investors and companies, as evidenced by the Form 10-Ks and sustainability reports published by [association] members, the Proposal imposes an unprecedented degree of granularity and would require official reporting through the stringent requirements of Regulations S-X and S-K on predictive judgments that fall far outside of what federal securities laws demand. The Proposal also raises serious constitutional questions under the separation of powers. Furthermore, aspects of the Proposal would violate the First Amendment’s prohibition against compelled speech. If the Commission does not significantly alter the Proposal to address these concerns, then the final version of the rule will be vulnerable to invalidation on legal grounds.”
“We agree it is critical for the Commission to adhere to the scope of its authority as established by Congress, to adhere to established precedent regarding materiality and to carefully consider the risks associated with compelled speech. We further agree with the API the Proposal is beyond the scope of the Commission’s authority, violates foundational principles regarding materiality, as that term has been interpreted by the U.S. Supreme Court, and raises significant Constitutional concerns.”
“Congress has not given the SEC unlimited authority over the economy or climate change policy. The use of the [TCFD Framework] and the [GHG Protocol] as the basis of the disclosure framework for the proposal makes it clear that the SEC is attempting to achieve outcomes which are not within the agency’s authority. . . . Congress has yet to issue a specific mandate allowing the SEC to order climate-change disclosures.”
“We share many of the additional concerns articulated by other commenters about the breadth, potential impacts and legal authority to implement the Proposal, including, among others, whether the Proposal is within the scope of authority granted to the SEC by Congress, is enforceable based on application of the major questions doctrine, or exceeds First Amendment limitations on compelled speech.”

VI. Select Remarks from Non-Reporting Companies

Non-reporting energy companies who submitted comment letters focused primarily on concerns with the Proposed Rules’ impact on the energy industry in general and, specifically, on smaller, private companies. Many raised concerns that the Proposed Rules would “operate to limit or deny financing to oil and natural gas companies.” As one sample comment noted, “[t]hese time-intensive, resource-heavy measures will impair the abilities of private companies to pursue their business plans and grow through private capital. Increased costs will create significant burdens even if such private companies ultimately never seek to access the public market.”

Non-reporting companies also raised concerns that the Proposed Rules, and in particular, the GHG emissions reporting requirements, would “undoubtedly demand additional information from . . . privately traded companies not otherwise subject to the SEC’s jurisdiction” and impact the ability of smaller suppliers to public energy companies to compete for business. As noted by a few commenters:

“[b]ecause any one company’s Scope 3 emissions permeate among potentially many hundreds or even thousands of companies and millions of consumers, they are nearly impossible to accurately measure, calculate, or otherwise estimate. SEC would be requiring companies . . . to determine emissions data that are not available from our suppliers, who may-or may not-have SEC reporting obligations. The rule would incentivize SEC filers to favor large suppliers who have the wherewithal to calculate and provide their emissions data while disadvantaging smaller suppliers that cannot.”

One commenter also noted the impact of the Proposed Rules on private companies seeking to go public:

“The Proposed Rule explicitly notes that the climate-related disclosures and data must be included in registration statements but, per the implementation timeline, provides a delayed compliance date for registrants other than large accelerated filers. A smaller private company contemplating an IPO that would, if already public, qualify as an accelerated filer or non-accelerated filer, would be required to comply with the Proposed Rule’s disclosure requirements before an existing accelerated filer or non-accelerated filer, thereby increasing the burden on new entrants to the public markets. Likewise, the Proposed Rule’s amendments to Form S-4 would require a private target company to present all the disclosures required by the Proposed Rule in a Registration Statement on Form S-4 registering the equity securities of the acquiror to be issued in an M&A transaction. For a non-reporting company that has not maintained such records (and which may have been indifferent as to whether its potential acquiror was a reporting company), such a disclosure requirement presents a significant potential barrier to being acquired in an M&A transaction or a SPAC merger.”

VII. Conclusion

The breadth and scope of the Proposed Rules predictably resulted in many comments from the energy industry. These comments are informative as to how the industry is reacting to the Proposed Rules and what steps may be necessary for companies to start taking to be positioned to comply with the Proposed Rules, when adopted. Gibson Dunn’s premier securities regulation and energy lawyers are available to assist companies with preparation and compliance with new disclosure requirements.

___________________________

[1] For purposes of this client alert, we define energy companies to include companies in the oil and gas industry, including those in the exploration and production, midstream, downstream, and oilfield services sectors.

[2] See Release No. 33-11042, p. 9-10.

[3] See Release No. 33-11042, p. 373.

[4] See Commission Hester Peirce, “We are Not the Securities and Environment Commission – At Least Not Yet,” Mar. 21, 2022, https://www.sec.gov/news/statement/peirce-climate-disclosure-20220321.

The following Gibson Dunn lawyers prepared this client update: Hillary Holmes, Justine Robinson, Tull Florey, Brian Lane, Jim Moloney, Gerry Spedale, and Peter Wardle.

Gibson, Dunn & Crutcher’s lawyers are available to assist in addressing any questions you may have about these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, or any of the following leaders and members of the firm’s Securities Regulation and Corporate Governance, Environmental, Social and Governance (ESG), Capital Markets, and Energy practice groups:

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, [email protected])
James J. Moloney – Orange County (+1 949-451-4343, [email protected])
Lori Zyskowski – New York (+1 212-351-2309, [email protected])
Brian J. Lane – Washington, D.C. (+1 202-887-3646, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, [email protected])

Environmental, Social and Governance (ESG) Group:
Susy Bullock – London (+44 (0) 20 7071 4283, [email protected])
Perlette M. Jura – Los Angeles (+1 213-229-7121, [email protected])
Ronald Kirk – Dallas (+1 214-698-3295, [email protected])
Michael K. Murphy – Washington, D.C. (+1 202-955-8238, [email protected])
Selina S. Sagayam – London (+44 (0) 20 7071 4263, [email protected])

Capital Markets Group:
Andrew L. Fabens – New York (+1 212-351-4034, [email protected])
Hillary H. Holmes – Houston (+1 346-718-6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415-393-8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213-229-7242, [email protected])

Oil and Gas Group:
Michael P. Darden – Houston (+1 346 718 6789, [email protected])
Anna P. Howell – London (+44 (0) 20 7071 4241, [email protected])
Brad Roach – Singapore (+65 6507 3685, [email protected])

Power and Renewables Group:
Gerald P. Farano – Denver (+1 303-298-5732, [email protected])
Peter J. Hanlon – New York (+1 212-351-2425, [email protected])
Nicholas H. Politan, Jr. – New York (+1 212-351-2616, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On August 7, 2022, the Senate voted 51-50 to pass the Inflation Reduction Act of 2022 (the “Act”), which broadly addresses climate change, taxes, health care, and inflation. The action sends the measure to the House of Representatives for a vote as early as Friday of this week. The House is expected to pass the $430 billion Act without amendments and send it to the White House for President Biden’s signature. Federal agencies then would implement the law and promulgate rules as to the deployment of the funding.

Our previous alert analyzed proposed changes to U.S. tax law that were in an earlier draft of the legislation that was released on July 27, 2022. Consistent with the prior version of the legislation, the Senate-passed version of the Act includes a 15-percent corporate minimum tax, provides multi-year IRS funding with a dramatic increase in funding for tax enforcement, and extends and expands tax incentives for clean energy.

Notably, the Senate-passed version of the Act differs from the prior draft legislation in certain major respects, including that the Act (1) does not change existing law regarding the tax treatment of carried interests, (2) adds a one-percent excise tax on certain corporate stock buybacks, and (3) eases some of the effects of the new corporate minimum tax by, for example, taking into account certain depreciation and amortization deductions. A change relating to the corporate minimum tax in the draft legislation that may have adversely affected private equity funds was rejected.

Excise Tax on Stock Buybacks

As noted above, the Act introduces a one-percent excise tax on certain corporate stock buybacks. The proposal for the excise tax is identical to the excise tax that was proposed as part of the Build Back Better Act (H.R. 5376) at the end of 2021.

More specifically, the Act would impose a non-deductible one-percent excise tax on the fair market value of certain stock that is “repurchased” during the taxable year by a publicly traded U.S. corporation or acquired by certain of its subsidiaries. The taxable amount is reduced by the fair market value of certain issuances of stock throughout the year. On August 9, 2022, the Joint Committee on Taxation released its revenue estimate projecting that the excise tax will raise more than $73 billion in revenue over ten years.

A special rule would impose the tax on a publicly traded non-U.S. corporation that owns a U.S. entity that expatriated (as determined for U.S. tax purposes) after September 20, 2021. Another special rule would tax certain majority-owned U.S. subsidiaries in connection with certain acquisitions of the stock of their publicly traded non-U.S. parent corporations. (A publicly traded non-U.S. corporation’s non-U.S. subsidiary that undertakes such an acquisition generally would not be subject to the tax, except in the case of a subsidiary non-U.S. partnership with a U.S. entity as a direct or indirect partner.[1])

A “repurchase” includes a “redemption” (generally, any acquisition by a corporation of its stock in exchange for cash or property other than the corporation’s own stock or stock rights) and any other “economically similar” transaction, as determined by the Treasury. Certain repurchases, however, would be specifically excepted from the excise tax. Those include: (1) a repurchase to the extent it is part of a tax-free reorganization and no gain or loss is recognized on the repurchase by the shareholder “by reason of” the reorganization, (2) repurchases followed by a contribution of the repurchased stock (or stock with an equivalent value) to an employee pension plan, employee stock ownership plan, or similar plan, (3) stock repurchases the total value of which does not exceed $1 million during the taxable year, (4) repurchases by a dealer in securities in the ordinary course of business, (5) repurchases by regulated investment companies or real estate investment trusts, and (6) a repurchase that is treated as a dividend for U.S. federal income tax purposes.

The excise tax has a potentially broad reach. For example, certain split-off transactions and leveraged acquisitions that constitute redemptions for U.S. federal income tax purposes may be “repurchases.” Further, the definition of “repurchase” includes transactions that are “economically similar” to redemptions (as determined by the Treasury), so it is possible that a wide range of other corporate transactions that would not constitute stock buybacks in the traditional sense may be subject to the excise tax.

The excise tax would apply to “repurchases” occurring after December 31, 2022.

Revisions to the Corporate Alternative Minimum Tax

In the course of Senate negotiations, one significant change was made to the Act’s 15-percent corporate alternative minimum tax and one potentially significant change was rejected:

In a taxpayer-favorable development, the Act’s calculation of adjusted financial statement income was modified to allow depreciation generally (and amortization deductions for certain wireless spectrum specifically) to be computed using U.S. federal tax accounting methods, conventions, and class lives in lieu of corresponding financial statement principles. This modification will be beneficial to participants in industries that tend to make significant investments in property, plant and equipment (such as manufacturers). We also anticipate it will be a welcome development for sponsors of and investors in clean energy projects (which are further incentivized in the Act as described in our previous alert) because depreciation is one of the key tax attributes that is monetized by a tax equity investor in connection with a clean energy project financing transaction.
A change to the rules for aggregating entities in applying the minimum tax’s $1 billion income threshold (previously proposed as part of the Build Back Better Act and incorporated in a revised draft of the legislation) that would have grouped together additional entities (including, notably, private equity funds) was rejected via an amendment from Senator Thune shortly before passage of the Act.[2] It is hoped that additional clarification or confirmation in the form of committee reports or legislative history will be forthcoming to give guidance and instruction to the IRS and Treasury regarding the import of this aspect of the Act.
The Joint Committee on Taxation has projected that the minimum tax will raise more than $222 billion in revenue over ten years, a decline from the more than $318 billion in revenue that was projected to be raised from a similar provision included in the Build Back Better Act at the end of 2021.

Partnership Issues and Other Guidance Needs

Significant guidance from the IRS and Treasury will be necessary to administer the tax law changes included in the Act, in particular with respect to partnerships. For example, the new 15-percent corporate alternative minimum tax requires a determination of an applicable corporation’s “distributive share” of a partnership’s “adjusted financial statement income” without providing guidance as to how that “share” is to be determined. In addition, the excise tax on corporate stock buybacks applies to stock acquired by a partnership that is majority-owned “directly or indirectly” by the corporation, but the statutory provision itself does not include any further rules for determining such ownership. Further, the new tax credit transfer regime has a rule addressing a transfer of an eligible credit by a partnership, but no rules for the subsequent treatment of an eligible credit transferred to a partnership.

_________________________

[1] The intended interaction of these rules with the “May Company” regulations of Treas. Reg. § 1.337(d)-3 is not entirely clear.

[2] In connection with this amendment, the disallowance of excess of business losses by noncorporate taxpayers under section 461(l) was ultimately extended for two years (through 2028).

This alert was prepared by Josiah J. Bethards, Michael Q. Cannon, Michael J. Desmond, Matthew J. Donnelly, Pamela Lawrence Endreny, Bree Gong, Brian Hamano, Roscoe Jones Jr., Jamie Lassiter, and Eric B. Sloan.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Tax, Global Tax Controversy and Litigation, or Public Policy practice groups:

Tax Group:
Dora Arash – Los Angeles (+1 213-229-7134, [email protected])
Sandy Bhogal – London (+44 (0) 20 7071 4266, [email protected])
Michael Q. Cannon – Dallas (+1 214-698-3232, [email protected])
Hanna Chalhoub – Dubai (+971 (0) 4 318 4634, [email protected])
Michael J. Desmond – Los Angeles/Washington, D.C. (+1 213-229-7531, [email protected])
Anne Devereaux* – Los Angeles (+1 213-229-7616, [email protected])
Matt Donnelly – Washington, D.C. (+1 202-887-3567, [email protected])
Pamela Lawrence Endreny – New York (+1 212-351-2474, [email protected])
Benjamin Fryer – London (+44 (0) 20 7071 4232, [email protected])
Brian R. Hamano – Los Angeles (+1 310-551-8805, [email protected])
Kathryn A. Kelly – New York (+1 212-351-3876, [email protected])
Brian W. Kniesly – New York (+1 212-351-2379, [email protected])
Loren Lembo – New York (+1 212-351-3986, [email protected])
Jennifer Sabin – New York (+1 212-351-5208, [email protected])
Eric B. Sloan – Co-Chair, New York (+1 212-351-2340, [email protected])
Jeffrey M. Trinklein – London/New York (+44 (0) 20 7071 4224 /+1 212-351-2344), [email protected])
John-Paul Vojtisek – New York (+1 212-351-2320, [email protected])
Edward S. Wei – New York (+1 212-351-3925, [email protected])
Lorna Wilson – Los Angeles (+1 213-229-7547, [email protected])
Daniel A. Zygielbaum – Washington, D.C. (+1 202-887-3768, [email protected])

Global Tax Controversy and Litigation Group:
Michael J. Desmond – Co-Chair, Los Angeles/Washington, D.C. (+1 213-229-7531, [email protected])
Saul Mezei – Washington, D.C. (+1 202-955-8693, [email protected])
Sanford W. Stark – Co-Chair, Washington, D.C. (+1 202-887-3650, [email protected])
C. Terrell Ussing – Washington, D.C. (+1 202-887-3612, [email protected])

Public Policy Group:
Michael D. Bopp – Co-Chair, Washington, D.C. (+1 202-955-8256, [email protected])
Roscoe Jones, Jr. – Co-Chair, Washington, D.C. (+1 202-887-3530, [email protected])

* Anne Devereaux is an of counsel working in the firm’s Los Angeles office who is admitted only in Washington, D.C.; Bree Gong is an associate working in the firm’s Palo Alto office who is admitted only in New York; and Jamie Lassiter is an associate working in the firm’s Los Angeles office who is admitted only in New York and Texas.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

The second quarter of 2022 saw U.S. federal lawmakers and agencies focus on draft legislation and guidance aimed at closing the gap to the EU with respect to addressing risks in the development and use of AI systems, in particular risks related to algorithmic bias and discrimination. The American Data Privacy and Protection Act (“ADPPA”), the bipartisan federal privacy bill introduced to the U.S. House in June 2022, marks a major step towards a comprehensive national privacy framework, and companies should take particular note of its inclusion of mandated algorithmic impact assessments. Meanwhile, the E.U.’s regulatory scheme for AI continues to wind its way through the EU legislative process. Though it is unlikely to become binding law until late 2023 at the earliest, the EU policy landscape remains dynamic.

