Considerations for Preparing Your 2024 Form 10-K and 2025 Proxy Statement
Client Alert | December 20, 2024
An annual update of observations on new developments and highlights of considerations for calendar-year filers preparing their Annual Reports on Form 10-K for 2024 and proxy statements for annual meetings in 2025.
Each year we offer our observations on new developments and highlight select considerations for calendar-year filers as they prepare their Annual Reports on Form 10-K. This year, we are also including a discussion of select proxy statement considerations. This alert touches upon recent rulemaking from the U.S. Securities and Exchange Commission (the “SEC” or “Commission”), emerging trends among reporting companies, recent comment letters issued by the staff of the SEC’s Division of Corporation Finance (the “Staff”) and developments in the securities litigation and SEC enforcement landscape.
Despite the forthcoming changes in presidential administration and Commission leadership, public companies continue to be subject to rules adopted and guidance issued during Gary Gensler’s chairmanship. While we anticipate that changes in Commission leadership will likely result in shifts in the SEC’s disclosure review focus and enforcement priorities, we believe public companies are wise to stay the course and react to changes in policy or practice with respect to SEC and investor disclosures only after such changes are implemented.
An index of the topics described in this alert is provided below.
I. New Disclosure Requirements for 2024 Form 10-Ks and 2025 Proxy Statements
A. New Form 10-K Disclosure Requirements
1. Discuss Insider Trading Policies and Procedures in the Form 10-K (and Proxy
Statement)
2. File Insider Trading Policies and Procedures with the Form 10-K
3. iXBRL Tagging for Cybersecurity Disclosures
B. New Proxy Statement Disclosure Requirements
1. Option Award Grant Timing Disclosures
2. Discuss Insider Trading Policies and Procedures in the Proxy Statement (and
Form 10-K)
II. Disclosure Trends and Considerations for the 2024 Form 10-K
A. Cybersecurity
B. Human Capital
C. Climate Change and ESG
D. Generative Artificial Intelligence
E. Geopolitical Conflict
F. Issues for China-based Companies
G. Inflation and Interest Rate Concerns
III. Disclosure Trends and Considerations for the 2025 Proxy Statement
A. Officer Exculpation
B. Director Time Commitments (Overboarding)
C. Director Independence Determinations
D. Pay vs. Performance
E. Continued SEC Scrutiny of Perquisites
F. Nasdaq Board Diversity Rules
IV. SEC Comment Letter Trends
A. Management’s Discussion and Analysis
B. Non-GAAP Financial Measures
C. Segment Reporting
V. Securities Litigation
VI. SEC Enforcement
A. Defense Against Cybersecurity Risks
B. Use of Emerging Technologies
C. Internal Controls
D. Enforcement Priorities in 2025
VII. Other Reminders and Considerations
A. EDGAR Next
B. Disclosure of Significant Segment Expenses in Notes to Financials
C. Clawback Policies and Checkboxes
D. Filing Requirement for “Glossy” Annual Report
E. Cover Page XBRL Disclosures
VIII. Looking Forward
I. New Disclosure Requirements for 2024 Form 10-Ks and 2025 Proxy Statements
The pace of SEC rulemaking regarding public company disclosures slowed in 2024 compared to prior years, particularly the period of breakneck rulemaking that began when Chair Gensler became the Chair of the Commission in 2021 and continued through the end of 2023. The main disclosure requirements that became effective in 2024 resulted from final rules adopted by the SEC in December 2022.
While the SEC’s Regulatory Flexibility Agendas for Spring and Fall 2024 continued to include a bevy of new rulemaking projects, only a few impacting the disclosure obligations of public companies made it to the proposed or final rule stage. When the Trump-appointed Chair, currently expected to be former SEC Commissioner Paul Atkins, takes over at the SEC, several of the rulemaking projects that currently remain under consideration (e.g., board diversity, human capital) are likely to be relegated to the back burner or abandoned altogether.
Set forth below are discussions of the most significant new disclosure requirements that public companies need to consider heading into 2025.
1. Discuss Insider Trading Policies and Procedures in the Form 10-K (and Proxy Statement)
Pursuant to Item 408(b) of Regulation S-K, companies with a December 31 fiscal year end will be required to disclose whether they have adopted insider trading policies and procedures governing the purchase, sale, and other dispositions of their securities by directors, officers, and employees, or the company itself, that are reasonably designed to promote compliance with insider trading laws, rules, and regulations, and any listing standards applicable to the company. If a company has not adopted such insider trading policies and procedures, it must explain why it has not done so.
Form 10-K vs. Proxy Statement
The information required by Item 408(b) must be included in Part III, Item 10 of Form 10-K[1] every year (either directly or by forward incorporation by reference to the proxy statement) and in the proxy statement for any meeting involving the election of directors.
Because companies are permitted to forward incorporate Form 10-K Part III information by reference to a proxy statement filed within 120 days of the end of the year covered by the Form 10-K, companies may decide to simply include the disclosure in the proxy statement as is commonly done with other Part III information. Companies that decide to go this route should make sure that the insider trading disclosure in the proxy statement is adequately covered by the incorporation by reference language included in Item 10 of Form 10-K. To comply with Exchange Act Rule 12b-23, companies should identify in the Form 10-K the information intended to be incorporated as well as the section of the proxy statement in which that information can be found.
Based on a review of the 95 S&P 500 companies that had filed an insider trading policy as of November 22, 2024, we compiled several observations that are set forth in this alert. For information about the results of an earlier survey based on our review of the insider trading policies filed by S&P 500 companies as of June 30, 2024, see our client alert “Early Insights from Insider Trading Policies Filed by S&P 500 Companies under the SEC’s New Exhibit Requirement“ (the “September 2024 Insider Trading Policy Survey”).[2]
Out of the above-mentioned 95 companies, 56 have filed both their proxy statement and their Form 10-K.[3] Of these 56 companies, 95% included the disclosure in their proxy statement, with 57% including the disclosure only in the proxy statement (and incorporating by reference in the Form 10-K); 32% including the disclosure in the proxy statement and Form 10-K; and 9% having a deficient Form 10-K because they did not include or incorporate by reference the disclosure. The remaining 5% of the 56 companies had a deficient proxy statement because they included the disclosure only in the Form 10-K.
Content of Item 408(b) Disclosure
Companies seem to take varying approaches to the content of their Item 408(b) disclosure. While some of the companies that included the disclosure in both the Form 10-K and the proxy statement had the same or virtually the same disclosure in both filings, others varied it, with some companies largely tracking the language provided in Item 408(b) in the Form 10-K, referring readers to the policies and procedures filed as exhibits to the Form 10-K, but providing more detailed disclosure in their proxy statement, and other companies including more detailed disclosure in the Form 10-K than the proxy statement. A majority of the companies that included the disclosure only in the proxy statement included more detailed disclosure than the language provided in Item 408(b), in many cases by including the key terms of the policy and weaving into the discussion the hedging policy disclosure required by Item 407(i).
“Policies and procedures governing … the registrant itself”
As mentioned above, Item 408(b) requires a company to disclose whether it has adopted insider trading policies and procedures governing transactions in company securities by the company itself, and, if so, to file the policies and procedures, or, if not, to explain why.
Of the 95 S&P 500 companies that had filed their insider trading policy as of November 22, 2024, a majority (69%) did not address insider trading policies or procedures governing companies’ transactions in their own securities.[4] Twenty-six percent of the surveyed companies addressed this requirement by including in their primary insider trading policy a brief sentence or two about the company’s policy of complying with applicable laws when trading in its own securities. Four percent of the surveyed companies filed a separate company repurchase policy, either as a separate exhibit (3%) or with the company’s primary insider trading policy as a single exhibit (1%).
