On February 21, 2018, the SEC issued new Guidance regarding cybersecurity disclosure and governance requirements applicable to SEC reporting companies. In our earlier Client Update on this topic, we discussed the disclosure considerations addressed in the Guidance. In this Client Update, we focus on the cyber-related governance issues addressed in the Guidance.
Cybersecurity and Risk Governance
The Guidance addresses three governance topics in the context of cybersecurity: (1) the adoption and regular assessment of cyber-related disclosure controls and procedures; (2) the establishment of policies and procedures to address the risk of insider trading based on material nonpublic cybersecurity … Read more
Registrants, particularly those involved in highly regulated industries, frequently must determine whether and when a government investigation and related pending or threatened litigation must be disclosed in its periodic reports filed with the Securities and Exchange Commission (“SEC”). On September 9, 2016, the SEC filed a complaint against a company and its general counsel that should serve as a reminder for any registrant subject to a government investigation to ensure that it has robust procedures in place to review disclosure requirements in connection with government investigations in light of the facts uncovered by any internal investigation and the course of … Read more
On May 17, 2016, the Securities and Exchange Commission issued new Compliance and Disclosure Interpretations (“C&DIs”) on the use of non-GAAP financial measures. With a fiscal reporting period having passed since the SEC issued the C&DIs, we surveyed the impact that the C&DIs had on company disclosure practices and related developments. Our survey sample included 100 earnings releases issued by Fortune 500 companies since May 17 that included a presentation of two or more non-GAAP financial measures and guidance on at least one non-GAAP measure (the “Survey”). Unsurprisingly, given the nature of the C&DIs, a significant … Read more