Our 2Q22 Artificial Intelligence and Automated Systems Legal Update focuses on these key efforts, and also examines other policy developments within the U.S. and EU that may be of interest to domestic and international companies alike.

I. U.S. ENFORCEMENT, REGULATORY & POLICY DEVELOPMENTS

A. U.S. National AI Strategy

1. U.S. Department of Commerce: U.S. Department of Commerce Appoints 27

Members to National AI Advisory Committee

On April 14, 2022, the U.S. Department of Commerce announced the appointment of 27 experts to the National Artificial Intelligence Advisory Committee (“NAIAC”), which will advise the President and the National AI Initiative Office on a range of issues related to AI.[1] The appointments are the first for the recently established committee, created in response to the National AI Initiative Act of 2020. The initiative directs the NAIAC to provide recommendations on topics like the current state of U.S. AI competitiveness, the state of science around AI, and AI workforce issues. The committee also is responsible for advice regarding the management and coordination of the initiative itself, including its balance of activities and funding.

2. NIST AI Risk Management Framework

As noted in our 1Q22 Legal Update,[2] in March 2022, the National Institute of Standards and Technology (“NIST”) released for public comment an initial draft of its AI Risk Management Framework (“AI RMF”), which provides guidance for managing risks in the design, development, use, and evaluation of AI systems. NIST separately released a document titled, “Towards a Standard for Identifying and Managing Bias within Artificial Intelligence,” which aims to provide guidance for mitigating harmful bias in AI systems.

Subsequently, on March 29-31, 2022, NIST held its second broad stakeholder workshop on its draft AI RMF titled, “Building the NIST AI Risk Management Framework: Workshop #2.”[3] The workshop extensively discussed the AI RMF as well as international trends and standards and mitigating harmful AI bias. NIST is seeking stakeholder feedback on the draft framework as part of a process over the next year to release a full version 1.0 of the AI RMF, which NIST intends to be a critical tool for organizations to identify and manage risks related to AI, including in areas like potential bias. We stand ready to assist clients who wish to participate in this process.

B. Algorithmic Accountability and Consumer Protection

1. FTC

The Federal Trade Commission (“FTC”) continues to position itself as a key regulator of AI technology. In December 2020, as part of the 2021 Appropriations Act, Congress tasked the FTC with conducting a study and reporting on whether and how AI could be used to identify, remove, or take other appropriate action to address a variety of online harms (scams, deepfakes, child sexual abuse, terrorism, hate crimes and harassment, election-related disinformation, and the traffic in illegal drugs and counterfeit goods). Congress also required the FTC to recommend reasonable policies and procedures for using AI to combat these online harms, and any legislation to “advance the adoption and use of [AI]” for these purposes.

In its June 16, 2022 report,[4] the FTC advised that, while AI can be used as a tool to detect and remove harmful material online, there are significant risks associated with its use. In particular, the FTC cautioned that because AI systems rely on algorithms and inputs created by humans, and often have built-in motivations geared more towards consumer engagement rather than content moderation, even supposedly neutral systems can disproportionately harm minorities while threatening privacy and free speech. Additionally, the FTC stated that while many companies currently use AI tools to moderate content, they “share little information about how these systems work, or how useful they are in actually combating harmful content.”[5] The FTC therefore advised that there needs to be more transparency before the government can understand how AI tools work in the real world. Although the Commission acknowledged that major tech platforms and others are already using AI tools to address online harms, the report’s final recommendation is that Congress should avoid laws that would mandate or overly rely on the use of AI to combat online harms and instead conduct additional investigation into other tools that might also be helpful in moderating online content. In his dissenting statement, Commissioner Phillips noted that the report “has no information gleaned directly from individuals and companies actually using AI to try to identify and remove harmful online content, precisely what Congress asked us to evaluate.”[6]

Further, on June 22, 2022, Senators Ed Markey (D-MA), Elizabeth Warren (D-MA), Brian Schatz (D-HI), Cory Booker (D-NJ), Ron Wyden (D-OR), Tina Smith (D-MN), and Bernie Sanders (VT) sent a letter to FTC chair Lina Khan urging the FTC to “build on its guidance regarding biased algorithms and use its full enforcement and rulemaking authority to stop damaging practices involving online data and artificial intelligence.”[7] The letter cites the National Institute of Standards and Technology’s study that Black and Asian individuals “were up to 100 times more likely to be misidentified” by biometric surveillance tools than white individuals, and asks the FTC to use its authority to combat “invasive and discriminatory biometric surveillance tools,” including facial recognition tools.

a) Digital Platform Commission Act of 2022 (S. 4201)

On May 12, 2022, Senator Michael Bennet (D-CO) introduced the Digital Platform Commission Act of 2022 (S. 4201), which would empower a new federal agency, the Federal Digital Platform Commission, to promulgate rules, impose civil penalties, hold hearings, conduct investigations, and support research with respect to online platforms that facilitate interactions between consumers, as well as between consumers and entities offering goods and services.[8] The Commission would have a broad mandate to promote the public interest, with specific directives to protect consumers, promote competition, and assure the fairness and safety of algorithms on digital platforms, among other areas. Regulations contemplated by the bill include requirements that algorithms used by online platforms “[be] fair, transparent, and without harmful, abusive, anticompetitive, or deceptive bias.” The bill has been referred to the Committee on Commerce, Science, and Transportation.

b) Health Equity and Accountability Act of 2022 (H.R. 7585)

Introduced in the House on April 26, 2022, the Health Equity and Accountability Act of 2022 (H.R. 7585) aims to address algorithmic bias in the context of healthcare.[9] The Bill would require the Secretary of Health and Human Services to establish a “Task Force on Preventing AI and Algorithmic Bias in Healthcare” to develop guidance “on how to ensure that the development and [use] of artificial intelligence and algorithmic technologies” in delivering care “does not exacerbate health disparities” and help ensure broader access to care. Additionally, the Task Force would be charged with identifying the risks posed by a healthcare system’s use of such technologies to individuals’ “civil rights, civil liberties, and discriminatory bias in health care access, quality, and outcomes.” The bill has been referred to the Committee on Energy and Commerce.

c) California Department of Insurance Issues Bulletin Addressing Racial Bias and Unfair Discrimination

On June 30, 2022, the California Department of Insurance issued a bulletin addressing racial bias and unfair discrimination in the context of consumer data.[10] The bulletin notes that insurance companies and other licensees “must avoid both conscious and unconscious bias or discrimination that can and often does result from the use of artificial intelligence, as well as other forms of ‘Big Data’ … when marketing, rating, underwriting, processing claims, or investigating suspected fraud.”[11] To that end, the Department now requires that insurers and licensees conduct their own due diligence to ensure full compliance with all applicable law “before utilizing any data collection method, fraud algorithm, rating/underwriting or marketing tool, insurers and licensees must conduct their own due diligence to ensure full compliance with all applicable laws.” In addition, insurers and licensees “must provide transparency to Californians by informing consumers of the specific reasons for any adverse underwriting decisions.”[12]

d) EEOC and DOJ Guidance on the Americans with Disabilities Act and the Use of AI to Assess Job Applicants and Employees

On May 12, 2022, more than six months after the Equal Employment Opportunity Commission (“EEOC”) announced its Initiative on Artificial Intelligence and Algorithmic Fairness,[13] the agency issued its first guidance regarding employers’ use of AI.[14] The EEOC’s non-binding, technical guidance provides suggested guardrails for employers for the use of AI technologies in their hiring and workforce management systems.

The EEOC’s guidance outlines best practices and key considerations that, in the EEOC’s view, help ensure that employment tools do not disadvantage applicants or employees with disabilities in violation of the Americans with Disabilities Act (“ADA”). The guidance provides three ways in which an employer’s tools could be found to violate the ADA: (1) by relying on the tool, the employer fails to provide a reasonable accommodation; (2) the tool screens out an individual with a disability that is able to perform the essential functions of the job with or without an accommodation; and (3) the tool makes a disability-related inquiry or otherwise constitutes a medical examination.

e) EEOC Brings Age Discrimination Action Against Tutoring Software Company

On May 5, 2022, the EEOC filed a complaint in the Eastern District of New York alleging that a software company providing online English-language tutoring to adults and children violated the Age Discrimination in Employment Act (“ADEA”) by denying employment as tutors to a class of plaintiffs because of their age.”[15] Specifically, the EEOC alleges that the company’s application software automatically denied older, qualified applicants by soliciting applicant birthdates and automatically rejecting female applicants age 55 or older and male applicants age 60 or older. The EEOC seeks a range of damages, including back wages, liquidated damages, a permanent injunction enjoining the challenged hiring practice, and the implementation of policies, practices, and programs providing equal employment opportunities for individuals 40 years of age and older.

C. Data Privacy

1. Legislation and Regulation

a) American Data Privacy and Protection Act (H.R. 8152)

On June 21, 2022, members of Congress introduced a bipartisan federal privacy bill, H.R. 8152, the American Data Privacy and Protection Act (“ADPPA”).^{^[16]} The ADPPA aims to create a national framework that would preempt many, but not all, state privacy laws. The bill passed the U.S. House Energy and Commerce Committee on July 20, but is now increasingly unlikely to be passed during this Congressional session.^{^[17]} While ADPPA shares similarities with current state privacy laws, companies should pay attention to several proposed requirements that are particularly relevant to AI technologies.

i. Overview of ADPPA

The ADPPA proposes broad limitations on the kind of data processing that covered entities are allowed to engage in, [18] and also requires companies to provide certain rights to consumers, including a right to notice, a right to ownership or control (a right to access data, correct data, or have data deleted), and a right to opt out or object.[19]

The bill defines “covered entities” as entities subject to the FTC Act, common carriers under federal law, or nonprofits, that “alone or jointly with others” determine the purposes and means of collecting, processing, and transferring covered data.[20] The ADPPA covers a wide variety of personal data, including any data “linked” or “linkable” to an individual or a device, which is similar to the EU’s General Data Protection Regulation (“GDPR”) as well as state privacy laws such as the California Consumer Privacy Act (“CCPA”) or the Virginia Consumer Data Protection Act (“VCDPA”). “Covered data” under the ADPPA includes data that is linkable to a device, not just an individual. Additionally, the definition of “biometric information” does not include photographs or recordings, but does include fingerprints, voice prints, iris or retina scans, “facial mapping or hand mapping,” and gait. De-identified data, employee data, and publicly available information are among the enumerated exemptions.[21]

ii. Algorithmic Assessments

The bill contains new AI assessment obligations that would directly impact companies developing AI technologies. ADPPA would require covered entities and service providers that knowingly develop an algorithm to collect, process, or transfer covered data to produce an algorithm design evaluation (including training data), which must specifically consider any data used to develop the algorithm to reduce the risk of potential harms.[22]

Large data holders must conduct an additional annual impact assessment of any algorithm that is used to collect, process, or transfer covered data, and may cause potential harm to an individual. The assessments must describe the algorithm’s design process, purpose, foreseeable uses, data inputs and the outputs the algorithms generate, as well as steps taken to mitigate potential harms.[23] In particular, harms related to the following areas must be addressed: (1) individuals under the age of 17; (2) advertising for housing, education, employment, healthcare, insurance, or credit opportunities; (3) access to, or restrictions on the use of, a place of public accommodation; or (4) a disparate impact on the basis of protected characteristics.[24] Entities must use an external, independent researcher or auditor to the extent possible and both design evaluations and impact assessments must be submitted to the FTC within 30 days of completion.

Mirroring the risk-based approach adopted by the EU’s draft AI Act, the ADPPA contemplates that the FTC will promulgate regulations that would allow entities to exclude from their design evaluations and impact assessments any algorithms that present low or minimal risk for the enumerated harms.[25]

b) CPRA Draft Regulations

The California Privacy Protection Agency (“CPPA”) released its CPRA draft regulations on May 27, 2022.^{^[26]} The regulations were intended to be finalized by July 1, 2022, but public participation in the rulemaking process is still ongoing, with additional public hearings now scheduled for August 24 and 25, 2022.

In August 2020, the California Attorney General released the final regulations for the CCPA, the comprehensive state privacy law that will be replaced by the CPRA in January 2023. The May 2022 draft CPRA regulations redline the August 2020 CCPA regulations and mostly focus on the CPRA’s changes to the preexisting CCPA concepts. Key regulations addressed by this initial draft include those relating to dark patterns, expanded rules for service providers, third-party contracts, third-party notifications, requests to correct, opt-out preference signals, data minimization, privacy policy rules, revised definitions, and enforcement considerations.