Comparing these findings to the results of our survey of insider trading policies as of June 30, 2024 shows that more companies are complying with the requirement to file policies applicable to company transactions. In fact, almost half of the companies that filed their insider trading policy exhibits after August 30, 2024 complied with the requirement, as compared with 22% of companies that had filed as of June 30, 2024.
2. File Insider Trading Policies and Procedures with the Form 10-K
Pursuant to the exhibit requirements in Item 601(b)(19) of Regulation S-K and the new insider trading rule in Item 408(b)(2), calendar year-end companies are required to file with their 2024 Form 10-K “[a]ny” “insider trading policies and procedures governing the purchase, sale, and/or other dispositions of the registrant’s securities by directors, officers and employees, or the registrant itself, that are reasonably designed to promote compliance with insider trading laws, rules and regulations, and any listing standards applicable to the registrant.”
In September 2024, we published our September 2024 Insider Trading Policy Survey. The discussion below covers some of the questions raised by the new exhibit requirement and looks at how some filers handled these issues.
Ancillary Materials to Primary Insider Trading Policy
For many companies, there is not simply one document setting forth every policy applicable to directors, officers and employees that is “reasonably designed to promote compliance with insider trading laws, rules and regulations, and [applicable] listing standards.” A company’s primary insider trading policy is frequently accompanied by:
- appendices or other ancillary documents setting forth additional details, such as a schedule listing the people subject to additional trading windows or preclearance procedures, additional guidelines applicable to Rule 10b5-1 trading arrangements, or frequently asked questions;
- training materials used to promote compliance with insider trading laws, rules, regulations, and listing standards by directors, officers, and employees; and/or
- specific instructions for how directors, officers, and employees can obtain preclearance or any other approvals referenced in the policy (e.g., who to contact, what systems to use).
Similarly, for the convenience of its users, historically some policies hyperlinked to other information relevant to the policy, such as applicable definitions, examples of what constitutes material non-public information (“MNPI”), and a routinely updated schedule of quarterly trading blackout windows.
When preparing to file Exhibit 19 to Form 10-K, companies will want to consider whether any of these ancillary materials should be filed with the company’s primary insider trading policy. In the absence of guidance from the SEC, one reasonable approach would be to file any ancillary materials that impose additional substantive requirements on directors, officers, and employees, but omit ancillary materials that simply repeat or provide examples or interpretations of the requirements set forth in the main policy.
Based on the insider trading policies filed as of November 22, 2024, a significant majority (86%) of the companies filed only a single insider trading policy and no other related policies or documents (even where the insider trading policy referenced other related policies).[5] In the small number of cases where multiple policies were filed, the additional policies were often supplemental guidelines or policies covering topics typically not applicable to all employees at larger companies (e.g., trading windows, preclearance procedures, 10b5-1 plans).
Unwritten Procedures
Item 408(b)(2) seems to presume the policies and procedures are in writing, but nowhere has the SEC addressed what is to be done to comply with the exhibit requirement in Item 601(b)(19) if the policy or, more likely, procedures are not written. In the absence of guidance from the SEC, to the extent companies have policies or procedures that are not written, they will need to decide whether to (1) memorialize their previously unwritten policies or procedures in writing (either through a detailed description or a more high-level summary) so they can be filed or (2) leave the policies or procedures unwritten and forego filing.
Personal Information in Policies
Many insider trading policies have historically included the names and contact information for the individuals responsible for administering the policy. In anticipation of the filing requirement, many companies have removed that information from the policy altogether. We also believe it is reasonable to retain the information in the internal, non-public facing policy but to redact the information from the exhibit filed with the Form 10-K pursuant to Item 601(a)(6), which allows companies to redact information “if disclosure of such information would constitute a clearly unwarranted invasion of personal privacy (e.g., disclosure of bank account numbers, social security numbers, home addresses, and similar information).”
Beginning with the 2024 Form 10-K, the required cybersecurity disclosures that calendar year-end companies first began including in their 2023 Forms 10-K pursuant to Item 106 of Regulation S-K will need to be tagged in Inline XBRL (“iXBRL”), including by block text tagging narrative disclosures and detail tagging quantitative amounts.[6] The SEC has stated that companies must use the “Cybersecurity Disclosure (CYD)” taxonomy tags within iXBRL to tag these disclosures.[7] Companies need to be aware that significant judgment will be required to apply these tags. Not only will companies be required to determine the provision of Item 106 to which each part of the narrative disclosure is responsive, but companies will also need to determine which flags to mark as “true” or “false.”
Importantly, under the CYD taxonomy, there is a flag for “Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant,” and it is our understanding that to properly apply the flag, each company must select “true” or “false.” As discussed in Section II.A. (Cybersecurity) below, the requirement to describe whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the registrant caused consternation among many companies and resulted in wide variety of responses during the first year of compliance. With the iXBRL requirement going into effect, companies that have addressed Item 106(b)(2) by including slightly vague or ambiguous disclosure in Item 1C or by cross-referencing their risk factors will need to carefully consider how they will handle these new tagging requirements.
The SEC adopted new rules requiring companies to disclose their policies and practices related to the timing of granting option awards (including stock appreciation rights) and the relationship between grants and the release of MNPI. Specifically, pursuant to Item 402(x) of Regulation S-K, companies must explain how the board decides when to grant these awards (e.g., whether they follow a set schedule), whether the board or compensation committee considers MNPI when deciding the timing and terms of such awards (and if so, how they consider such MNPI) and whether the company has timed the release of MNPI to influence the value of executive compensation. In addition, a new table is required to be included for option awards granted during the last fiscal year to a named executive officer within four business days before or one business day after the filing of a Form 10-Q or Form 10-K, or the filing or furnishing of a Form 8-K that discloses MNPI. Companies are required to include the narrative policies and practices disclosure regardless of whether the company has actually made grants of option awards close in time to the release of MNPI. Although these rules apply only to options and similar awards, we expect many companies to include, or expand on existing, narrative disclosures regarding their policies and practices related to the timing of full value awards as well (i.e., restricted stock units, restricted stock, and performance stock units).
2. Discuss Insider Trading Policies and Procedures in the Proxy Statement (and Form 10-K)
As a result of the overlapping obligations, this proxy statement requirement is discussed above in the section titled “New Form 10-K Disclosure Requirements.”
II. Disclosure Trends and Considerations for the 2024 Form 10-K
As previously discussed in our client alert “SEC Adopts New Rules on Cybersecurity Disclosure for Public Companies,” on July 26, 2023, the SEC adopted a final rule requiring public companies to provide current disclosure of material cybersecurity incidents and annual disclosure regarding cybersecurity risk management, strategy, and governance.
Under new Item 106, which is required to be addressed in new Item 1C of Form 10-K, public companies must include disclosures in their annual reports regarding their (1) cybersecurity risk management and strategy, including with respect to their processes for identifying, assessing, and managing cybersecurity threats and whether risks from cybersecurity threats have materially affected them; and (2) cybersecurity governance, including with respect to oversight by their boards and management.[8]
The new rule first applied to annual reports on Form 10-K for fiscal years ending on or after December 15, 2023, so most companies provided the required disclosure for the first time in 2024. Gibson Dunn surveyed disclosures made by 97 S&P 100 companies in response to Item 106 requirements as of November 30, 2024.[9] Set forth below is a summary of key trends and insights based on our analysis of these filings. The full results of this survey are included in our alert titled “Cybersecurity Disclosure Overview: A Survey of Form 10-K Cybersecurity Disclosures by the S&P 100 Companies.”
While certain disclosure trends have emerged under Item 106, we note that there is significant variation among companies’ cybersecurity disclosures, reflecting the reality that effective cybersecurity programs must be tailored to each company’s specific circumstances, such as its size and complexity of operations, the nature and scope of its activities, industry, regulatory requirements, the sensitivity of data maintained, and risk profile. Companies must strike a careful balance in their disclosures, providing sufficient decision-useful information for investors, while taking care not to reveal sensitive information that could be exploited by threat actors.[10] We expect company disclosures to continue to evolve as their practices change in response to the ever-evolving cybersecurity threat landscape and as common disclosure practices emerge among public companies.
The key disclosure trends we observed include the following:
- Materiality. The phrasing used by companies for this disclosure requirement varies widely. Specifically, in response to the requirement to describe whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the company, the largest group of companies (40%) include disclosure in Item 1C largely tracking Item 106(b)(2) language (at times, subject to various qualifiers); 38% vary their disclosure from the Item 106(b)(2) requirement in how they address the forward-looking risks; and 22% of companies do not include disclosure specifically responsive to Item 106(b)(2) directly in Item 1C, although a substantial majority of these companies cross-reference to a discussion in Item 1A “Risk Factors.”
- Board Oversight. Most companies delegate specific responsibility for cybersecurity risk oversight to a board committee and describe the process by which such committee is informed about such risks. Ultimately, however, the majority of surveyed companies report that the full board is responsible for enterprise-wide risk oversight, which includes cybersecurity.
- Cybersecurity Program. Companies commonly reference their program alignment with one or more external frameworks or standards, with the National Institute of Standards and Technology (NIST) Cybersecurity Framework being cited most often. Companies also frequently discuss specific administrative and technical components of their cybersecurity programs, as well as their high-level approach to responding to cybersecurity incidents.
- Assessors, Consultants, Auditors or Other Third Parties. As required by Item 106(b)(1)(ii), nearly all companies discuss retention of assessors, consultants, auditors or other third parties, as part of their processes for oversight, identification, and management of material risks from cybersecurity threats.
- Risks Associated with Third-Party Service Providers and Vendors. In line with the requirements of Item 106(b)(1)(iii), all companies outline processes for overseeing risks associated with third-party service providers and vendors.
- Drafting Considerations.
- Most companies organize their disclosure into two sections, generally tracking the organization of Item 106, with one section dedicated to cybersecurity risk management and strategy and another section focused on cybersecurity governance. Companies typically include disclosures responsive to the requirement to address material impacts of cybersecurity risks, threats and incidents in the section on risk management and strategy.
- The average length of disclosure among surveyed companies is 980 words, with the shortest disclosure at 368 words and the longest disclosure at 2,023 words. The average disclosure runs about a page and a half.
- Risk Factors. A substantial majority of companies include a cross-reference to their cybersecurity-related risk factor(s) in Item 1A “Risk Factors” or to risk factors included in Item 1A more generally.
Human capital resource disclosures by public companies have continued to be a focus since the SEC adopted the new rules in 2020, not only for companies making the disclosures, but employees, investors, and other stakeholders reading them. As we have done for the past several years, we recently published a survey of the human capital resource disclosures from the S&P 100, available in our client alert titled “Four Years of Evolving Form 10-K Human Capital Disclosures.” The alert also provides practical considerations for companies as we head into 2025.
Overall, our findings indicate that companies are generally making only minor changes to their disclosures year over year, and these minor changes generally included shortening of company disclosures, maintaining or decreasing the number of topics covered, and including slightly less quantitative information in some areas.[11] Specifically, we identified the following trends regarding the S&P 100 companies’ human capital disclosures compared to the previous year:
- Length of disclosure. Fifty-seven percent of surveyed companies decreased the length of their disclosures, 34% increased the length of their disclosures, and the length of the remaining 9% remained the same.
- Number of topics covered. Forty-one percent of surveyed companies decreased the number of topics covered, 13% increased the number of topics covered, and the remaining 46% covered the same number of topics.
- Breadth of topics covered. Across all companies, the prevalence of 10 topics increased, nine topics decreased, and nine topics remained the same.
- The most significant year-over-year increases in frequency involved Culture Initiatives (30% to 35%) and Pay Equity (48% to 50%) disclosures.
- The most significant year-over-year decrease involved COVID-19 disclosures, which declined in frequency from 34% to 1%. Other year-over-year decreases related to disclosures addressing Diversity Targets and Goals (21% to 14%), Diversity in Promotion (29% to 26%), Quantitative Diversity Statistics regarding Gender (63% to 60%), and Community Investment (28% to 25%).
- Most common topics covered. This year, the topics most commonly discussed generally remained consistent with the previous two years. For example, Talent Development, Diversity and Inclusion, Talent Attraction and Retention, Employee Compensation and Benefits, and Monitoring Culture remained the five most frequently discussed topics. The topics least discussed this most recent year, however, changed slightly from that of the previous year as COVID-19 disclosures, and Diversity Targets and Goals dropped into the five least frequently covered topics.
- Industry trends. Within the technology and finance industries, the trends that we saw in the previous year regarding the frequency of topics disclosed generally remained the same.
The SEC adopted final climate disclosure rules in March 2024.[12] The rules established new disclosure requirements under Regulation S-K related to climate-related risks, governance, and strategy and greenhouse gas emissions (for certain large filers), as well as new financial statement reporting requirements in Regulation S-X related to severe weather events, carbon or energy products, and climate-related targets or transition plans.[13] Following the consolidation of several legal challenges in the Eighth Circuit, the SEC voluntarily stayed the rules in April 2024 pending the litigation’s outcome.[14]
While the litigation is ongoing and the rules do not apply to the upcoming Form 10-K, reporting companies should remain thoughtful about how existing SEC rules may nonetheless require disclosure on many of these topics, including in the risk factors section (related to material climate-related risks), the business section (related to, for example, material climate-related regulatory developments or changes to business strategy), and management’s discussion and analysis (“MD&A”) section (related to, for example, material costs incurred from unique events or invested in climate-related research and development).[15] It can also be prudent to assess the consistency of any sustainability-related disclosure in the Form 10-K with current or anticipated reporting on these topics in non-U.S. or voluntary filings, as mandatory sustainability reporting regulations continue to be adopted outside the United States and may create new areas of legal risk. In particular, companies that are preparing to report under the European Union’s Corporate Sustainability Reporting Directive should consider whether the results of their double materiality assessment or other analyses also require an update to the Form 10-K, including the risk factors discussion.[16]
The Division of Enforcement has also maintained its focus on sustainability-related disclosures and practices despite the dissolution of the standalone ESG Task Force earlier this year.[17] In September 2024, a multinational beverage company agreed to pay a $1.5 million civil penalty to settle SEC claims regarding past Form 10-K statements on testing of the recyclability of the company’s single-use beverage pods. The SEC alleged that statements concerning the successful testing of the recyclability of the pods incomplete and inaccurate by not including that two of the largest recycling companies had expressed concerns about the commercial feasibility of curbside recycling of small format materials and had indicated that at that time they did not intend to accept the pods at their facilities. Notably, the SEC asserted violations of only Section 13(a) of the Securities Exchange Act of 1934 and Rule 13a-1. This standard does not require that the disclosures be material or misleading, or that they be made with any intent—only that the disclosures included in an issuer’s SEC filings be complete and accurate. This enforcement action reinforces that even voluntary or immaterial disclosure on these and other topics may be the subject of regulatory scrutiny and should be appropriately vetted for completeness before filing.