One of the most conspicuous omissions concerns the lack of parameters for automated decision-making. The CPRA defines “profiling” as “any form of automated processing of personal information, as further defined by regulations pursuant to paragraph (16) of subdivision (a) of Section 1798.185 [of the CCPA], to evaluate certain personal aspects relating to a natural person and in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements,” leaving the contours relatively amorphous in scope.^{^[27]} Contrary to the scope defined by other comprehensive state privacy laws and GDPR, commenters have pointed out that the CPRA’s language casts an incredibly wide net that could be argued to cover everything from invasive facial recognition in public places to routine automated processes like calculators and spellcheckers that may process personal information. As expressed in many CPPA public record comments, numerous stakeholders hoped the initial set of regulations would at least clarify this definition, for example, by limiting it to automated technologies that could create a material impact on a person, similar to the GDPR.^{^[28]}

2. Cases

On April 18, 2022, the Ninth Circuit reaffirmed that scraping data in bulk from public websites, like LinkedIn profiles, likely does not breach the federal Computer Fraud and Abuse Act (“CFAA”).^{^[29]} In coming to its conclusion, the Ninth Circuit relied on 2021 U.S. Supreme Court precedent, Van Buren v. United States,^{^[30]} which narrowed what constitutes a CFAA violation to include only situations in which there is unauthorized access to a computer system—in other words where authorization is required and has not been given. The Ninth Circuit found that because there are no rules or access permissions to prevent access on a publicly available website, accessing that publicly available data cannot violate the CFAA.

a) Illinois’ Biometric Information Privacy Act (“BIPA”)

In the second quarter of 2022, we again observed a stream of lawsuits alleging claims under state biometrics laws, in particular, claims relating to the use of facial recognition technology under BIPA. Some notable developments:

The Northern District of Illinois determined that BIPA does not exclude photograph-derived facial information from its scope.^{^[31]} In Sosa et al. v. Onfido Inc., plaintiffs alleged that a biometric software company violated BIPA through software that scans uploaded photographs, extracts biometric identifiers, and determines if those photographs match uploaded identification cards. While the scans were of photographs, the court found that scanning face geography on photographs was effectively obtaining biometric identifiers because nothing in BIPA specifies that the scan must be “in person.”

Several technology companies settled BIPA lawsuits relating to the use of facial recognition software. On May 11, 2022, Clearview AI, Inc. settled a BIPA lawsuit filed in 2020 by the ACLU.^{^[32]} Under the settlement agreement, Clearview agreed to not sell its software to most private companies or individuals in the U.S.—a decision that will largely restrict its use in the U.S. to law-enforcement agencies. On May 25, 2022, seven plaintiffs in the consolidated class action filed against the insurance technology company, Lemonade Inc., were granted preliminary approval of a $4 million settlement. The lawsuit alleged that the company collected users’ facial data between June 2019 and May 2021 without first obtaining written consent or making mandatory disclosures required by BIPA.^{^[33]} As part of the settlement, Lemonade agreed to delete previously collected biometric data.

II. EU ENFORCEMENT, REGULATORY & POLICY DEVELOPMENTS

1. Digital Services Act

In July 2022, the new Digital Services Act (“DSA”), which would require major marketplace and social media platforms to provide insight into their algorithms to the government and to provide users with avenues to remove abusive content and disinformation, was adopted in the first reading by the European Parliament. The DSA must now go through the final stages of adoption before being finalized with an effective date of January 2024 at the earliest.[34] The DSA will impose different obligations on four categories of online intermediaries. The most stringent requirements apply to platforms and search engines with at least 45 million monthly active users in the EU – whether they are established inside or outside the EU – and require them to conduct risk assessments and independent audits, adopt certain crisis response mechanisms and heightened transparency requirements, provide access, upon request, to data for monitoring and assessing compliance, and establish a dedicated DSA compliance function. Accordingly, the DSA – which will be directly applicable in all 27 EU member states – will bring with it significant compliance obligations for large online businesses as well as increased accountability to relevant authorities.

2. The EU Parliament Adopts Special Report on AI

The European Parliament adopted a special report on AI, which sets out a list of demands to secure the EU’s position in AI, and points to research as one of the key means to achieving that goal.[35] The report was developed by the Parliament’s special committee on AI and will underpin work on the upcoming AI Act. The European Parliament’s aim is to support AI research in the EU by increasing public and private investment to €20 billion by 2030. Policymakers believe that “with clear regulations and an investment push,” the EU can catch up with the U.S. and China in terms of AI investment, technology development, research, and attracting talent.

_______________________________

[1] U.S. Dep’t of Commerce, Press Release, U.S. Department of Commerce Appoints 27 Members to National AI Advisory Committee (Apr. 14, 2022), available at https://www.commerce.gov/news/press-releases/2022/04/us-department-commerce-appoints-27-members-national-ai-advisory.

[2] Artificial Intelligence and Automated Systems Legal Update (1Q22), available at https://www.gibsondunn.com/artificial-intelligence-and-automated-systems-legal-update-1q22/.

[3] NIST, Building the NIST AI Risk Management Framework: Workshop #2 (Apr. 19, 2022), available at https://www.nist.gov/news-events/events/2022/03/building-nist-ai-risk-management-framework-workshop-2.

[4] Fed. Trade Comm’n, FTC Report Warns About Using Artificial Intelligence to Combat Online Problems (June 16, 2022), available at https://www.ftc.gov/news-events/news/press-releases/2022/06/ftc-report-warns-about-using-artificial-intelligence-combat-online-problems.

[5] Id.

[6] Fed. Trade Comm’n, Dissenting Statement of Commissioner Noah Joshua Phillips Regarding the Combatting Online Harms Through Innovation Report to Congress (June 16, 2022), available at https://www.ftc.gov/system/files/ftc_gov/pdf/Commissioner%20Phillips%20Dissent%20to%20AI%20Report%20%28FINAL%206.16.22%20noon%29_0.pdf.

[7] Letter to Hon. Lina Khan, Chair FTC (June 22, 2022), available at https://www.politico.com/f/?id=00000181-8b25-d86b-afc1-8b2d11e00000.

[8] S. 4201, 117^th Cong. (2021-2022); see also Press Release, Bennet Introduces Landmark Legislation to Establish Federal Commission to Oversee Digital Platforms (May 12, 2022), available at https://www.bennet.senate.gov/public/index.cfm/2022/5/bennet-introduces-landmark-legislation-to-establish-federal-commission-to-oversee-digital-platforms.

[9] H.R. 7585, 117^th Cong. (2021-2022).

[10] Cal. Ins. Comm’r, Bulletin 2022-5 (June 30, 2022), available at https://www.insurance.ca.gov/0250-insurers/0300-insurers/0200-bulletins/bulletin-notices-commiss-opinion/upload/BULLETIN-2022-5-Allegations-of-Racial-Bias-and-Unfair-Discrimination-in-Marketing-Rating-Underwriting-and-Claims-Practices-by-the-Insurance-Industry.pdf.

[11] Id.

[12] Id.

[13] EEOC, EEOC Launches Initiative on Artificial Intelligence and Algorithmic Fairness (Oct. 28, 2021), available at https://www.eeoc.gov/newsroom/eeoc-launches-initiative-artificial-intelligence-and-algorithmic-fairness.

[14] EEOC, The Americans with Disabilities Act and the Use of Software, Algorithms, and Artificial Intelligence to Assess Job Applicants and Employees (May 12, 2022), available at https://www.eeoc.gov/laws/guidance/americans-disabilities-act-and-use-software-algorithms-and-artificial-intelligence?utm_content=&utm_medium=email&utm_name=&utm_source=govdelivery&utm_term.

[15] EEOC v. iTutorGroup, Inc., No. 1:22-cv-02565 (E.D.N.Y. May 5, 2022).

[16] American Data Privacy and Protection Act, H.R. 8152, 117th Cong. (2022).

[17] The full text of the proposed statute is available here.

[18] Specifically, the legislation limits covered entities to collecting, processing, or transferring data based on what is “reasonably necessary and proportionate” to (1) provide or maintain a specific product or service requested by the individual to whom the data pertains, (2) deliver a communication that is reasonably anticipated by the individual recipient in the context of the individual recipient’s interactions with the covered entity, or (3) for one of the “permissible purposes” enumerated in the bill’s text. The bill would further prohibit the collection and processing of sensitive data “except where such collection or processing is strictly necessary to provide or maintain a specific product or service requested by an individual to whom the covered data pertains” or to effectuate one of the permitted purposes.

[19] The ADPPA would also impose requirements on relationships between covered entities and services providers and third parties, including requirements for contractual terms, and requires covered entities to implement certain accountability measures, like the appointment of data privacy and security officers.

[20] ADPPA § 2(9).

[21] ADPPA § 2(8).

[22] ADPPA § 207(c)(2).

[23] ADPPA § 207(c)(1).

[24] ADPPA § 207(c)(1)(B)(vi)(I)–(IV).

[25] ADPPA § 207(c)(5)(B).

[26] The full text of the proposed regulations is available here.

[27] Cal. Civ. Code § 1798.140(z) (emphasis added).

[28] The GDPR uses an impact to risk–based approach—only governing processing “which produces legal effects concerning him or her or similarly significantly affects him or her.” GDPR at Art. 22(1) (emphasis added). For example, this may include loan or employment applications.

[29] hiQ Labs Inc. v. LinkedIn Corp., No. 17-16783 (9th Cir. 2022).

[30] 141 S. Ct. 1648 (2021).

[31] Sosa et al. v. Onfido Inc., No. 20-cv-4247 (N.D. Ill. 2022).

[32] ACLU v. Clearview AI, Inc., 2020 CH 04353 (Cir. Ct. Cook Cty., Ill. 2022).

[33] Prudent v. Lemonade Inc. et al., 1:21-cv-07070 (S.D.N.Y. 2022).

[34] European Commission, The Digital Services Act package, available at https://digital-strategy.ec.europa.eu/en/policies/digital-services-act-package.

[35] European Parliament, Report – A9-0088/2022, REPORT on artificial intelligence in a digital age (Apr. 5, 2022), available at https://www.europarl.europa.eu/doceo/document/A-9-2022-0088_EN.html; see further Goda Naujokaityte, Parliament gives EU a push to move faster on artificial intelligence, Science Business (May 5, 2022), available at https://sciencebusiness.net/news/parliament-gives-eu-push-move-faster-artificial-intelligence.

The following Gibson Dunn lawyers prepared this client update: H. Mark Lyon, Frances Waldmann, Emily Lamm, and Samantha Abrams-Widdicombe.

H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Frances A. Waldmann – Los Angeles (+1 213-229-7914,[email protected])

Please also feel free to contact any of the following practice leaders and members:

Artificial Intelligence and Automated Systems Group:

J. Alan Bannister – New York (+1 212-351-2310, [email protected])
Patrick Doris – London (+44 (0)20 7071 4276, [email protected])
Cassandra L. Gaedt-Sheckter – Co-Chair, Palo Alto (+1 650-849-5203, [email protected])
Kai Gesing – Munich (+49 89 189 33 180, [email protected])
Ari Lanin – Los Angeles (+1 310-552-8581, [email protected])
Carrie M. LeRoy – Palo Alto (+1 650-849-5337, [email protected])
H. Mark Lyon – Co-Chair, Palo Alto (+1 650-849-5307, [email protected])
Vivek Mohan – Co-Chair, Palo Alto (+1 650-849-5345, [email protected])
Alexander H. Southwell – New York (+1 212-351-3981, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Michael Walther – Munich (+49 89 189 33 180, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

This Client Alert provides an update on shareholder activism activity involving NYSE- and Nasdaq-listed companies with equity market capitalizations in excess of $1 billion and below $100 billion (as of the last date of trading in 2021) during 2021.

Announced shareholder activist activity increased relative to 2020. The number of public activist actions (76 vs. 63), activist investors taking actions (48 vs. 41), and companies targeted by such actions (69 vs. 55) each increased. Such levels of activism are comparable to those found prior to the market disruption caused by the COVID-19 pandemic, as reflected in public activist actions in 2019 (76 vs. 75), activist investors taking actions (48 vs. 49), and companies targeted by such actions (69 vs. 64). The period spanning January 1, 2021 to December 31, 2021 also saw several campaigns by multiple activists targeting a single company, such as the campaigns involving Kohl’s Corporation that included activity by 4010 Partners, Macellum Advisors, Ancora Advisors and Legion Partners Asset Management; Adtalem Global Education that included activity by Engine Capital and Hawk Ridge Capital; and Bottomline Technologies that included activity by Clearfield Capital Management and Sachem Head Capital Management. In addition, certain activists launched multiple campaigns during 2021, including Carl Icahn, Elliott Investment Management, JANA Partners, Land & Buildings and Starboard Value. Indeed, each of these investors launched four or more campaigns in 2021 and collectively accounted for 20 out of the 76 activist actions reviewed, or 26% in total. Proxy solicitation occurred in 18% of campaigns in 2021, relative to 17% in 2020. These figures represent modest declines relative to 2019, in which proxy materials were filed in approximately 30% of activist campaigns for the entire year.

By the Numbers—2021 Public Activism Trends

*Study covers selected activist campaigns involving NYSE- and Nasdaq-traded companies with equity market capitalizations of greater than $1 billion as of December 31, 2021 (unless company is no longer listed).

Additional statistical analyses may be found in the complete Activism Update linked below.

Notwithstanding the increase in activism levels, the rationales for activist campaigns during 2021 were generally consistent with those undertaken in 2020. Over both periods, board composition and business strategy represented leading rationales animating shareholder activism campaigns, representing 58% of rationales in 2021 and 51% of rationales in 2020. M&A (which includes advocacy for or against spin-offs, acquisitions and sales) remained important as well; the frequency with which M&A animated activist campaigns was 19% in both 2021 and 2020. At the opposite end of the spectrum, management changes, return of capital and control remained the most infrequently cited rationales for activist campaigns, as was also the case in 2020. (Note that the above-referenced percentages total over 100%, as certain activist campaigns had multiple rationales.)

Seventeen settlement agreements pertaining to shareholder activism activity were filed during 2021, which is consistent with pre-pandemic levels of similar activity (22 agreements filed in 2019 and 30 agreements filed in 2018, as compared to eight agreements filed in 2020). Those settlement agreements that were filed had many of the same features noted in prior reviews, including voting agreements and standstill periods as well as non-disparagement covenants and minimum- and/or maximum-share ownership covenants. Expense reimbursement provisions were included in half of those agreements reviewed, which is consistent with historical trends. We delve further into the data and the details in the latter half of this Client Alert.

We hope you find Gibson Dunn’s 2021 Annual Activism Update informative. If you have any questions, please reach out to a member of your Gibson Dunn team.

Read More

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this publication. For further information, please contact the Gibson Dunn lawyer with whom you usually work, or any of the following practice leaders, members, or authors:

Barbara L. Becker (+1 212.351.4062, [email protected])
Dennis J. Friedman (+1 212.351.3900, [email protected])
Richard J. Birns (+1 212.351.4032, [email protected])
Andrew Kaplan (+1 212.351.4064, [email protected])
Daniel S. Alterbaum (+1 212.351.4084, [email protected])
Joey Herman (+1 212.351.2402, [email protected])

Mergers and Acquisitions Group:
Robert B. Little – Dallas (+1 214-698-3260, [email protected])
Saee Muzumdar – New York (+1 212-351-3966, [email protected])

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
James J. Moloney – Orange County, CA (+1 949.451.4343, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Lori Zyskowski – New York (+1 212.351.2309, [email protected])

© 2022 Gibson, Dunn & Crutcher LLP

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On July 29, 2022, the New York Department of Financial Services (“DFS”) released Draft Amendments to its Part 500 Cybersecurity Rules; the Draft Amendments would update the Cybersecurity Rules in a manner consistent with the “catalytic” role it took in 2017 as the first state to codify certain cybersecurity best practices and guidance into explicit regulatory requirements for covered entities. The cybersecurity landscape has evolved in the past five years, and the Draft Amendments demonstrate that DFS continues to take a forward-leaning role in strengthening cybersecurity practices. The Draft Amendments propose increased expectations for senior leaders, heightened technology requirements, an expanded set of events covered under the mandatory 72-hour notification requirements, a new 24-hour reporting requirement for ransom payments and a 30-day submission of defenses, significant new requirements for business continuity and disaster recovery, and heightened annual certification and assessment requirements. Notably, the amended regulations propose a new class comprising larger entities which will be subject to increased obligations for their cybersecurity programs. Even the definition of a cybersecurity program has been expanded to include coverage of nonpublic information stored on those information systems—a substantial increase in covered information that will have significant downstream effects on reporting and certification requirements. The cybersecurity regulations by DFS were first released in March 2017 and went into full effect in March 2019, as previewed in our prior alert and subsequently discussed in our agency round-ups (2020 & 2021).

Key provisions of the Draft Amendments are highlighted below.

More Stringent Notification Obligations

The Draft Amendments establish additional requirements on top of DFS’s existing 72-hour notification requirements, including:

Requiring notification to DFS within 72 hours of unauthorized access to privileged accounts or the deployment of ransomware within a material part of the company’s information systems. These are in addition to the existing requirements to notify DFS within 72 hours of any cybersecurity events that require notice to a supervisory body or that have a reasonable likelihood of materially harming a material part of the company’s normal operations. Notably, these newly proposed requirements would significantly lower the notification threshold, as they could be triggered before any sign of actual data compromise or exfiltration.
A new 24-hour notification obligation in the event a ransom payment is made, and a 30-day requirement to provide a written description of why the payment was necessary, alternatives to payment that were considered, and all sanctions diligence conducted.

Heightened Requirements for Larger “Class A” Companies

Adhering to the mantra “with great data comes great responsibility,” the Draft Amendments also increase cybersecurity obligations for a newly defined class of larger entities, which are under DFS’s authority. These “Class A” companies are defined as entities with over 2,000 employees or over $1 billion in gross annual revenue average over the last three years from all business operations of the company and its affiliates. Under the Draft Amendments, Class A companies are required to comply with heightened technical requirements as well as risk assessments and audits. They must:

Conduct weekly systematic scans or reviews reasonably designed to identify publicly known cybersecurity vulnerabilities, and document and report any material gaps in testing to the board and senior management;
Implement an endpoint detection and response solution to monitor anomalous activity and a solution that centralizes logging and security event alerting;
Monitor access activity and implement a password vaulting solution for privileged accounts and an automated method of blocking commonly used passwords;
Conduct an annual, independent audit of their cybersecurity programs; and
Use external experts to conduct a risk assessment at least once every three years.

Increased Obligations on Company Governing Bodies

The original Part 500 regulations imposed a number of new obligations on companies’ governing bodies, including the need for a chief information security officer (“CISO”) or equivalent personnel, detailed cybersecurity reporting to the board, and written policies approved by a senior officer. The Draft Amendments enhance in a very meaningful way many of the Part 500 governance requirements, further indicating how important DFS views strong governance in the quest for effective cybersecurity. The Draft Amendments include obligations:

To ensure the boards of covered entities have sufficient expertise and knowledge, or be advised by persons with sufficient expertise and knowledge, to exercise effective oversight of cyber risk;
To provide the CISO with adequate independence and authority to appropriately manage cyber risks;
That the CISO will provide the board with additional detailed annual reporting on plans for remediating issues and material cybersecurity issues or events;
That the CISO will annually review the feasibility of encryption and the effectiveness of any compensating controls for any unencrypted nonpublic information;
That covered entities’ cybersecurity policies must be approved by the board on an annual basis; and
That add significantly to the annual certification requirements, requiring covered entities to not only certify to their compliance or acknowledge any noncompliance, but also provide sufficient data and documentation to accurately determine and demonstrate compliance, and have such certification or acknowledgment of noncompliance be signed by both the CEO and the CISO.

The Draft Amendments also provide an option for covered entities to submit written acknowledgement that, for the prior calendar year, they did not fully comply with their cybersecurity obligations. Covered entities who submit this acknowledgment will be required to identify all the provisions of the compliance rules that were not followed, describe the nature and extent of the noncompliance, and identify all the areas, systems, and processes that require material improvement, updating, or redesign.

These additional reporting requirements are substantial, and would greatly increase the burden on CEOs, CISOs, and other personnel involved in the preparation of these annual certifications or acknowledgements.

Expanded Requirements for Operational Resilience and Incident Response

The Draft Amendments expand measures directed at “operational resilience” beyond incident response plans, requiring covered entities to also have written plans for business continuity and disaster recovery (“BCDR”). Notably, the original Part 500 cybersecurity regulations were the first of its kind to stipulate detailed requirements for cybersecurity incident response plans. Again, DFS is breaking similar ground with BCDR plans, requiring proactive measures to mitigate disruptive events by, at a minimum:

Identifying business components essential to continued operations (documents, data, facilities, personnel, and competencies) and personnel responsible for implementation of the BCDR plans;
Preparing communications plans to ensure continuity of communications with various stakeholders (leadership, employees, third parties, regulatory authorities, others essential to continuity);
Maintaining procedures for the back-up of infrastructure and data; and
Identifying third parties necessary to continued operations.

Furthermore, DFS has proposed a significant revision to its requirements for incident response plans, requiring that they differentiate based on incident type (e.g., ransomware), while continuing to require that such plans address the previously enumerated areas (e.g., internal response processes; incident response plan goals; definitions of clear roles, responsibilities and levels of decision-making authority; communications and information sharing; identification of remediation requirements; documentation and reporting, etc.) as well as the newly added requirement to address recovery from backups.

Under the Draft Amendments, relevant personnel must receive copies of the incident response plan and BCDR plan, copies must be maintained offsite, and all personnel involved in implementation of the plans must receive appropriate training. In addition, covered entities are required to conduct incident response and BCDR exercises.

Enhanced Technology and Policy Requirements

The Draft Amendments strengthen technical requirements and written policy requirements for covered entities, codifying certain best practices in key cyber risk areas. The Draft Amendments specifically:

Clarify the definition of “privileged accounts” as covering any account that can be used to perform security-relevant functions that ordinary users are not authorized to perform, or affect a material change to technical or business operations. Under the proposals, privileged accounts must:
- Have multi-factor authentication (with exceptions for certain service accounts); and
- Be limited in both number and access functions to only those necessary to perform the user’s job;
- Be limited in use to only when performing functions requiring their use of such access;
Require stricter access management, including periodic review of all user access privileges and removal of accounts and access that are no longer necessary, as well as disabling or securely configuring all protocols that permit remote control of devices;
Require that emails are monitored and filtered to block malicious content from reaching authorized users;
Mandate penetration testing be conducted by an independent party at least annually, and also adjust the required frequency of vulnerability assessments from bi-annually to “regular[ly],” with Class A companies conducting weekly scans as noted above;
Require the use of strong, unique passwords—and Class A companies have additional requirements, as discussed above, relating to passwords and monitoring of access activity;
Require multi-factor authentication for remote access to the network and enterprise and third-party applications that access nonpublic information; and
Mandate that covered entities must maintain backups isolated from network connections.

The Draft Amendments also contain new measures for asset inventory and management, which may cost companies significant time and resources to implement. These measures require all covered entities to:

Implement written policies and procedures to ensure a complete and documented asset inventory for all information systems and their components (e.g., hardware, operating systems, applications, infrastructure devices, APIs, and cloud services); and
Have asset inventory that must, at a minimum, track each asset’s key information (e.g., owner, location, classification or sensitivity, support expiration date, and recovery time requirements).

The Draft Amendments further require additional written cybersecurity policies to include procedures for end of life management, remote access, and vulnerability and patch management. Notably, despite the prominence of recent supply chain cybersecurity attacks, there are not substantive changes to the Part 500 requirements relating to third-party service providers.

Increased Requirements for Risk Assessments, Impact Assessments

The Draft Amendments further expand the requirements for and definition of “risk assessment” to make clear that they must be:

Tailored to consider the “specific circumstances” of the covered entity, including size, staffing, governance, businesses, services, products, operations, customers, counterparties, service providers, vendors, other relations and their locations, as well as the geographies and locations of its operations and business relations; and
Updated at least annually.

While DFS has not changed the core cybersecurity functions that must be covered by the risk assessment per se, covered entities will need to ensure that it covers the broadened scope of “cybersecurity program” under the Draft Amendments (nonpublic information stored on the covered entity’s information systems). Furthermore, another substantial proposal is the requirement that covered entities must conduct impact assessments whenever a change in the business or technology causes a material change to the covered entity’s cyber risk.

Clarified Enforcement Considerations

Finally, the Draft Amendments contain two significant clarifications regarding the enforcement of the Part 500 Cybersecurity Rules:

A violation occurs by committing any act prohibited by the regulations or failing to satisfy a required obligation. This includes the failure to comply for more than 24 hours with any part of the regulations or the failure to prevent unauthorized access to nonpublic information due to noncompliance with the regulations.
DFS may consider certain aggravating and mitigating factors when assessing the severity of penalties, including: cooperation, good faith, intentionality, prior violations, number or pattern of violations, gravity of violation, provision of false or misleading information, harm to customers, accuracy and timeliness of customer disclosures, participation of senior management, penalties by other regulators, and business size.

Next Steps

This report is not an exhaustive list of the changes contained in the Draft Amendments, but it provides a high-level overview of the impact of the Draft Amendments on the Part 500 Cybersecurity Rules, should they be adopted. These recent Draft Amendments will go through a short pre-proposal comments period, which ends on August 18, 2022. After official publication of the proposed amendments, there will be a 60-day comment period. Pending further revisions, most of the amendments would take effect 180 days after adoption, while some requirements—i.e., notification requirements and changes to annual notice of certification—would take effect on an expedited timeframe of 30 days after adoption. Other requirements (e.g., regarding access controls) would take effect a year after adoption.

These amendments signal DFS’s continued focus on ensuring the Part 500 Cybersecurity Rules continue to raise the regulatory bar on covered entities’ cybersecurity programs in an era of a rapidly evolving cyber threat landscape. While many of the Draft Amendments reflect the current state of best practice guidance, covered entities will need to intentionally review the Draft Amendments and ensure they are well-positioned from a governance, technology, and budgetary perspective to ensure compliance.

This alert was prepared by Alexander H. Southwell, Stephenie Gosnell Handler, Terry Wong, and Dustin Stonecipher*.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity & Data Innovation practice group:

United States
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, [email protected])
David P. Burns – Washington, D.C. (+1 202-887-3786, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, [email protected])
Svetlana S. Gans – Washington, D.C. (+1 202-955-8657, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202-955-8510, [email protected])
Nicola T. Hanna – Los Angeles (+1 213-229-7269, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Robert K. Hur – Washington, D.C. (+1 202-887-3674, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Vivek Mohan – Palo Alto (+1 650-849-5345, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Ashley Rogers – Dallas (+1 214-698-3316, [email protected])
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])

Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0) 1 56 43 13 00, [email protected])
James A. Cox – London (+44 (0) 20 7071 4250, [email protected])
Patrick Doris – London (+44 (0) 20 7071 4276, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Bernard Grinspan – Paris (+33 (0) 1 56 43 13 00, [email protected])
Penny Madden – London (+44 (0) 20 7071 4226, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, [email protected])

Asia
Kelly Austin – Hong Kong (+852 2214 3788, [email protected])
Connell O’Neill – Hong Kong (+852 2214 3812, [email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])

* Dustin Stonecipher is an associate working in the firm’s Washington, D.C. office who is admitted only in Maryland.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Washington, D.C. partner Theodore Olson, along with Kenneth Mehlman, are the co-authors of “Congress Should Codify Same-Sex Marriage,” [PDF] published by The Wall Street Journal on July 26, 2022.

London partners Doug Watson and Patrick Doris and associate Ronit Wineman are the authors of the “United Kingdom” [PDF] chapter in the 2022 Appeals guide published by Lexology Getting the Deal Through.

Washington, D.C. partner Matthew McGill and Jay Newman are the authors of “Waiting for Superbond,” [PDF] published by the Financial Times on August 3, 2022.

On July 25, 2022, the U.S. Department of Justice (“DOJ”) entered into an $84.8 million settlement agreement[1] with several poultry processing companies over allegations that the poultry processors conspired with one another to share wage and benefits information through third-party data aggregation firms.[2] The companies entered the settlement without admitting any wrongdoing or liability. In addition to the $84.8 million restitution payment, the settlement agreement also imposed a court-appointed compliance monitor for ten years to ensure compliance with the proposed settlement decree.[3] Government enforcement actions based on information-sharing are rare,[4] and this settlement agreement includes important lessons for all companies that provide internal wage or benefits data to third parties, including consulting firms or trade groups that engage in other information sharing with competitors.

The DOJ’s settlement is the latest in a series of aggressive enforcement of the antitrust laws to protect labor markets. Since the DOJ and the Federal Trade Commission’s (“FTC’s”) 2016 Antitrust Guidance for Human Resource Professionals, the DOJ has been outspoken about intending to prosecute criminally stand-alone wage-fixing and no-hire, no-poach, and non-solicit agreements. Over the past two years, the DOJ has given these threats teeth, bringing criminal indictments against several companies and individuals for alleged wage-fixing, no-poach, and no-solicit agreements.