As artificial intelligence (“AI”), including generative AI, becomes increasingly prevalent in the marketplace and incorporated into business operations, companies should assess whether they have adequate AI-related disclosure. Specifically, companies should consider the ways in which the company’s strategy, productivity, market competition and demand for the company’s products, investments and the company’s reputation, as well as legal and regulatory risks, could be affected by AI. To the extent material, disclosure about how the company uses AI and the risks related to its use should be provided in the description of business section, risk factors, MD&A, and the financial statements (as well as the discussion of the board’s role in risk oversight in the proxy statement), as applicable.
When making AI-related disclosures, companies should be careful of general language that could be interpreted as “AI Washing.”[18] As noted by Director Erik Gerding in the Division of Corporation Finance’s announcement in June, the Staff will consider how companies are describing AI-related opportunities and risks, including, to the extent material, whether or not the company: (1) clearly defines what it means by AI and how the technology could improve the company’s results of operations, financial condition and future prospects; (2) provides tailored, rather than boilerplate, disclosure about material risks related to AI; (3) focuses on the company’s current or proposed use of AI; and (4) has a reasonable basis for its claims when discussing AI prospects.[19]
In recent comment letters, the Staff has asked companies to provide additional context to their AI-related disclosure, including to explain the basis of AI-related performance claims and to provide specific descriptions of the AI technology being used by the company, such as the development, implementation and source of the technology, and risks related to such use.[20]
Public companies should continue to consider the evolving developments related to the continued conflicts between Russia and Ukraine and in the Middle East, as well as continued tensions between China and the United States, including as to whether risks associated with these developments are adequately discussed in the risk factors, as well as their direct and indirect impacts on their business, operating results, and financial condition.
As discussed in our client alert “Considerations for Preparing Your 2023 Form 10-K,” companies with operations in the People’s Republic of China (the “PRC”) should review the Division of Corporation Finance’s sample comment letter[21] highlighting three focus areas for periodic disclosures related to China-specific matters, including those arising from the Holding Foreign Companies Accountable Act (the “HFCAA”), the Uyghur Forced Labor Prevention Act, and specific government-related operational risks. In addition to posing questions regarding HFCAA disclosures, the sample letter includes comments directed at risk factors and MD&A disclosure.
Director Gerding of the Division of Corporation Finance communicated in June that the Staff would continue to focus on China-based companies and to elicit disclosure from companies on material risks they face from the PRC intervening in, or exercising control over, their operations in the PRC.[22] Director Gerding also noted that the Staff continues to believe that companies should provide more prominent, specific, and tailored disclosures about China-specific matters so that investors have the information they need to make informed investment and voting decisions.
While inflationary pressures have eased and interest rates have decreased as compared to 2023, companies should continue to consider whether their disclosures regarding inflation impacts and risks and uncertainty regarding inflation or future rate changes are adequately discussed, including in light of announced plans from President-elect Trump regarding the implementation of tariffs on U.S. imports as discussed below. Depending on the effect on a company’s operations and financial condition, additional disclosure in risk factors, MD&A, or the financial statements may be necessary.
In June, Director Gerding stressed that material ongoing impacts of inflation, including particularized risks, should continue to be disclosed and companies should not simply discuss high-level trends.[23] Additionally, given the market disruptions in the banking industry that began in 2023, the Staff also indicated that it would continue to scrutinize updated disclosures related to interest rate risk and liquidity risk.[24]
The President-elect has frequently reiterated plans to implement tariffs on U.S. imports of up to 20% on all imports generally, with higher rates for select U.S. trade partners, and has recently communicated that he will impose tariffs of 25% on imports entering the United States from Canada and Mexico, and an additional 10% tariff on imports from China, as one of his first executive orders. Implementation of these tariffs could adversely affect efforts to stem inflationary pressures in the United States and correspondingly influence interest rates. Companies should continue to monitor the risks associated with these proposed policies and confirm that such risks are adequately addressed in their disclosures, including if such proposed plans have already begun to impact their business.
In recent comment letters relating to inflation, the Staff has focused on how current inflationary pressures have materially impacted a company’s operations, including by referring to statements regarding inflation made in a company’s quarterly filings, and sought disclosure to quantify the impact and to identify planned or taken efforts to mitigate the impact of inflation. If inflation is identified as a significant risk, the Staff asked companies to update disclosure if inflationary pressures have resulted in a material impact, to identify the types of inflationary pressures being faced and to quantify the impact of factors contributing to inflationary pressures.[25]
In recent comment letters relating to interest rates, the Staff has asked companies to expand their discussion of interest rates in the risk factors and MD&A sections to specifically identify the impact on the company’s business operations and to discuss specific risk policies and procedures used by the company to manage and monitor interest rate risk.[26]
It is also critical that companies confirm that their disclosures in “Item 7A. Quantitative and Qualitative Disclosures About Market Risk” are up-to-date and responsive to the requirements of Item 305 of Regulation S-K.
III. Disclosure Trends and Considerations for the 2025 Proxy Statement
In August 2022, the Delaware General Corporation Law was amended to allow companies to amend their certificate of incorporation to exculpate certain officers from personal liability for monetary damages for breaches of fiduciary duty in a manner similar to, but more narrow than, what is currently permitted for directors.
Such exculpation provisions apply only to direct claims against officers alleging a breach of fiduciary duty of care and provide a basis for early dismissal of certain claims in the preliminary stages of litigation, before extensive and expensive discovery. Because insurance and indemnification already serve to protect officers’ assets in such cases, the company is the primary beneficiary of extending exculpation to officers. This protection must be implemented through an amendment to the company’s certificate of incorporation, requiring both board and shareholder approval.
Although companies initially faced uncertainty regarding the reception of these amendments by proxy advisory firms and institutional investors, most proposals have received strong investor support during 2023, and this support continued in 2024. Between the 2023 and 2024 proxy seasons, approximately 27% of all S&P 500 companies incorporated in Delaware proposed exculpation amendments; all but three (96%) received stockholder approval.[27] Institutional Shareholders Services tends to support these proposals on a case-by-case basis, while Glass Lewis tends to oppose them, absent a “compelling rationale.”
The adoption of officer exculpation amendments reflects evolving expectations around liability protections for corporate officers. Companies contemplating such amendments should consider whether to engage with shareholders in advance to address potential concerns.
Institutional investors are increasingly scrutinizing directors’ time commitments to ensure effective governance. While the primary focus remains adhering to strict numerical limitations on the number of public company boards a director should serve on (generally, no more than two boards for directors who are executive officers and no more than four boards for non-executive directors), there is an increasing push to require companies to disclose their internal director time commitment policies and demonstrate adherence to such policies.[28] With a view to demonstrating the company’s responsiveness to evolving investor expectations and commitment to robust corporate governance, companies should revisit their policy and the processes used by their nominating committee or board of directors to assess director candidates in determining to nominate them for election to the board of directors and consider whether any enhancements are appropriate.
Companies should take a fresh look at their vetting processes to support disclosures with respect to director independence determinations. In 2024, the SEC brought settled charges against a director for proxy rule violations after he was identified in the company’s proxy statement as independent despite maintaining a close personal relationship with an executive officer of the company. The director did not disclose this relationship to the board of directors, thereby allegedly causing the company’s proxy statement to contain materially misleading statements. This enforcement action highlights the need for rigorous diligence in assessing relationships and transactions that could compromise a director’s independence. In light of these developments, companies should assess their independence determination processes, including reviewing their annual directors’ questionnaires and considering whether there are any opportunities to enhance board or nominating committee oversight and related proxy disclosures.
Most companies have already complied with the SEC’s “pay versus performance” (“PvP”) disclosure rules in their annual 2023 and 2024 proxy statements. As companies begin to prepare their 2025 disclosures, we’ve highlighted some notable trends and developments below based on prior proxy seasons and comment letters from the Staff:
- One additional year. Reminder that companies must add 2024 as an additional year to the PvP table and should not remove any years until after the PvP table contains five years total (three years for smaller reporting companies).
- Relationship disclosures. Although the rule permits graphical, narrative, or a combination thereof to describe the relationship between compensation actually paid and the various performance metrics, the comment letters from the Staff indicate a preference for graphical depictions. Graphical depictions have also been the majority practice during the last two proxy seasons.
- Metrics reporting. The Staff has placed an emphasis on ensuring (i) the compensation numbers included in the PvP table reconcile with those disclosed in the Summary Compensation Table, (ii) any Generally Accepted Accounting Principles (“GAAP”) numbers used, including net income, reconcile to the applicable numbers disclosed on the company’s Form 10-K, (iii) companies include clear descriptions of how they calculated any non-GAAP numbers included in the PvP disclosure, and (iv) the company-selected measure in the PvP table is included in the company’s list of the most important measures used to link pay and performance.
- Reconciliations. As a reminder, footnote reconciliations of the amounts deducted and added to calculate compensation actually paid for years other than the most recent fiscal year are required only if material to an understanding of the PvP information reported for the most recent fiscal year. As such, many companies can streamline their PvP disclosures by omitting prior years’ footnote reconciliations. In line with such guidance, the Staff has indicated that if a company revises the compensation actually paid included for prior fiscal years, then footnote reconciliations for such prior years should be included.
- Precise headings. The Staff has placed an emphasis on avoiding the use of vague terms in the headings of PvP table footnote reconciliations, such as “year-over-year.” Instead, the Staff prefers specific headings that track closely to the language of the rules, such as “prior fiscal year end to current fiscal year end” or “prior fiscal year end to vesting date.”
- Peer group changes. As a reminder, if the peer group used for peer group total shareholder return (“TSR”) disclosures in the PvP table changes from the prior year, the footnote must include the reason for the change and a comparison of the company’s TSR with that of both the new peer group and the peer group from the prior year.
In light of the above, companies should review their PVP table and related disclosures to incorporate and consider whether any improvements are necessary to comply with the latest SEC guidance.
The SEC continues to bring enforcement actions against companies relating to perquisite disclosure (as recently as this month), so companies may want to revisit their director and officer questionnaire and other disclosure control processes ahead of the upcoming proxy statement. Perquisites facing scrutiny include personal travel and commuting (including use of corporate aircraft), personal expenses, personal entertainment, personal transportation and personal security.
On December 11, 2024, the U.S. Court of Appeals for the Fifth Circuit vacated the SEC’s approval of Nasdaq’s board diversity disclosure rules, which previously required Nasdaq-listed companies to annually disclose a board diversity matrix with information about each of its director’s self-identified gender and demographic characteristics. Nasdaq has communicated that it does not intend to seek further review. As a result, companies will no longer be required to follow Nasdaq’s board diversity disclosure rules but may want to consider relevant investment community expectations when assessing any changes to their proxy disclosures.
IV. SEC Comment Letter Trends[29]
In 2024, comment letters from the Staff continued an emphasis on addressing disclosures in MD&A as well as the use of non-GAAP measures. Notably, following the adoption and subsequent stay of the SEC’s final climate disclosure rule in 2024, the number of comment letters from the Staff regarding companies’ climate-related disclosures decreased as the SEC reprioritized its focus areas.
Many of the comment letters addressing MD&A continued to focus on disclosures relating to results of operations, with the Staff often requesting that companies explain related disclosures with more specificity. The Staff has continued to focus on disclosures regarding material period-to-period changes in quantitative and qualitative terms as prescribed by Item 303(b) of Regulation S-K. For example, the Staff has commented on disclosures about factors contributing to period-on-period changes in financial line items, such as revenue, gross margin, cost of sales, expenses and operating cash flows, to request that companies provide both more quantitative detail regarding the extent to which each factor had contributed to the overall change in the line item, as well as qualitative discussion of the underlying factors attributable to such contributing factors.[30] The Staff often requested companies to “use more definitive terminology, rather than general or vague terms such as ‘primarily,’ to describe each contributing factor.”[31] The Staff has also continued to request that companies make disclosures about known trends and uncertainties affecting their results of operations.[32]
Another area that the Staff has continued to focus on is ensuring that key performance indicators (“KPIs”) are properly contextualized so that they are not misleading.[33] The Staff has, in certain circumstances, requested that companies provide additional disclosures regarding how KPIs are defined and calculated, why they are useful to investors and how they are used by management.[34] In addition, the Staff asked companies why KPIs or other performance metrics are discussed in earnings releases or investor presentations if not also discussed in their periodic reports or presented inconsistently.[35]
The Staff has also often asked companies to quantify and provide additional disclosure regarding significant components of financial condition and results of operations that have affected segment results.[36]
Two other key areas of MD&A that the Staff continued to focus on were critical accounting estimates and liquidity and capital resources. The Staff frequently noted that companies’ disclosures regarding critical accounting estimates were too general and requested that companies provide a more robust analysis, including both qualitative and quantitative information necessary to understand the estimation uncertainty and its impact on the financial statements, consistent with the requirement now set forth in Item 303(b)(3).[37] The Staff often indicated that these disclosures should supplement, not duplicate, the disclosures in footnotes to financial statements.[38] The Staff frequently commented on cash flows disclosures regarding enhancing the comparative analysis of the drivers of material changes period-on-period and the underlying reasons for such material changes, with a view to provide investors an understanding of trends and variability in cash flows.[39] The Staff also noted that such disclosures should not merely recite changes evident in the financial statements.[40]
The Staff has continued to express concerns regarding the improper use of non-GAAP measures in filings and issued several comments aligned with the Staff’s Compliance and Disclosure Interpretations (“C&DIs”).[41] Comments related to the latest C&DIs continued to focus on whether operating expenses are “normal” or “recurring” (Non-GAAP C&DI 100.01), and, therefore, whether exclusion from non-GAAP financial measures might be misleading.[42] The Staff has also asked companies about whether certain non-GAAP adjustments to revenue or expenses have made the adjustments “individually tailored” (Non-GAAP C&DI 100.04).[43] In addition to a continued focus on the topics covered under the C&DIs, the Staff continued to focus on a number of other matters relating to compliance with Item 10(e) of Regulation S-K, including the prominence of non-GAAP measures, reconciliations to GAAP measures and the usefulness and purpose of particular non-GAAP measures.