Here, the DOJ alleged that three poultry processors engaged in a long-running conspiracy to exchange information about wages and benefits for poultry processing plant workers and collaborated with their competitors to deprive “a generation of poultry processing plant workers of fair pay set in a free and competitive labor market.”[5] In addition, the government alleged that the processors coordinated the conspiracy by sharing information with third-party data consulting firms[6] and, importantly, that the information exchanged was “current or future, disaggregated, or identifiable in nature, which allowed the poultry processors to discuss the wages and benefits they paid their poultry processing plant workers.”[7] The data consulting firms also hosted in-person meetings where, the government further alleged, the poultry processors “shared additional compensation information and collaborated on compensation decisions.”[8]

Key to the government’s case, the complaint alleges that the poultry processors failed to abide by the safe-harbor requirements for sharing information outlined in the 2016 Guidance.[9] Under this Guidance, information sharing is unlikely to have anticompetitive effects when “[1] a neutral third party manages the exchange, [2] the exchange involves information that is relatively old, [3] the information is aggregated to protect the identity of the underlying sources, and [4] enough sources are aggregated to prevent competitors from linking particular data to an individual source.”[10] The DOJ alleged that the poultry processors did not qualify for the safe harbor because their information was current or future, disaggregated, and identifiable.[11]

Looking ahead, the safe harbor—which the DOJ and FTC have long used in contexts beyond labor markets—may be revised as a result of President Biden’s July 2021 Executive Order On Promoting Competition in the American Economy. Section 5(f) of the Order directs “the Attorney General and the Chair of the FTC . . . to consider whether to revise the Antitrust Guidance for Human Resource Professionals of October 2016” in order to “better protect workers from wage collusion.”[12] The Fact Sheet on the Executive Order suggests that those revisions may be aimed at information sharing: “the President . . . [e]ncourages the FTC and DOJ to strengthen antitrust guidance to prevent employers from collaborating to suppress wages or reduce benefits by sharing wage and benefit information with one another.”[13] To date, the guidance on information sharing has not been modified.

One other noteworthy aspect of the settlement agreement is the imposition of a ten-year monitorship. Monitorships for antitrust violations are uncommon and typically last only three years—even in the context of hard-core criminal cartels.[14] The groundbreaking agreement to a ten-year monitorship may be an indication that the new regime of antitrust enforcers will seek out monitorships, including lengthy ones, as part of future settlement agreements.

Take-aways

Carefully assess benchmarking practices. Consider how sensitive information—including wages and benefits, as well as pricing and production data—is shared with others in the industry to ensure that it qualifies for the current safe harbor—that is, the exchange is managed by a third party, such as a trade group, and includes information that is historical, aggregated, and anonymized.[15]

Monitor developments in DOJ and FTC guidance regarding information sharing, as the safe-harbor provision for human resources could change as a result of the Executive Order On Promoting Competition in the American Economy which directs DOJ and FTC leadership to “revise” the guidance to “better protect workers from wage collusion.”

Recognize that antitrust enforcers will use the antitrust laws to protect labor markets. They are particularly interested in guarding low-wage workers from antitrust violations, but employers in other areas should not be complacent, as enforcement has included conduct involving specialized labor and highly compensated professionals.

________________________

[1] See Proposed Final Judgment, U.S. v. Cargill Meat Solutions Corp., et al., (July 25, 2022), here, [hereinafter Proposed Settlement]. The data analysis firms and their executives entered into a separate settlement agreement. See Proposed Final Judgment, U.S. v. Webber, Meng, Sahl and Company (July 25, 2022), here.

[2] See Complaint, U.S. v. Webber, Meng, Sahl and Company (July 25, 2022), at ¶ 5 [hereinafter Complaint].

[3] Proposed Settlement at 12-17.

[4] This is the first DOJ antitrust case involving information sharing since 2016. See Complaint, U.S. v. DirectTV Group Holdings, LLC and AT&T, Inc. (Nov. 2, 2016), here.

[5] See Complaint at ¶ 4.

[6] Id. at ¶¶ 75–152.

[7] Id. at ¶ 75.

[8] Id. at ¶ 85.

[9] Id. at ¶ 88.

[10] See Department of Justice, Antitrust Division & Federal Trade Commission, Antitrust Guidance for Human Resources Professionals (October 2016), here.

[11] Complaint at ¶ 75.

[12] Executive Order on Promoting Competition in the American Economy (July 9, 2021), here.

[13] FACT SHEET: Executive Order on Promoting Competition in the American Economy, (July 9, 2021), here.

[14] See Judgment, U.S. v. AU Optronics Corporation (Oct. 2, 2012) (imposing a three-year monitorship).

[15] See Department of Justice, Antitrust Division & Federal Trade Commission, Statements of Antirust Enforcement Policy in health Care (August 1996), here (providing that the collection of information qualifies for a “safety zone” when (1) the collection is managed by a third party, (2) the data is more than three months old, and (3) and the data is sufficiently aggregated such that recipients could not identify the data of any individual participant).

The following Gibson Dunn lawyers prepared this client alert: Kristen Limarzi, Rachel Brass, Matt Butler, and Nick Marquiss.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Antitrust and Competition or Labor and Employment practice groups:

Antitrust and Competition Group:
Kristen C. Limarzi – Washington, D.C. (+1 202-887-3518, [email protected])
Jeremy Robison – Washington, D.C. (+1 202-955-8518, [email protected])
Rachel S. Brass – Co-Chair, San Francisco (+1 415-393-8293, [email protected])
Stephen Weissman – Co-Chair, Washington, D.C. (+1 202-955-8678, [email protected])
Ali Nikpay – Co-Chair, London (+44 (0) 20 7071 4273, [email protected])
Christian Riis-Madsen – Co-Chair, Brussels (+32 2 554 72 05, [email protected])

Labor and Employment Group:
Jason C. Schwartz – Co-Chair, Washington, D.C. (+1 202-955-8242, [email protected])
Katherine V.A. Smith – Co-Chair, Los Angeles (+1 213-229-7107, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On July 27, 2022, Senator Joe Manchin (D-West Virginia) and Senator Majority Leader Chuck Schumer (D-New York) announced an agreement on a reconciliation package entitled the Inflation Reduction Act of 2022 (the “Act”) to address climate change, taxes, health care, and inflation. The Act would, among other things, (1) establish a 15 percent corporate minimum tax, (2) expand the carried interest rules under section 1061 that apply ordinary income tax rates to investment gains earned by asset managers,[1] (3) establish multi-year IRS funding with a dramatic increase in funding for tax enforcement, and (4) extend and expand available clean energy tax incentives.

Legislative Outlook

As a reconciliation bill, Democrats can avoid a Republican filibuster in the Senate and pass the Act with a simple majority of only 51 votes, rather than the usual 60 votes. With the Senate split 50-50, Democrats will need their entire caucus to remain unified, with Vice President Kamala Harris casting the deciding vote. No Republican is expected to vote for the Act.

The Act could pass both chambers of Congress as soon as August. The next step is for the nonpartisan Senate Parliamentarian to review the bill to ensure that everything within it relates directly to the budget, a robust floor debate featuring a “vote-a-rama,” with votes on amendments that could extend far beyond the energy, health care, and tax issues that make up the core of the Act, and then the Senate and House will vote on the bill.

Passage of the Act in an equally divided Senate could be blocked if Democrats lose even a single member of their Caucus. Because Senator Kyrsten Sinema (D-Arizona) has blocked progress on similar issues in the past, her vote will be critical, and she has not yet announced her position. The complicating factor in the House of Representatives—where Democrats hold a narrow majority—will be whether the Progressive Caucus signs off on the Act. But Democrats understand the political reality that if either or both chambers flip in November to Republican control, the Act could be the last opportunity during the Biden Administration for Democrats to pass major legislation. So, though passage of the Act is far more likely than ever before, its passage is not guaranteed.

Corporate Minimum Tax

The Act would subject corporations with book income in excess of $1 billion to a 15 percent alternative minimum tax (“AMT”). The AMT is substantially similar to the revised version of the Build Back Better Act advanced by the Senate Finance Committee in late 2021. Critics of the AMT have noted that imposing a tax on book income instead of taxable income undermines certain tax benefits, such as bonus depreciation, timing benefits, and other differences between financial and tax accounting standards, and could create other unintended mismatches.

The AMT would be imposed on any corporation with average applicable financial statement income (“AFSI”) in excess of $1 billion over any consecutive three-year period preceding the tax year at issue (the “Income Test”). For a corporation (including predecessors) that has been in existence fewer than three years, the Income Test would be applied on an annualized basis. AFSI would be determined by reference to the income (or loss) set forth on the corporation’s audited GAAP financial statements, subject to certain adjustments, including for income from controlled foreign corporations, partnerships, and disregarded entities, corporations filing consolidated returns, and certain taxes paid. If a corporation is treated as a single employer with any other companies (corporate or non-corporate) pursuant to section 52, the AFSI of those other companies is taken into account for purposes of the Income Test. This may cause a corporation that would not otherwise satisfy the Income Test to be subject to the AMT (by reason of its relationship with other entities through disparate ownership structures, such as portfolio companies of private equity funds).

A corporation subject to the AMT generally would be eligible to claim net operating losses and tax credits against its AMT liability, with the new and extended clean energy credits discussed below (and other business credits) generally limited to 75 percent of a corporation’s AMT.

The AMT would not apply to S corporations, regulated investment companies, and real estate investment trusts. Other entities that would be excluded from the AMT include (1) corporations that experience an ownership change and (2) corporations that have not met the Income Test in a to-be-specified number of consecutive taxable years. The contours of these exclusions, however, are to be determined by Treasury regulations, including what constitutes an “ownership change.” A U.S. corporate subsidiary of a foreign-parented group would be subject to the AMT if that group meets the Income Test and that subsidiary has AFSI in excess of $100 million.

By incorporating financial accounting further into the tax law, the proposal would add substantial complexity to the Code. The Act leaves critical details to be provided for by guidance from the Treasury Department and IRS. That guidance will have significant tax consequences for taxpayers and will be subject to review in an era of heightened judicial scrutiny of agency rulemaking. In addition, because the creation and modification of financial statement rules is not subject to Congressional approval or the notice-and-comment requirements of the Administrative Procedures Act, the proposal would result in the calculation of tax liability being determined by decisions made by a relatively small group of unelected, unregulated decision-makers.

These proposals, if enacted, would apply to tax years beginning after December 31, 2022.

Expansion of the Carried Interest Rules Under Section 1061

The Act proposes to modify the current rules relating to the taxation of certain carried interests[2] in the same manner as the House-passed version of the Build Back Better Act (H.R. 5376), most notably:

denying long-term capital gain rates to holders of carried interests, unless the applicable holder meets the “holding period exception,” which generally would require a five year period of economic exposure to the relevant assets (three years in the case of real estate businesses or a taxpayer with adjusted gross income of less than $400,000);
changing the manner in which the relevant holding period is determined;
eliminating the exception from the carried interest rules for gains taxed at long-term gains rates under section 1231 and section 1256; and
requiring full gain recognition on any transfer of an applicable carried interest, even if nonrecognition rules would otherwise apply.

The holding period exception has drawn attention for its departure from longstanding tax principles regarding holding period determinations. Specifically, the holding period exception would look to the following dates – (i) the date on which the holder of a carried interest acquired “substantially all” of its carried interest, (ii) the date on which the partnership that issued the carried interest acquired “substantially all” of its assets, and (iii) in a tiered partnership, dates determined by applying (i) and (ii) to each partnership – and then would measure the applicable five-year period from the latest of those dates.[3] The Act does not specify how the “substantially all” requirement is intended to be measured, and, because many investment funds (e.g., hedge funds and private equity funds) acquire assets at different times and have overlapping holding periods, it would be extraordinarily difficult for taxpayers to determine when these requirements have been satisfied.

The purpose of the proposed holding period exception is to ensure that ordinary income tax rates apply to any gain realized in respect of a carried interest if the gain is attributable to an asset to which the taxpayer has not been exposed economically for at least five years. As currently drafted, the proposed holding period exception could be both under- and over-inclusive, permitting gain attributable to certain assets that have been held for fewer than five years to benefit from long-term capital gains rates and subjecting long-held assets to ordinary income tax rates. Further, the proposed gain recognition rule would create a substantial trap for the unwary, particularly for indirect transfers of carried interests, including for estate planning purposes and ordinary course restructurings.

These proposals, if enacted, would apply to tax years beginning after December 31, 2022.

Additional IRS Funding – Enforcement

Consistent with the House-passed version of the Build Back Better Act (H.R. 5376), the Act provides nearly $80 billion of additional IRS funding for taxpayer services, enforcement, operations support, and modernization—with more than $45 billion earmarked for IRS tax enforcement over the next nine years. Not only is the multi-year nature of the funding unique for the IRS, but the average-annual $5 billion increase to IRS enforcement also would double the IRS’s enforcement budget over prior years. The art or science of estimating the revenue effects of tax legislation has led to significant disagreement recently, but per Congressional Budget Office analysis, the Senate estimates that IRS tax enforcement will generate $124 billion for the Federal fisc. Furthermore, effective tax enforcement will be critical to the realization of the revenue estimates attributable to the Act’s AMT and modified taxation of carried interest provisions.

Clean Energy Tax Incentives

The Act includes numerous expansions and extensions of tax incentives for investments in clean energy by businesses and individuals. If enacted, the Act would represent a significant commitment to the development of clean energy in the United States.

Certain portions of the Act were introduced in 2021 during discussions of the Green Act, the Clean Energy for America Act, and, ultimately, the Build Back Better Act, but the Act includes additions, subtractions, and refinements that depart from the Build Back Better Act and that could have significant positive impacts on the future of clean energy project development and finance.

Notably, the Act would permit the one-time sale of credits between certain taxpayers. Under current law, clean energy tax credits generally are not transferable, subject to a narrow exception for the investment tax credit (which is transferrable to a lessee if certain requirements are met), but the Act would expand transferability beyond passthrough leases to other structures and credit classes (including production tax credits, carbon capture and sequestration credits, and several newly proposed credits). Federal tax credit transferability could have a significant impact on the tax equity market, expanding the base of potential investors and potentially simplifying structures, although the continued non-transferability of other tax attributes (such as depreciation and amortization) means that legacy tax equity financing structures likely will continue to be relevant. As drafted, however, the Act’s transferability regime raises numerous questions that likely would need to be addressed before enactment or through regulatory guidance.

In addition, the Act includes a number of significant macro-level changes to the clean energy credit system, some of which were first seen in the lead up to the Build Back Better Act, including:

Wage and workforce eligibility requirements (applicable across clean energy credit classes) to qualify for credits at historic rates;
Sweeteners for projects that satisfy domestic content or low-income community requirements;
A limited direct-pay mechanism (conditioned for certain credits on phased-in domestic content requirements for projects one megawatt or greater);
A three-year credit carryback; and
Future transition to a technology-neutral credit regime.