The Staff has continued to comment on a number of segment reporting disclosures. Examples of common comments include whether a company’s operating segments are properly categorized and the reasoning behind the aggregation of similar segments (and the factors used to identify different segments). The Staff also continued to focus on the disclosure of segment profit or loss measures and, in some cases, commenting that a measure consolidating segment profit or loss reflected a non-GAAP measure and should not be included in the financial statements.[44] Similarly, the Staff also commented that when a company presents a measure consolidating segment profit or loss outside of the notes in the financial statements, it is a non-GAAP measure and must comply with Item 10(e) and the Non-GAAP C&DIs.[45]
Companies should be aware of the following recent developments at the Supreme Court. First, earlier this year, the Supreme Court issued its opinion in Macquarie Infrastructure Corp. v. Moab Partners, L.P.¸601 U.S. 257 (2024), about whether Section 10(b) liability can be based on failure to disclose information required by Item 303. Second, the Supreme Court previously was poised to issue a decision in Facebook, Inc. v. Amalgamated Bank, regarding when risk factor disclosures made pursuant to Item 105 of Reg. S-K can be false or misleading under Section 10(b). However, after hearing oral argument, the Supreme Court issued an order in late November dismissing that appeal without issuing an opinion. Macquarie is discussed below.
Macquarie
On April 12, 2024, the Supreme Court unanimously decided Macquarie, holding that an issuer does not violate Section 10(b) or Rule 10b-5 merely by failing to disclose material information—even if that information is required to be disclosed under Item 303.[46] Instead, an omission is actionable under Section 10(b) only if it renders an affirmative statement by the issuer misleading.[47]
Plaintiff claimed that Macquarie violated Section 10(b) by failing to disclose under Item 303 that a new regulation would impact Macquarie’s business going forward.[48] The Court disagreed because plaintiff failed to “plead any statements rendered misleading” by the alleged omission.[49] Because Rule 10b-5 requires only “disclosure of information necessary to ensure that statements already made are clear and complete,” it covers “half-truths,” not “pure omissions.”[50]
While a company may not be held liable under Section 10(b) for a pure omission of information required under Item 303, companies should be mindful that Item 303 violations may be actionable under other provisions of the federal securities laws.
Throughout the past year, the SEC continued bringing enforcement actions against public companies for making allegedly misleading statements within their financial reporting and disclosures. Several themes and trends were apparent from the types of situations and disclosures underlying the Commission’s enforcement actions.
The SEC brought actions against several companies for either allegedly overstating the effectiveness of their respective cybersecurity programs and measures to defend against potential future intrusions, or for allegedly misstating the extent to which known cybersecurity incidents compromised company data. For example, at the end of 2023, the SEC charged SolarWinds for allegedly “overstating . . . cybersecurity practices and understating or failing to disclose known risks” in the years preceding a major cyberattack the company underwent in 2020.[51] Separately, later in 2024, the Commission brought settled charges against four public companies for allegedly understating to investors the extent to which cyberattacks had damaged their infrastructure or compromised their data.[52] The Commission alleged that several of these companies had “hypothetically or generically” framed cybersecurity risk factors even though the alluded-to risks had “already materialized” through known cyber intrusions, and this warranted more specific and deliberate disclosures to investors.
Representing somewhat of an inverse of the Commission’s trend of bringing enforcement actions involving alleged misstatements about an entity’s ability to defend against technological threats such as cyberattacks, the SEC also brought enforcement actions involving alleged misstatements about the extent to which entities could marshal emerging technologies to their advantage. For example, it announced settled fraud charges against a publicly traded South Korean crypto asset company for allegedly misrepresenting the extent to which it used blockchain technologies to settle transactions.[53]
Separately, the Commission brought settled charges against investment advisers and a hedge fund for making allegedly misleading disclosures about their purported use of artificial intelligence to improve investment decisions.[54] Though these enforcement actions concerned statements made by financial firms, their lessons can extend to public companies, many of which will inevitably find use cases of their own for artificial intelligence, and will accordingly need to consider disclosure of such capabilities and attendant risks.
As in prior years, the SEC brought actions against companies for allegedly failing to maintain adequate internal accounting and disclosure controls. For example, in June 2024, the Commission brought settled charges against a global provider of business communication and marketing services for allegedly failing to implement internal accounting controls sufficient to restrict access to the company’s information technology systems, or disclosure controls sufficient to provide management with relevant cybersecurity information with which to make appropriate disclosure decisions.[55]
However, a key court decision in the SolarWinds litigation in July 2024 marked what might be a turning point in the SEC’s penchant for finding internal accounting controls violations. There, the United States District Court for the Southern District of New York largely dismissed charges the Commission brought against SolarWinds regarding its cybersecurity controls. On the SEC’s internal accounting controls claim, the court found the claim failed because the cybersecurity controls did not relate to the company’s accounting or finance controls. On the SEC’s disclosure controls and procedures claim, the court found that though the company had misclassified the severity of two cybersecurity incidents, such misclassifications were isolated and could not by themselves support a claim that the controls were inadequate absent evidence of systemic problems with the company’s disclosure process, or a more prolific pattern of misstatements.[56]
As discussed below, SEC leadership will look different in 2025, and enforcement priorities may change significantly. It is not known what will happen to existing cases in the pipeline. We anticipate many cases will move ahead uninterrupted, while others will be reevaluated by SEC leadership and quietly closed. Suffice it to say, we expect the next 12 months to be a period of significant transition within the Enforcement Division of the SEC.
VII. Other Reminders and Considerations
Set forth below is a discussion of a few other recent rule changes, as well as reminders and considerations to keep in mind as companies prepare their annual reports on Form 10-K and proxy statements.
Those responsible for making SEC filings should be aware of the significant upcoming changes to the Electronic Data Gathering, Analysis, and Retrieval (“EDGAR”) System. On September 27, 2024, the SEC adopted amendments to Regulation S-T and Form ID to make technical changes to the EDGAR filer access and account management processes (referred to by the SEC as EDGAR Next). While there will be a steep learning curve associated with these significant procedural changes to EDGAR, they are expected to ultimately result in a filing system that is easier for filers and the individuals acting on their behalf to manage. EDGAR Next is currently in a beta testing period and will go live on March 24, 2025, though legacy EDGAR can still be used to make filings through September 12, 2025. EDGAR Next will, among other things, require filers to designate individuals to manage the filers’ EDGAR accounts and file on their behalf. To access EDGAR and make filings, these designated individuals will be required to have their own individual account credentials and complete multifactor authentication.
For a detailed discussion of the amendments to the EDGAR access rules, including an outline of the implementation timeline and an explanation of the steps to take now to prepare for the transition to EDGAR Next, please see our client alert titled “EDGAR Next: Preparing for Upcoming Changes to the EDGAR Access Rules.”
B. Disclosure of Significant Segment Expenses in Notes to Financials
Attorneys responsible for preparing and reviewing Form 10-K filings should also be aware of a recent change in accounting standards that will affect calendar year filers for the first time in the 2024 Form 10-K. On November 27, 2023, the Financial Accounting Standards Board (“FASB”) issued an Accounting Standards Update designed to provide more detailed information about companies’ reportable segment expenses and performance. Companies must now disclose significant segment expenses provided to the chief operating decision maker (“CODM”) and included in each reported measure of segment profit or loss, along with other segment items and their composition. If a company does not disclose significant expense categories and amounts for one or more of its reportable segments, it needs to explain the nature of the expense information the CODM uses to manage operations. The update clarifies that if the CODM uses multiple measures of segment profit or loss, more than one measure can be disclosed in the segment footnote, but at least one measure should be the measure that is most consistent with the measurement principles used in measuring the corresponding amounts in the financial statements. Companies are also required to disclose the CODM’s title and position and explain how the CODM uses these measures in assessing performance and allocating resource. Entities with a single reportable segment must comply with both the new and existing disclosure requirements. The updated guidance is effective for annual periods beginning after December 15, 2023.
In connection with these segment disclosures in the financial statement footnotes, which will provide investors and analysts a broader view of each segment’s operating results, companies should consider whether the discussion in MD&A should be updated to provide additional context about how management views the business conducted by each segment.