In addition to these structural shifts, the Act includes the expansion of existing credits, the re-proposal of credits introduced in the discussions around the Build Back Better Act, and new credits, including:

A new standalone investment tax credit and homeowner credit for battery storage facilities;
Extension of the investment tax credit (and re-introduction of the production tax credit) and homeowner credit for solar projects;
Extension of the production tax credit for on-shore and off-shore wind projects;
A richer and broader credit regime for carbon capture and sequestration projects; and
Extensions of legacy clean energy credits and the introduction of numerous new credits, including for clean hydrogen projects, zero-emission nuclear projects, and advanced manufacturing projects.

_________________________

[1] Unless otherwise indicated, all “section” references are to the Internal Revenue Code of 1986, as amended (the “Code”).

[2] These rules apply generally apply to any partnership interest transferred or held in connection with the performance of services in an “applicable trade or business,” other than certain capital interests, interests purchased by unrelated third parties and interests held by corporations. The Act would clarify that the exception for partnership interests held by corporations would not be available for S corporations.

[3] The Act states that section 1061 “shall be applied without regard to section 83 and any election in effect under section 83(b).” The precise meaning of this portion of the proposed legislation is not entirely clear.

This alert was prepared by Josiah Bethards, Michael D. Bopp, Michael Q. Cannon, Michael J. Desmond, Matthew J. Donnelly, Pamela Lawrence Endreny, Bree Gong*, Brian Hamano, Roscoe Jones Jr., Brian W. Kniesly, Jamie Lassiter*, Eric B. Sloan, C. Terrell Ussing, and Daniel A. Zygielbaum.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Public Policy, Tax, or Global Tax Controversy and Litigation practice groups:

Public Policy Group:
Michael D. Bopp – Co-Chair, Washington, D.C. (+1 202-955-8256, [email protected])
Roscoe Jones, Jr. – Co-Chair, Washington, D.C. (+1 202-887-3530, [email protected])

Tax Group:
Dora Arash – Los Angeles (+1 213-229-7134, [email protected])
Sandy Bhogal – London (+44 (0) 20 7071 4266, [email protected])
Michael Q. Cannon – Dallas (+1 214-698-3232, [email protected])
Hanna Chalhoub – Dubai (+971 (0) 4 318 4634, [email protected])
Michael J. Desmond – Los Angeles/Washington, D.C. (+1 213-229-7531, [email protected])
Matt Donnelly – Washington, D.C. (+1 202-887-3567, [email protected])
Pamela Lawrence Endreny – New York (+1 212-351-2474, [email protected])
Benjamin Fryer – London (+44 (0) 20 7071 4232, [email protected])
Brian R. Hamano – San Francisco (+1 415-393-8350 , [email protected])
Kathryn A. Kelly – New York (+1 212-351-3876, [email protected])
Brian W. Kniesly – New York (+1 212-351-2379, [email protected])
Jennifer Sabin – New York (+1 212-351-5208, [email protected])
Eric B. Sloan – Co-Chair, New York (+1 212-351-2340, [email protected])
Jeffrey M. Trinklein – London/New York (+44 (0) 20 7071 4224 /+1 212-351-2344), [email protected])
John-Paul Vojtisek – New York (+1 212-351-2320, [email protected])
Edward S. Wei – New York (+1 212-351-3925, [email protected])
Lorna Wilson – Los Angeles (+1 213-229-7547, [email protected])
Daniel A. Zygielbaum – Washington, D.C. (+1 202-887-3768, [email protected])

* Bree Gong is an associate working in the firm’s Palo Alto office who is admitted only in New York; Jamie Lassiter is an associate working in the firm’s Los Angeles office who is admitted only in New York and Texas.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Is antitrust becoming HR’s biggest headache? The antitrust enforcement agencies and plaintiffs’ attorneys alike continue to prioritize competition enforcement in labor markets. The antitrust agencies have been keenly focused on a variety of labor issues, including wage collusion, non-compete, non-solicit and confidentiality agreements, worker classification, earnings claims, franchising arrangements, and merger deals that impact labor, just to name a few. And class actions continue to be filed pressing these issues. How will this trend play out? This panel provides insights from the trenches with a particular focus on pitfalls to avoid.

PANELISTS:

Rachel S. Brass is a partner in the San Francisco office of Gibson, Dunn & Crutcher and co-chair of the Firm’s Antitrust and Competition Practice Group. She is a member of the firm’s Litigation Department where her practice focuses on investigations and litigation in the antitrust, labor, and employment areas. Ms. Brass also has extensive experience representing international and domestic clients in highstakes appellate litigation in the Supreme Court. She has special expertise in international matters and teaches an upper-level course in International Antitrust Law at Berkeley Law School.

Svetlana S. Gans is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher, where she helps clients navigate complex consumer protection, privacy, and competition related regulatory proceedings before the U.S. Federal Trade Commission (FTC), U.S. Department of Justice Antitrust Division, State Attorneys General and other enforcement bodies. Ms. Gans also assists on litigation matters and provides strategic counseling and advice related to public policy issues.

Michael Holecek is a litigation partner in the Los Angeles office of Gibson, Dunn & Crutcher, where his practice focuses on complex commercial litigation, class actions, labor and employment law, and data privacy—both in the trial court and on appeal. Mr. Holecek has first-chair trial experience and has successfully tried to verdict both jury and bench trials, he has served as lead arbitration counsel, and he has presented oral argument in numerous appeals. Mr. Holecek has also authored articles on appellate procedure, civil discovery, corporate appraisal actions, data privacy, and bad-faith insurance litigation.

Julian W. Kleinbrodt is a litigation associate in the San Francisco office of Gibson, Dunn & Crutcher, where his practice focuses on antitrust and other complex civil litigation. Mr. Kleinbrodt has successfully represented clients across several industries through trial and appeal. He has represented clients in federal and state government investigations concerning employment, antitrust, and other competition issues. Mr. Kleinbrodt also regularly counsels companies in these areas.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

This update provides an overview of key class action-related developments during the second quarter of 2022 (April through June).

Part I discusses noteworthy cases from the Ninth, Sixth, and Third Circuits regarding the requirements for class certification—including important decisions on how to address uninjured putative class members.

Part II covers two decisions from the Eighth and Seventh Circuits analyzing Article III standing in light of the U.S. Supreme Court’s decisions in Spokeo, Inc. v. Robins, 578 U.S. 330 (2016), and TransUnion LLC v. Ramirez, 141 S. Ct. 2190 (2021).

And Part III analyzes a recent decision from the Third Circuit regarding late removals of class actions to federal court under the Class Action Fairness Act of 2005 (“CAFA”).

I. The Ninth, Sixth, and Third Circuits Discuss Rule 23 Requirements

This past quarter, the Ninth, Sixth, and Third Circuits issued significant decisions applying the Rule 23 class certification requirements.

As reported in our prior client alert, the Ninth Circuit released an important en banc opinion in Olean Wholesale Grocery Cooperative, Inc. v. Bumble Bee Foods LLC, 31 F.4th 651 (9th Cir. 2022). The case involved three classes of tuna purchasers who alleged that tuna suppliers engaged in a price-fixing conspiracy in violation of federal and state antitrust laws. In certifying the classes, the district court relied on the plaintiffs’ expert’s analysis purporting to show that the alleged conspiracy resulted in substantial price impacts that injured purchasers on a class-wide basis.

While the Ninth Circuit ultimately affirmed the granting of class certification in Olean, and rejected a per se ruling against certifying a class that contains more than a de minimis number of uninjured class members (a ruling which conflicts with decisions from the First and D.C. Circuits), the court’s opinion outlines a framework for class certification that creates significant hurdles for plaintiffs seeking to certify expansive classes, especially where proving injury at trial would require individualized adjudications. Olean was covered in greater detail in our prior client alert, and we expect the case to impact all types of class actions in the Ninth Circuit, including consumer and employment cases.

The Sixth Circuit also confronted the issue of identifying injured class members in Tarrify Properties, LLC v. Cuyahoga County, 37 F.4th 1101 (6th Cir. 2022), which affirmed the denial of certification of a putative class of owners of abandoned properties to whom the defendant county failed to reimburse the remaining equity when it foreclosed on their properties. Given the many factors that influence property values, the Sixth Circuit reasoned that determining whether any given property owner was owed money required “proof that is variable in nature and ripe for variation in application,” such that “mini-trials” would be necessary to determine the remaining equity in each foreclosed property. Id. at 1106–07. Moreover, the issue was one of determining injury—rather than damages—because “[t]he key impediment . . . is that the court must ask whether a given property’s fair market value exceeds the taxes owed at the time of the transfer to determine who is in the class.” Id. at 1106. The Sixth Circuit also rejected the plaintiff’s proposal to use tax appraisal values to determine whether each property owner had been harmed, calling that approach a “rough justice method” that failed to sufficiently account for “the vagaries of [determining] fair market value.” Id. at 1106‒08.

Finally, the Third Circuit addressed the numerosity and commonality requirements of Rule 23 in Allen v. Ollie’s Bargain Outlet, Inc., 37 F.4th 890 (3d Cir. 2022), and vacated certification of an Americans with Disabilities Act class action against a retail operator with 400 retail stores across 29 states. The plaintiffs had alleged that the retailer’s stores were inaccessible to disabled people using wheelchairs because the aisles were often blocked with merchandise. To satisfy the numerosity requirement, the plaintiffs introduced census data estimating the number of people with ambulatory disabilities for each zip code with a store, 12 emails from patrons using wheelchairs, and evidence that 16 patrons using wheelchairs visited two stores in Pennsylvania over the course of one week. To satisfy the commonality requirement, the plaintiffs argued that the retailer had nationwide store-layout policies that affected accessibility in its stores. The district court granted certification, finding that the plaintiffs had proved there were at least 30 people in the putative class and that the proposed class members would have suffered the same injury stemming from the retailer’s alleged policies.

The Third Circuit reversed on both grounds. On numerosity, the Third Circuit held that the plaintiffs’ evidence was “far too speculative” because the census data said nothing about the number of disabled people who actually shopped at the stores, the customer complaints were “few,” and there were no documented accessibility issues for those patrons recorded visiting the Pennsylvania stores. Id. at 899–900. In contrast to the plaintiffs’ “speculative” evidence, in order to satisfy numerosity, the plaintiffs would have needed to provide “concrete evidence of class members who have patronized a public accommodation and have suffered or will likely suffer common ADA injuries.” Id. at 897.

On commonality, the Third Circuit held that “stitching together a corporate-wide class requires more” than showing “that [the defendant] has corporate policies and that some or all stores in Pennsylvania pay inadequate attention to aisle accessibility.” Id. at 901. Because the plaintiffs’ evidence of inaccessible aisles was limited to Pennsylvania, there was no way of knowing whether the retailer’s visual standards resulted in discrimination “in some regions” but not others. Id. at 902. It concluded that evidence from one state was not enough to support “[p]roceeding on a corporate-wide basis against a corporation with over four hundred stores in twenty-nine states.” Id.

II. The Eighth and Seventh Circuits Analyze Article III Standing in Light of Spokeo and TransUnion

As reported in prior updates, federal courts continue to assess whether named plaintiffs have adequately alleged Article III standing to bring a variety of claims commonly filed as class actions. This past quarter was no different, with the Eighth Circuit and Seventh Circuit clarifying what constitutes a concrete Article III injury under Spokeo, Inc. v. Robins, 578 U.S. 330 (2016), and TransUnion LLC v. Ramirez, 141 S. Ct. 2190, 2200 (2021).

In Schumacher v. SC Data Center, Inc., 33 F.4th 504 (8th Cir. 2022), the Eighth Circuit held that the named plaintiff in a putative class action failed to sufficiently allege Article III standing based on a prospective employer’s purported failure to comply with several technical requirements of the Fair Credit Reporting Act (“FCRA”). Siding with the Ninth Circuit—and disagreeing with the Third and Seventh Circuits—the Eighth Circuit first held that the prospective employer’s failure to provide the plaintiff with a copy of her consumer report before denying her employment did not qualify as an “injury in fact” sufficient to confer Article III standing. Id. at 510–12. Although the employer’s failure to provide the report deprived the plaintiff of an opportunity to explain prior convictions that had led to her denial of employment, the Eighth Circuit held that FCRA did not provide a right to explain an accurate consumer report. Id. at 511‒12. Second, the Eighth Circuit held that even though the employer violated FCRA by providing an improper disclosure form, that was only a “technical violation” of the statute that did not harm the plaintiff. Id. at 512‒13. Third, the Eighth Circuit held that the plaintiff lacked standing to challenge any alleged search of a sex-offender database without her authorization, since the plaintiff pled that it caused a mere “invasion of privacy,” which was not a sufficiently concrete harm. Id. at 514.

The Seventh Circuit also addressed standing issues in Pierre v. Midland Credit Management, Inc., 29 F.4th 934 (7th Cir. 2022), where the court held that efforts to collect on a time-barred debt did not constitute injury for Article III standing. The plaintiff in Pierre had defaulted on a credit card and was sued by the debt purchaser, but the lawsuit was subsequently dismissed. After the statute of limitations had run on the debt collection, the defendant sent the plaintiff a letter seeking payment of the debt at a discount, while acknowledging that the plaintiff could not be sued over the debt because of its age. The plaintiff claimed that the letter violated the Fair Debt Collection Practices Act (“FDCPA”) because it falsely represented the character of the debt.

The Seventh Circuit remanded with instructions to dismiss for lack of subject matter jurisdiction because the plaintiff had not established an Article III injury. The Seventh Circuit held that, “critically,” the plaintiff “didn’t make a payment, promise to do so, or otherwise act to her detriment in response to anything in or omitted from the letter.” Id. at 939. Nor did psychological harm, such as the claimed “confusion” and “worry” arising from the letter, rise to a concrete injury. Id. “[A]t most,” the defendant’s letter created “a risk” of injury—which was “not enough to establish an Article III injury in a suit for money damages.” Id. at 936 (citing TransUnion, 141 S. Ct. at 2210–11).

Judge David F. Hamilton, writing for three other judges dissenting from a subsequent denial of a petition for rehearing in Pierre, argued that intangible injuries, such as those advanced by the plaintiff, “could be concrete for purposes of standing” for violations of the FDCPA. 36 F.4th 728, 730 (7th Cir. 2022) (Hamilton, J., dissenting).

III. The Third Circuit Upholds Late-Stage Removal Under CAFA

The Third Circuit issued a notable decision upholding a late-stage removal of a putative class action to federal court under CAFA, which normally requires defendants to file a notice of removal within 30 days from “receipt” of the “initial pleading setting forth the claim for relief.” 28 U.S.C. § 1446(b)(1). CAFA also provides that “if the case stated by the initial pleading is not removable,” then a defendant’s removal is timely if filed within 30 days “after receipt by the defendant, through service or otherwise, of a copy of an amended pleading, motion, order or other paper from which it may first be ascertained that the case is one which is or has become removable.” Id. § 1446(b)(3).

In McLaren v. UPS Store Inc., 32 F.4th 232, 241 (3d Cir. 2022), the Third Circuit held that the 30-day removal deadline under Section 1446(b)(3) is not triggered by the defendant’s possession of information about removability. The litigation involved parallel state class actions alleging that the defendants’ stores charged an amount for notary services that exceeded the $2.50 fee permitted by New Jersey state law. Id. at 234. Neither state complaint alleged that the amount in controversy exceeded $5 million, as required for removal under CAFA. Id. at 235. During the course of the state litigation, one defendant produced a spreadsheet that disclosed the number of transactions at issue, revealing that each case had an amount in controversy exceeding $5 million. Id. Seven months later—and after an adverse appellate decision affirming denial of the defendants’ motion to dismiss—the defendants removed both complaints to federal court, asserting that CAFA’s jurisdictional requirements were met. Id. The district court remanded the cases back to state court, holding that the defendants’ removal was untimely under Section 1446(b). Id.

The Third Circuit vacated the district court’s remand order, holding that the spreadsheet the defendant produced was not “recei[ved] by [d]efendant[s],” and thus did not trigger any 30-day removal clock. Id. at 241. The court reasoned that the removal clocks are triggered based only on what a defendant can ascertain from the four corners of a complaint or other paper the defendant “receives”—and that Section 1446(b) does not impose a duty to search company records to investigate possible removal. Id. at 239. Moreover, the statutory text “focuses only on what a defendant receives,” and “does not contemplate that the thirty-day clock would be triggered by information that the defendant already possesses or knows from its own records.” Id. at 238.

The following Gibson Dunn lawyers contributed to this client update: Katie Henderson, Sean Howell, Timothy Kolesk, Wesley Sze, Lauren Blas, Bradley Hamburger, Kahn Scolnick, and Christopher Chorba.

Gibson Dunn attorneys are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Class Actions, Litigation, or Appellate and Constitutional Law practice groups, or any of the following lawyers:

Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, [email protected])
Christopher Chorba – Co-Chair, Class Actions Practice Group – Los Angeles (+1 213-229-7396, [email protected])
Theane Evangelis – Co-Chair, Litigation Practice Group, Los Angeles (+1 213-229-7726, [email protected])
Lauren R. Goldman – New York (+1 212-351-2375, [email protected])
Kahn A. Scolnick – Co-Chair, Class Actions Practice Group – Los Angeles (+1 213-229-7656, [email protected])
Bradley J. Hamburger – Los Angeles (+1 213-229-7658, [email protected])
Lauren M. Blas – Los Angeles (+1 213-229-7503, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Washington, D.C. partner Cynthia Richman is the author of “Enhanced antitrust enforcement extends to scrutiny of interlocking directorates,” [PDF] published by Financier Worldwide in its August 2022 issue.

London partner Sandy Bhogal and associates Bridget English and William Inchbald are the authors of the “United Kingdom” [PDF] chapter in Global Legal Insights – Corporate Tax 2022, published by Global Legal Group in July 2022. Sandy Bhogal was the contributing editor for the guide.

The Employee Benefits Security Administration of the U.S. Department of Labor has released a proposed rule that would amend prohibited transaction class exemption 84-14 (“PTE 84-14”), a longstanding regulation governing financial institutions acting as qualified professional asset managers (or “QPAMs”) for IRAs or employer-provided retirement plans. The proposed rule is scheduled to be published in the Federal Register on July 27, 2022.

PTE 84-14, which allows QPAMs to cause a plan to engage in transactions in which a party in interest to the plan (e.g., a plan trustee) is participating in some manner, is considered by many financial institutions to be a practical necessity when managing ERISA plan assets. The Labor Department’s proposal, if finalized, would make several substantial changes.

Extension to Non-Prosecution and Deferred Prosecution Agreements

Currently, PTE 84-14 provides that a QPAM is ineligible to use the exemption for a period of 10 years if the QPAM or any of its affiliates (which includes any person or entity that owns 5% or more of the QPAM) is convicted of any of a range of specifically-enumerated crimes. The Department proposes to extend that prohibition to a broader range of events, including “any conduct that forms the basis for a non-prosecution or deferred prosecution agreement that, if successfully prosecuted, would have constituted a crime” that would have resulted in exclusion from PTE 84-14’s coverage. Under the proposed rule, a QPAM is also ineligible if it or an affiliate knew of such criminal conduct and did not “tak[e] active steps to prohibit” it.

This extension to non-prosecution and deferred prosecution agreements could significantly expand the instances in which QPAM status is lost. It could also complicate the negotiation of non-prosecution or deferred prosecution agreements.

Foreign Convictions Would Now Be Expressly Covered

The proposed rule would codify the Labor Department’s current view that disqualifying QPAM convictions include foreign convictions for offenses that are “substantially equivalent” to the disqualifying domestic criminal offenses listed in PTE 84-14. (PTE 84-14 currently does not mention foreign convictions.) The Department states that it will allow QPAMs to ask the Department whether a particular foreign offense would be disqualifying, but does not propose to formalize that process.

Mandatory One-Year Winding Down Period

The Department proposes a mandatory one-year winding-down period after a disqualifying conviction. During that period, and even if they were applying for an individual exemption, QPAMs could rely on PTE 84-14 only for existing clients and a limited range of transactions. This would effectively prevent QPAMs from onboarding new matters that depend on PTE 84-14.

Mandatory Contracts with All Clients

Under the proposed rule, all QPAMs would be required to enter into agreements with clients containing certain mandatory provisions. Among other things, the QPAM would have to “agree[] to indemnify, hold harmless, and promptly restore actual losses to the client Plans for any damages that directly result to them from a violation of applicable laws, a breach of contract, or any claim arising out of the conduct that is the subject of a Criminal Conviction or Written Ineligibility Notice of the QPAM or an Affiliate.”

This provision, which would effectively make any violation of ERISA subject to indemnification, may present issues similar to those in Chamber of Commerce of U.S.A. v. U.S. Dep’t of Labor, 885 F.3d 360, 384–85 (5th Cir. 2018), where the U.S. Court of Appeals for the Fifth Circuit ruled that a written contract requirement in the Department’s 2016 “Fiduciary Rule” impermissibly created a private cause of action.

Public Comment and Potential Litigation

Interested parties will have 60 days to comment from the date of the proposal’s forthcoming publication in the Federal Register. Thorough, robust comments can have a significant impact on the eventual final rule, by drawing attention to problems with the proposal and by suggesting alternatives—and potentially, revisions to the QPAM regime as a whole—that the Department will be obligated to consider under the Administrative Procedure Act. Final QPAM amendments would ultimately be subject to review in court if concerned parties, or their representatives, believe the final rule is unjustifiably burdensome, restrictive, or fails to take proper account of comments received in the rulemaking.

The following Gibson Dunn attorneys assisted in preparing this client update: Eugene Scalia, Michael Collins, Martin A. Hewett, Andrew G.I. Kilberg, and Ryan C. Stewart.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Administrative Law and Regulatory, Labor and Employment, White Collar Defense and Investigations, or Executive Compensation and Employee Benefits practice groups:

Administrative Law and Regulatory Group:
Eugene Scalia – Washington, D.C. (+1 202-955-8543, [email protected])
Helgi C. Walker – Washington, D.C. (+1 202-887-3599, [email protected])

Labor and Employment Group:
Jason C. Schwartz – Washington, D.C. (+1 202-955-8242, [email protected])
Katherine V.A. Smith – Los Angeles (+1 213-229-7107, [email protected])

White Collar Defense and Investigations Group:
Stephanie L. Brooker – Washington, D.C. (+1 202-887-3502, [email protected])
Joel M. Cohen – New York (+1 212-351-2664, [email protected])
Nicola T. Hanna – Los Angeles (+1 213-229-7269, [email protected])
Martin A. Hewett – Washington, D.C. (+1 202-955-8207, [email protected])
Charles J. Stevens – San Francisco (+1 415-393-8391, [email protected])
F. Joseph Warin – Washington, D.C. (+1 202-887-3609, [email protected])

Executive Compensation and Employee Benefits Group:
Michael J. Collins – Washington, D.C. (+1 202-887-3551, [email protected])
Stephen W. Fackler – Palo Alto/New York (+1 650-849-5385/+1 212-351-2392, [email protected])
Sean C. Feller – Los Angeles (+1 310-551-8746, [email protected])
Krista Hanvey – Dallas (+ 214-698-3425, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On July 21, 2022, the Securities and Exchange Commission (“SEC”) filed an insider trading case alleging for the first time that an employee’s alleged tipping of material nonpublic information for purposes of trading crypto assets constitutes securities fraud.[1] Under this theory, the SEC’s complaint alleges that certain cryptocurrencies were securities under the Securities Act of 1933 and the Securities Exchange Act of 1934, because the SEC claims they were investment contracts based on the fact that they were (a) “offered and sold to investors”; (b) “who made an investment of money in a common enterprise,” and (c) “with a reasonable expectation of profits derived from the efforts of others.”[2] In contrast, the United States Attorney’s Office for the Southern District of New York (“SDNY”)—the tip of the spear in the U.S. Department of Justice’s prosecutions for insider trading—brought an indictment arising out of the same conduct alleging only wire fraud charges.[3] Unlike the SEC, the SDNY did not allege that any of the crypto assets at issue were securities, and did not charge securities fraud.

I. Background and Charges

The SEC and SDNY filed parallel civil and criminal actions against Ishan Wahi, a former manager at Coinbase, Inc. (“Coinbase”), Nikhil Wahi (Wahi’s brother), and Sameer Ramani (Wahi’s friend) based on allegations that Wahi tipped his brother and Ramani with material, nonpublic information concerning the timing and content of upcoming Coinbase “listing announcements.”

As alleged, by virtue of his position as a manager, Wahi had access to confidential information regarding upcoming listings of crypto assets on the exchange. The SEC and SDNY allege that Wahi tipped information concerning these listing announcements to his brother Nikhil and friend Ramani allowing them to profit by purchasing the crypto assets in advance of the announcements, and subsequently selling the assets post-listing to the tune of over $1 million in total.

Both the SEC and SDNY actions allege and emphasize that Wahi’s disclosure of listing information to his brother and Ramani violated the exchange’s policies, which defined material nonpublic information to include asset listings, prohibited employees from disclosing such confidential information, and “expressly barred employees from providing a ‘tip’ to any person who might make a trading decision based on the information.”[4]

1. SEC Charges

In a single-count complaint filed in the United States District Court for the Western District of Washington, the SEC contends that defendants’ alleged insider trading scheme amounted to securities fraud in violation of Section 10(b) of the Securities Exchange Act (15 U.S.C. § 78j(b)) and Rule 10b-5 (17 C.F.R.§ 240.10b-5).

The SEC’s complaint alleges that blockchain addresses linked to Nikhil Wahi and Ramani traded in at least 25 crypto assets ahead of more than 10 listing announcements. The SEC claims that 9 of the 25 crypto assets were securities. The SEC complaint does not explain why the remaining 16 crypto assets did not constitute securities. With respect to the nine crypto assets underlying the securities fraud charges, the SEC alleges that they were “investment contracts” under the securities laws because (a) they were “offered and sold to investors”; (b) “who made an investment of money in a common enterprise;” and (c) they created “a reasonable expectation of profits to be derived from the efforts of others.”[5] The SEC further alleges that there were “continuing representations by issuers and their management teams regarding the investment value of the tokens, the managerial efforts that contribute to the tokens’ value, and the availability of secondary markets for trading the tokens” such that “a reasonable investor in the nine crypto asset securities would continue to look to the efforts of the issuer and its promotors, including their future efforts, to increase the value of their investment.”[6] The SEC case is before the Honorable Theresa L. Fricke in the Western District of Washington’s Seattle Division.

2. SDNY Charges

The SDNY filed criminal charges against Wahi, Nikhil Wahi, and Ramani for the same conduct, but notably does not allege securities fraud. The SDNY indictment contains the following four wire fraud counts in violation of Title 18, United States Code, Section 1343: (1) conspiracy to commit wire fraud against Wahi and his brother; (2) a separate conspiracy to commit wire fraud against Wahi and his friend; (3) a substantive count of wire fraud against Wahi and his brother; and (4) a substantive count of wire fraud against Wahi and his friend.

The SDNY indictment alleges that, on the basis of tips from Ishan Wahi of material non-public information concerning anticipated listing announcements, Wahi’s brother and friend separately executed trades concerning at least 25 different crypto assets shortly before at least 14 listing announcements, resulting in $1.5 million in illicit profits.[7]

In order to convict on the substantive wire fraud counts, the government must show: (1) a scheme or artifice to defraud; (2) money or property as the object of the scheme; and (3) the use of wires to further the scheme. To prevail on the conspiracy charges, the government must also show: (1) an agreement between Wahi and any alleged co-conspirator to execute the trading scheme; and (2) an overt act—whether innocent or illegal—committed in furtherance of the conspiracy. The SDNY case is before the Honorable Loretta Preska.

II. Notable Issues Arising from SEC Allegation that Certain Crypto Currencies Are Securities

The SEC’s decision to pursue a securities fraud case against Wahi is noteworthy for a number of reasons.

First, the SEC’s legal theory that certain crypto assets constitute “securities” is far from settled in the federal courts.[8] The SEC is in fact litigating a similar issue in an ongoing case against Ripple Labs concerning whether Ripple’s sales of digital asset XRP constituted unregistered securities offerings.[9]

In this regard, it is notable that there is no securities fraud charge in the parallel criminal indictment. The SDNY only charged wire fraud and conspiracy to commit wire fraud—a highly atypical move in an insider trading case where the government almost always charges securities fraud. In a press release announcing four new insider trading indictments against nine individuals on July 25, 2022—all of which allege securities fraud—U.S. Attorney Damian Williams reinforced the SDNY’s commitment to prosecuting insider trading and referenced the Wahi case in stating that insider trading is a form of “old school fraud” that may be committed using “new school methods.” The lack of a securities fraud charge in the Wahi case potentially reflects the SDNY’s concerns about proving beyond a reasonable doubt that defendants dealt in a “security” subject to the federal securities laws.