As a reminder, in connection with the SEC’s adoption of clawback rules in October 2022, a few significant requirements were added that affect Form 10-K filings and proxy statements.
- Form 10-K Cover Page Checkboxes. Two new checkboxes were added to the Form 10-K cover page, which require companies to indicate whether (i) the financial statements included in the filing reflect the correction of an error to previously issued financial statements, and (ii) any such corrections are restatements that required a recovery analysis pursuant to Rule 10D-1(b). A number of interpretive questions have arisen with respect to the applicability of the checkboxes in various contexts, so companies should carefully consider whether either of those boxes should be checked.
- Clawback Policy Exhibit with Form 10-K. Companies are now required to file their clawback policy as Exhibit 97 to the Form 10-K.
- Discussion of Application of Clawback Policy. Item 402 of Regulation S-K was amended to require companies to disclose how they have applied their recovery policies. If, during its last completed fiscal year, a company either completed a restatement that required recovery, or there was an outstanding balance of excess incentive-based compensation relating to a prior restatement, such company must disclose the information required by Item 402 for each restatement in any Form 10-K (either directly or by forward incorporation by reference to the proxy statement) or proxy or information statements that include executive compensation disclosure.
As a reminder, in June 2022 the SEC adopted amendments requiring that annual reports sent to shareholders pursuant to Exchange Act Rule 14a-3(c), otherwise known as “glossy” annual reports, must also be submitted to the SEC in PDF format using EDGAR Form Type ARS. Because these electronic submissions include the graphics and stylistic presentations of glossy annual reports, the file sizes can be very large, and companies are well advised to conduct a test filing sufficiently in advance of the live filing.
On September 7, 2023, the SEC published a sample comment letter regarding XBRL disclosures.[57] The sample comment letter included a comment regarding how common shares outstanding are reported on the cover page as compared to on the company’s balance sheet. The comment addressed instances in which companies “present the same data using different scales (presenting the whole amount in one instance and the same amount in thousands in the second).” Accordingly, companies should consider presenting their outstanding share data consistently throughout their Form 10-K.
Much is expected to happen between now and Inauguration Day. On December 4, 2024, President-elect Trump announced that he has selected former SEC Commissioner Paul Atkins to lead the SEC. SEC Commissioner Lizárraga has announced his intention to resign on January 17, 2025, and current SEC Chair Gensler will resign at noon on January 20, 2025.
On January 20 or 21, 2025, we expect the new Chief of Staff to formally instruct the executive agencies to refrain from proposing or issuing new rules, consistent with prior action taken by the Biden Administration and first Trump Administration. The Trump Administration will name an Acting Chair (likely Commissioner Uyeda). Commissioners Uyeda and Peirce are former Counsels to Atkins when he was a Commissioner. The Acting Chair will have a 2-1 majority. In the near-term, we would expect the Acting Chair to make certain personnel decisions, including removing existing Directors of Divisions, appointing new Acting Directors, and making decisions about how the Staff administers the laws.
The 2024 Form 10-K and 2025 proxy statement will require a number of new disclosures and considerations. As always, we recommend that companies start drafting their disclosures earlier rather than later, particularly where disclosures will require coordination among different teams or where benchmarking against peer disclosures may be appropriate.
[1] Foreign Private Issuers are required to disclose similar information in Item 16J of Form 20-F.
[2] For the purposes of the September 2024 Insider Trading Policy Survey, we limited our review to Exhibit 19 filings and did not review the companies’ disclosures in the body of the proxy statement or Form 10-K addressing Item 408(b)(1). The group of 49 S&P 500 companies in the September 2024 Insider Trading Policy Survey includes 23 companies that made Item 408(b) disclosures and 26 companies that were not subject to the disclosure requirements but voluntarily filed their insider trading policies and procedures with a Form 10-K filed prior to June 30, 2024.
[3] The remaining 39 companies include (1) early voluntary filers that filed their insider trading policy as an exhibit to their Form 10-K but did not address the Item 408(b) requirement in their Form 10-K or proxy statement and (2) other non-calendar year companies that filed their fiscal 2024 Form 10-Ks more recently but have not yet filed their proxy statement as of November 22, 2024.
[4] For the purposes of our September 2024 Insider Trading Policy Survey, we limited our review to Exhibit 19 filings and did not review the companies’ disclosures in the body of the proxy statement or Form 10-K addressing Item 408(b)(1).
[5] Under Item 408(b)(2), if all of a company’s insider trading policies and procedures are included in its code of ethics that is filed as an exhibit to the company’s Form 10-K, that satisfies the exhibit requirement. However, many companies do not file their code of ethics and instead rely on one of the alternative means of making the code available allowed under Item 406(c)(2) and (3).
[6] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, SEC Release No. 34-97989 (July 26, 2023), available at https://www.sec.gov/files/rules/final/2023/33-11216.pdf (“For Item 106 of Regulation S-K and Item 16K of Form 20-F, all registrants must begin tagging responsive disclosure in Inline XBRL beginning with annual reports for fiscal years ending on or after December 15, 2024.”)
[7] See the Cybersecurity Disclosure Taxonomy Guide (September 16, 2024), available at https://www.sec.gov/data-research/standard-taxonomies/operating-companies.
[8] Foreign private issuers are required to make similar annual disclosures pursuant to Item 16K of Form 20-F.
[9] As of November 30, 2024, three S&P 100 companies had not yet filed annual reports on Form 10-K for fiscal years ending on or after December 15, 2023.
[10] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023) at 60-63.
[11] Data provided is as of November 10, 2024 and is based on the companies currently included within the S&P 500, so some statistics are slightly different than they were in the prior surveys. The categorization data necessarily involves subjective assessment and should be considered approximate.
[12] See “SEC Adopts Rules to Enhance and Standardize Climate-Related Disclosures for Investors” (Mar. 6, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-31.
[13] For a further discussion of the climate reporting requirements, please see our prior client alert “SEC Adopts Sweeping New Climate Disclosure Requirements for Public Companies,” Gibson Dunn (Mar. 2024), available at https://www.gibsondunn.com/sec-adopts-sweeping-new-climate-disclosure-requirements-for-public-companies/.
[14] For a further discussion of the legal challenges to the climate reporting requirements, please see our prior blog posts “Fifth Circuit Stay of the SEC’s Climate Disclosure Rule Dissolved,” Gibson Dunn (Mar. 2024), available at https://themonitor.gibsondunn.com/fifth-circuit-stay-of-the-secs-climate-disclosure-rule-dissolved/ and “Eighth Circuit Establishes Briefing Schedule for SEC Climate Disclosure Rules Litigation,” Gibson Dunn (May 2024), available at https://themonitor.gibsondunn.com/eighth-circuit-establishes-briefing-schedule-for-sec-climate-disclosure-rules-litigation/.
[15] Prior to adopting the climate disclosure rules, the SEC issued guidance in 2010 explaining how current SEC reporting requirements could already require discussion of climate-related matters. See “Commission Guidance Regarding Disclosure Related to Climate Change” (Feb. 8, 2010), available at https://www.sec.gov/files/rules/interp/2010/33-9106.pdf.
[16] For a further discussion of this legislation and what to do to prepare, see “Webcast: What Does the CSRD Mean for U.S. Businesses?” Gibson Dunn (Nov. 2024), available at https://www.gibsondunn.com/webcast-what-does-the-csrd-mean-for-u-s-businesses/ and “European Corporate Sustainability Reporting Directive (CSRD): Key Takeaways from Adoption of the European Sustainability Reporting Standards,” Gibson Dunn (Aug. 2023), available at https://www.gibsondunn.com/european-corporate-sustainability-reporting-directive-key-takeaways-from-adoption-of-european-sustainability-reporting-standards/.