Significantly, a current Commissioner of the Commodity Futures Trading Commission—which has brought actions in the crypto space related to crypto assets that are commodities—has also signaled discomfort with the SEC’s action against Wahi. In an unusual rebuke, Commissioner Caroline D. Pham issued a public statement calling the SEC lawsuit a “striking example of regulation by enforcement.”[10]

Second, any resolution indicating that the crypto assets at issue are securities is likely to lead to line drawing questions as to which crypto assets contain alleged hallmarks of traditional securities. The SEC itself publicly stated in 2018 that two digital assets (bitcoin and ether) were not securities.[11] And in 2020, SEC Commissioner Hester Peirce stated that a cryptocurrency may start out as a security digital asset and later become a non-security digital asset.[12]

Third, the SDNY and SEC parallel cases reflect an ongoing dedication of resources by the federal government toward investigating cases relating to crypto assets. Unquestionably, the United States Department of Justice, the SEC, and many other federal and state regulators have and will continue to focus on this area. Investigations which relate to crypto assets continue to draw significant resources for the foreseeable future.

Finally, the SEC’s theory against Wahi merits monitoring by cryptocurrency market participants as they react to this evolving regulatory and enforcement landscape and consider their policies and procedures.

III. When Will the Court Decide in Wahi Whether These Crypto Assets Are Securities?

The timing of any court decision on the issue of whether these crypto assets are securities depends on a variety of important factors. First, it depends on whether Wahi and his co-defendants move to dismiss in the Western District of Washington. Second, it depends heavily on whether the SDNY moves to stay, and the extent of its motion to stay, the SEC’s civil proceeding in the Western District of Washington. There is a history in the SDNY of moving for at least a partial stay in parallel SEC proceedings. Although the US DOJ and the SEC coordinate in terms of timing and share evidence when permissible in taking actions in their respective cases prior to charging, the SEC usually takes no position when the US DOJ seeks to stay any part of its civil proceeding. If the SEC’s civil case is stayed in full pending the SDNY criminal case, there will be a long delay in any court hearing over whether the crypto assets in the SEC’s case constitute securities. A typical criminal securities fraud case takes well over a year, and potentially far longer to reach its conclusion including any appeal. On the other hand, if the SEC’s civil case is stayed in part, allowing the accused to seek to dismiss the charges on a legal basis, there might be a court decision and potential appeal relating to whether the crypto assets constitute securities in the near future.

IV. Conclusion

In sum, the SEC’s complaint against Wahi fans the flames of a longstanding debate over whether crypto assets constitute securities, and the SEC’s proper role in regulating crypto assets. While the SEC’s actions reflect its interest in pressing the theory that such assets are securities under certain circumstances—without any guidelines yet—subject to its regulatory jurisdiction, it appears that federal district courts may provide the first initial guidance about the law.

_________________________

[1] SEC v. Wahi, No. 2:22-cv-01009 (W.D.Wash. Jul. 21, 2022) [hereinafter “SEC Complaint”].

[2] SEC Complaint ¶¶ 89-94.

[3] United States v. Wahi, No. 22-cr-392 (S.D.N.Y. Jul. 21, 2022) [hereinafter “SDNY Complaint”].

[4] SDNY Complaint ¶ 7; see also id. ¶ 4.

[5] Id. ¶¶ 89-90; see also id. ¶¶ 103, 106, 114, 115, 125, 128, 138, 140, 149, 153, 163, 165, 172, 173, 186, 189, 200, 202.

[6] Id. ¶ 94.

[7] SDNY Complaint ¶ 3.

[8] See, e.g., In re Tether & Bitfinex Crypto Asset Litig., No. 19-cv-9236 (KPF), 2021 WL 4452181, at *51 (S.D.N.Y. Sept. 28, 2021) (noting the unsettled nature of the security/commodity debate as it relates to crypto assets, and declining to classify a certain crypto asset as a “security, commodity, or some other type of good or asset”); Barron v. Helbiz Inc., No. 20-cv-4703 (LLS), 2021 WL 229609, at *4 (S.D.N.Y. Jan. 22, 2021) (holding that Helbiz Coin, a type of crypto asset, is a security after engaging in a fact-intensive analysis of the product); Sec. & Exch. Comm’n v. Blockvest, LLC, No. 18-cv-2287 (GPB) (BLM), 2018 WL 6181408, at *1 (S.D. Cal. Nov. 27, 2018), on reconsideration, No. 18-cv-2287 (GPB) (BLM), 2019 WL 625163 (S.D. Cal. Feb. 14, 2019) (declining to determine whether the token that defendant had offered to investors was a “security” for the purposes of the federal securities laws before full discovery on the issue)

[9] See SEC v. Ripple Labs Inc., No. 1:20-cv-10832 (S.D.N.Y. Dec. 22, 2020).

[10] Hansen, supra note 12.

[11] William Hinman, Dir., Div. of Corp. Fin., Sec. & Exch. Comm’n, Digital Assets Transactions: When Howey Met Gary (Plastic), (June 14, 2018), available at https://www.sec.gov/news/speech/speech-hinman-061418.

[12] Hester Peirce, Comm’nr, Sec. & Exch. Comm’n, Running on Empty: A Proposal to Fill the Gap Between Regulation and Decentralization (Feb. 6, 2020).

The following Gibson Dunn lawyers prepared this client alert: Reed Brodsky, Mark Schonfeld, Tina Samanta, and Sarah Patterson*.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following members and leaders of the firm’s Securities Enforcement practice group:

Zainab N. Ahmad – New York (+1 212-351-2609, [email protected])
Reed Brodsky – New York (+1 212-351-5334, [email protected])
Joel M. Cohen – New York (+1 212-351-2664, [email protected])
Barry R. Goldsmith – New York (+1 212-351-2440, [email protected])
Richard W. Grime – Co-Chair, Washington, D.C. (+1 202-955-8219, [email protected])
Mary Beth Maloney – New York (+1 212-351-2315, [email protected])
Mark K. Schonfeld – Co-Chair, New York (+1 212-351-2433, [email protected])
Alexander H. Southwell – New York (+1 212-351-3981, [email protected])
Tina Samanta – New York (+1 212-351-2469, [email protected])

* Sarah Patterson is a recent law graduate working in the firm’s New York office who is not yet admitted to practice law.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Hong Kong partner Sébastien Evrard, associate Hayley Smith and trainee Katherine Tomsett are the authors of “Hong Kong’s competition ordinance: successes and challenges six years on,” published by Competition Law International in June 2022.

This article was first published in Competition Law International, Vol 18 No 1, June 2022, and is reproduced by kind permission of the International Bar Association, London, UK. © International Bar Association.

Given the recent changes in the composition of the SEC Commissioners, we offer a summary of the current composition in our most recent Monitor post, which is available at the following link:

Read More

The following Gibson Dunn attorneys assisted in preparing this update: Hillary H. Holmes, Thomas J. Kim, Ronald O. Mueller, and James J. Moloney.

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On June 8, 2022, the City of Los Angeles implemented new local political contribution restrictions and reporting requirements for property owners, developers, and their respective principals while entitlement applications are in process, and for twelve (12) months thereafter.[1] Under newly adopted Section 49.7.37 (Developer Contribution Restrictions) to the Los Angeles Municipal Code, contributions from project developers (even if they are not a lobbyist) to the Mayor, the City Attorney, a City Council member, a candidate for any of those offices, or a City committee controlled by any of those individuals are prohibited.[2] Individuals applying for significant planning entitlements are required to electronically file Form 65 (Restricted Developer Registration) with the Los Angeles City Ethics Commission.[3] These new laws come in response to several high-profile investigations of alleged corruption, including allegations that developers have provided monetary and non-monetary bribes to City officials in exchange for securing discretionary development approvals.

How do I know if I have to register?

An individual qualifies – and must register with the Los Angeles City Ethics Commission – as a “restricted developer” when they apply for any of the 17 types of significant planning entitlements listed in Los Angeles Municipal Code Section 49.7.37(A)(5).[4] A “significant planning entitlement” means any of the following planning approvals submitted to the Los Angeles Department of City Planning that are not solely ministerial:[5]

	Significant Planning Entitlement	Case Prefix, Suffix, or Reviewing Division
1.	Density Bonus, On Menu	DB
2.	Density Bonus, Off Menu	DB
3.	Development Agreement	DA
4.	General Plan Amendment	GPA
5.	Height District Change	HD
6.	Major Development Project	Review by Major Projects Division
7.	Oil Drilling District Establishment	O
8.	Sign District Establishment	SN
9.	Site Plan Review	SPR
10.	Specific Plan Establishment	SP
11.	Tentative Tract Map	TT
12.	Transfer of Floor Area Rights	TDR
13.	Transit Oriented Communities Affordable Housing Incentive	TOC
14.	Vesting Tentative Tract	VTT
15.	Vesting Zone Change	VZC
16.	Zone Change	ZC
17.	Zone Variance where Area or Citywide Planning Commission is the initial decision maker	(APC and ZV) or (CPC and ZV)

Who do the restrictions apply to?

Any applicant, property owner, or principal associated with a significant planning entitlement filing in the City of Los Angeles qualifies as a “restricted developer” and is subject to the new restriction.[6] Principals include all of the following for both the applicant and the property owner(s):

board chair;
president;
chief executive officer (CEO);
chief financial officer (CFO);
chief operating officer (COO);
individual who serves in the functional equivalent of one of those positions;
person who owns 20% or more of the entity and/or property; and
individual authorized to represent the applicant or property owner before the City Planning Department (ex: in house employee, outside consultant, attorney, lobbyist, permit expediter, or similar consultant).[7]

The contribution ban does not extend to an external board member of a developer or property owner who does not serve in a role that is functionally equivalent to one of the above positions. If your project is not required to be registered with the Los Angeles City Ethics Commission or if you are not required to be listed on a Form 65 (Restricted Developer Registration) (even if you are involved with a project that is required to be registered with the Los Angeles City Ethics Commission), you may make contributions subject to the applicable contribution limits.[8]

How do I comply with this requirement?

Reporting Requirements – Applicants are required to register significant planning entitlements with the Los Angeles City Ethics Commission by filing Form 65 (Restricted Developer Registration)[9] online through the Restricted Developer Filing System (RDFS).[10] Form 65 is due at the time a significant planning entitlement is submitted to the Los Angeles Department of City Planning.[11] Applicants are required to disclose information about the project, themselves, the property owners, and the principals associated with the significant planning entitlement.[12] If any information in Form 65 changes, an amended registration must be filed within ten (10) business days after the change occurs.[13]

Required information for filing Form 65 through RDFS can be found at https://ethics.lacity.org/wp-content/uploads/RDFS-Registration-Required-Info.pdf.

General data from each application will be displayed on the Restricted Developer Master Portal on the Los Angeles City Ethics Commission website.[14] See https://ethics.lacity.org/restricted-developers/. Registrations, applicants, owners, and principals can be viewed and searched through the Public Data Portal.[15] See https://ethics.lacity.org/data/.

Political Contribution Restrictions – Once an application is filed, the applicant, the property owner, and their principals (the restricted developers) are prohibited from making political contributions to the Mayor, the City Attorney, a City Council member, a candidate for any of those offices, or a City committee controlled by any of those individuals.[16] The prohibition does not apply to contributions made to LAUSD candidates or committees.[17] Applicants must notify owners and principals that they are subject to this ban.[18]

What are the penalties for non-compliance?

A planning application is not complete until the applicant has filed the information required with the Los Angeles City Ethics Commission.[19] A planning application will be on hold until registration is complete and the applicant has received a confirmation receipt from the Los Angeles City Ethics Commission.[20]

In addition to any other penalties or remedies that may apply under the Los Angeles Municipal Code (potentially monetary fines or misdemeanor charges), a restricted developer who violates or aids or abets a violation of the disclosure requirement or contribution ban may not be an applicant, property owner, or principal on a new planning application for twelve (12) months after the determination of violation by the Los Angeles City Ethics Commission.[21] If the commission, as a body, determines that mitigating circumstances exist concerning the violation, this debarment may not apply.[22]

Is this law retroactive?

Registration is required for any pending project that meets the requirements and that has not yet been approved, conditionally approved, or denied, even if the application was submitted before June 8, 2022.[23] Contributions made prior to June 8, 2022, are not subject to the requirement.[24]

When does this restriction begin and end?

The restriction begins the day the application is submitted to the Los Angeles Department of City Planning.[25] The restriction ends twelve (12) months after the date a letter of determination is issued by the Los Angeles City Ethics Commission or, if no letter is issued, the date the decision on the application is final.[26]

If an application is withdrawn or terminated pursuant to the Zoning Code, the restriction applies until the day after the termination or the filing of the withdrawal.[27]

__________________________

[1] https://ethics.lacity.org/news/developer-contribution-ban-goes-into-effect/

[2] Id.

[3] Id.

[4] https://ethics.lacity.org/developers/#requirements

[5] Id.

[6] https://ethics.lacity.org/wp-content/uploads/RDFS-Flyer.pdf

[7] Id.

[8] Id.

[9] https://ethics.lacity.org/how-do-i-file/?document_source_number=CEC65

[10] https://ethics.rdfs.lacity.org/

[11] https://ethics.lacity.org/developers/#requirements

[12] Id.

[13] https://ethics.lacity.org/developers/#whatdoifile

[14] https://ethics.lacity.org/developers/#requirements

[15] https://ethics.lacity.org/developers/#faq

[16] https://ethics.lacity.org/wp-content/uploads/RDFS-Flyer.pdf

[17] https://ethics.lacity.org/developers/#faq

[18] L.A., CAL., MUNICIPAL CODE § 49.7.37 (2020) (effective June 7, 2022).

https://ethics.lacity.org/wp-content/uploads/Laws-Campaigns-City-CFO.pdf#page=45

[19] https://ethics.lacity.org/developers/#requirements

[20] Id.

[21] https://ethics.lacity.org/developers/#debarment

[22] Id.

[23] https://ethics.lacity.org/developers/#faq

[24] Id.

[25] https://ethics.lacity.org/developers/#limitations

[26] Id.

[27] L.A., CAL., MUNICIPAL CODE § 49.7.37 (2020) (effective June 7, 2022).

https://ethics.lacity.org/wp-content/uploads/Laws-Campaigns-City-CFO.pdf#page=45

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. For further information, please feel free to contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Land Use and Development or Real Estate teams in California, or the following authors:

Mary G. Murphy – San Francisco (+1 415-393-8257, [email protected])
Douglas M. Champion – Los Angeles (+1 213-229-7128, dchampion@gib sondunn.com)
Benjamin Saltsman – Los Angeles (+1 213-229-7480, [email protected])

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.