[17] For a discussion of the dissolution of the ESG Task Force, see “Gibson Dunn Environmental, Social and Governance Update (September 2024),” Gibson Dunn, (Oct. 2024), available at https://www.gibsondunn.com/gibson-dunn-esg-monthly-update-september-2024/.
[18] See “Chair Gary Gensler on AI Washing” (March 18, 2024), available at https://www.sec.gov/newsroom/speeches-statements/sec-chair-gary-gensler-ai-washing.
[19] See “The State of Disclosure Review” (June 24, 2024), available at https://www.sec.gov/newsroom/whats-new/gerding-state-disclosure-review-062424.
[20] Ardent Health Partners, LLC (link); Astera Labs, Inc. (link); Brand Engagement Network Inc. (link); iBio, Inc. (link); OneStream, Inc. (link); Rubrik, Inc. (link); Safe Pro Group Inc. (link).
[21] Available at https://www.sec.gov/rules-regulations/staff-guidance/disclosure-guidance/sample-letter-companies-regarding-china.
[22] See note 19.
[23] Id.
[24] Id.
[25] Casey’s General Stores, Inc. (link); Concentra Group Holdings Parent, Inc. (link); International Paper Company (link); Mueller Water Products, Inc. (link); Proficient Auto Logistics, Inc. (link).
[26] First Commonwealth Financial Corporation (link); Fulton Financial Corporation (link); FT 11735 (link); Glacier Bancorp, Inc.(link); Managed Portfolio Series (link); Premier Financial Corp. (link); Synovus Financial Corp. (link); The Sherman-Williams Company (link); WaFd, Inc. (link).
[27] Information is derived from the Institutional Shareholder Services voting analytics database.
[28] For example, State Street Global Advisors has emphasized the importance of disclosing the company’s director time commitment policy in its 2024 proxy voting guidelines and has indicated that it may vote against nominating and governance committee chairs at S&P 500 companies that fail to adequately disclose their annual director overboarding review process and related numerical limits. Additionally, in 2023, BlackRock voted against directors at 297 companies due to overboarding concerns.
[29] For additional discussion of comment letter trends, see “SEC Reporting Update – Highlights of trends in 2024 SEC staff comment letters” (September 12, 2024), available at https://www.ey.com/en_us/technical/accountinglink/sec-reporting-update-highlights-of-trends-in-2024-sec-staff-comment-letters1.
[30] Corsair Gaming, Inc. (link); GoDaddy Inc. (link); Gogo Inc. (link); Foot Locker, Inc. (link); Newell Brands Inc. (link); Payoneer Global Inc. (link); PetiQ, Inc. (link); Warner Bros. Discovery, Inc. (link); Workday, Inc. (link).
[31] Corsair Gaming, Inc. (link); GoDaddy Inc. (link); Gogo Inc. (link); Workday, Inc. (link).
[32] See note 29.
[33] Id.
[34] Consensus Cloud Solutions, Inc. (link); Martin Midstream Partners L.P. (link).
[35] Gen Digital Inc. (link); HBT Financial, Inc. (link); NCR Atleos Corporation (link).
[36] See note 29. Spectrum Brands Holdings, Inc. (link).
[37] CommScope Holding Company, Inc. (link); Community Bank System, Inc.(link); Gibraltar Industries, Inc. (link); Fidus Investment Corporation (link); HEICO Corporation (link); Methode Electronics, Inc. (link); Turning Point Brands, Inc. (link).
[38] CommScope Holding Company, Inc. (link); Community Bank System, Inc. (link); Gibraltar Industries, Inc. (link); Fidus Investment Corporation (link); HEICO Corporation (link); Methode Electronics, Inc. (link); Turning Point Brands, Inc. (link).
[39] AudioCodes Ltd. (link); Cencora, Inc. (link); Flywire Corporation (link); International Paper Company (link); Lyft, Inc. (link); Traeger, Inc. (link); Turning Point Brands, Inc. (link).
[40] AudioCodes Ltd. (link); Cencora, Inc. (link); Flywire Corporation (link); International Paper Company (link); Lyft, Inc. (link); Sea Limited (link); Traeger, Inc. (link); Turning Point Brands, Inc. (link).
[41] See note 19; Lumentum Holdings Inc. (link); Newell Brands Inc. (link); Penumbra, Inc. (link); Spectrum Brands Holdings, Inc. (link).
[42] Lumentum Holdings Inc. (link); Newell Brands Inc. (link); Spectrum Brands Holdings, Inc. (link); Penumbra, Inc. (link).
[43] Bar Harbor Bank & Trust (link); GoHealth, Inc. (link); Peoples Bancorp Inc. (link); The Cooper Companies, Inc. (link); WaFd, Inc. (link); Wheels Up Experience Inc. (link).
[44] See note 29; nVent Electric plc (link); Orthofix Medical Inc. (link); Pentair plc (link); Warner Bros. Discovery, Inc. (link).
[45] APTIV PLC (link); International Paper Company (link); StandardAero, Inc. (link).
[46] 601 U.S. at 265.
[47] Id.
[48] See id. at 260, 265.
[49] Id. at 265 (emphasis added).
[50] Id. at 264 (emphasis added).
[51] SEC Press Release, “SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures” (Oct. 30, 2023), available at https://www.sec.gov/newsroom/press-releases/2023-227.
[52] SEC Press Release, “SEC Charges Four Companies With Misleading Cyber Disclosures” (Oct. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-174.
[53] SEC Press Release, “Terraform and Kwon to Pay $4.5 Billion Following Fraud Verdict” (June 11, 2024), available at https://www.sec.gov/news/press-release/2024-73.
[54] SEC Press Release, “SEC Charges Two Investment Advisers with Making False and Misleading Statements About Their Use of Artificial Intelligence” (Mar. 18, 2024), available at https://www.sec.gov/news/press-release/2024-36; SEC Press Release, “SEC Charges Rimar Capital Entities and Owner Itai Liptz for Defrauding Investors by Making False and Misleading Statements About Use of Artificial Intelligence” (Oct. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-167.
[55] SEC Press Release, “SEC Charges R.R. Donnelley & Sons Co. with Cybersecurity-Related Controls Violations” (June 18, 2024), available at https://www.sec.gov/news/press-release/2024-75.
[56] Opinion and Order, SEC v. SolarWinds Corp. and T. Brown, 1:23-cv-09518-PAE (S.D.N.Y. July 18, 2024) at 104, 107.
[57] Available at https://www.sec.gov/corpfin/sample-letter-companies-regarding-their-xbrl-disclosures.
Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation and Corporate Governance, Executive Compensation and Employee Benefits, or Capital Markets practice groups, or any of the following practice leaders and members:
Securities Regulation and Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Michael Scanlon – Washington, D.C.(+1 202.887.3668, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])
Executive Compensation and Employee Benefits:
Sean C. Feller – Los Angeles (+1 310.551.8746, [email protected])
Krista Hanvey – Dallas (+1 214.698.3425, [email protected])
Kate Napalkova – New York (+1 212.351.4048, [email protected])
Gina Hancock – Dallas (+1 214.698.3357, [email protected])
Capital Markets:
Andrew L. Fabens – New York (+1 212.351.4034, [email protected])
Hillary H. Holmes – Houston (+1 346.718.6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415.393.8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213.229.7242, [email protected])
© 2024 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.