CLS Blue Sky Blog

Sullivan & Cromwell Discusses Key Considerations for Fiscal-Year 2019 SEC Filings

As issuers prepare their Form 10-K and 20-F filings for fiscal year 2019, they should consider recent changes to Securities and Exchange Commission (“SEC”) disclosure rules, trending disclosure topics and the implementation of critical audit matters disclosure in the audit report. This memorandum summarizes several of those disclosure and accounting considerations, and highlights the key changes to SEC rules that will affect Form 10-K and 20-F filings this upcoming reporting season.

General Disclosure Trends

As issuers prepare their annual SEC reports, they should consider a number of disclosure topics that have continued to receive SEC and investor attention over the past year. Although some issuers may not need to make changes at this time, all issuers should evaluate whether their disclosures adequately address these topics. Issuers should also consider whether other issues that have received increasing attention in recent years, such as workplace conduct matters and the way social media is changing reputational risk and the risk of negative publicity, present material risks that should be discussed.

In light of the SEC’s focus on the need for more robust disclosure of the potential business and operational impacts of Brexit, issuers should continue to consider whether updates to their Brexit disclosures are warranted, particularly as uncertainties remain unresolved or evolve, and as issuers develop a more informed understanding of the risks and potential effects associated with Brexit. In December 2018, Chairman Clayton indicated that the SEC has an interest in ensuring that issuers provide adequate Brexit disclosure and in March 2019, the Director of the Division of Corporation Finance indicated that the SEC expects to see disclosures that address a variety of matters, including regulatory risks issuers might face as a result of Brexit, potential impact on supply chains, risk of losing customers, exposure to currency devaluation, foreign currency exchange rate risk or other market risks, uncertainties regarding existing contracts and whether or not Brexit might affect financial statement recognition, measurement or disclosure items.

To the extent issuers have developed plans or adjusted their business and operations in light of Brexit, they should also consider the extent to which such plans will be affected if a “no-deal” Brexit scenario occurs at the end of the transition period. To the extent material, issuers should include more detailed, tailored disclosure around those preparations or, if relevant, risks relating to the status of those preparations, including the risk of a “no-deal” Brexit. For example, issuers may have begun implementing plans to establish operations in other European countries as a way to maintain their “passport” to engaging in business in Europe, or they may have identified the importance of such plans but not made sufficient progress implementing them. Issuers’ understanding of the risks and potential effects of Brexit will most likely continue to develop, and issuers’ disclosure should evolve accordingly. Importantly, issuers should tailor their disclosure regarding the impact of Brexit to their particular situations and avoid generic disclosures that do not give a clear indication of the anticipated or possible effects of Brexit on their businesses and operations.

The SEC expects issuers to provide cybersecurity disclosure that is “tailored to their particular cybersecurity risks and incidents” and “emphasize[s] a company-by-company approach that allows relevant and material information to be disseminated to investors without boilerplate language or static requirements while preserving completeness and comparability of information across companies.” Key areas of focus for issuers include review of risk factors related to the potential harm of cybersecurity incidents to their business, disclosure about cybersecurity controls and procedures and discussion in the management’s discussion and analysis of financial condition and results of operations (“MD&A”) where cybersecurity events or compliance costs have had or are expected to have a material effect on the issuer’s financial condition or results of operations. Issuers should also consider risks relating to incident response, as well as whether changes in their business and operations—such as entering new lines of business or changing business processes or practices—could have a material effect on their risk exposure to cybersecurity incidents.

Critical Audit Matters

The requirement for auditors to report critical audit matters (“CAMs”) in the audit report became effective for large accelerated filers with fiscal years ending on or after June 30, 2019. The Public Company Accounting Oversight Board (“PCAOB”) defines a CAM as “[a]ny matter arising from the audit of the financial statements that was communicated or required to be communicated to the audit committee and that (1) relates to accounts or disclosures that are material to the financial statements and (2) involved especially challenging, subjective, or complex auditor judgment.”13   For each CAM identified, auditors are required to disclose a description of the matter, the reason(s) such matter was identified as a CAM and a description of how the matter was addressed in the audit.14

Only a limited number of audits have been subject to the CAMs disclosure requirement to date, and so, while it is too early to identify any predictive trends among issuers, the initial observations from these audits discussed below provide useful insight for the upcoming annual report cycle. The PCAOB reports that, based on its outreach to issuers who have already had CAMs included in their audit reports, the implementation of CAMs generally did not change audit committees’ interactions with the auditor and audit committees have found the CAM review process to be a helpful component of the audit.15

Large accelerated filers should consider the following key items when preparing for the inclusion of CAMs in their upcoming annual reports:

SEC Form Updates

In March 2019, the SEC adopted amendments (the “Disclosure Rules”)17 that changed certain disclosure requirements in Regulation S-K that were intended to improve the readability and navigability of disclosure documents and discourage repetition and disclosure of immaterial information. This memorandum does not cover all changes made to the regulations, but rather focuses on key provisions of the Disclosure Rules applicable to corporate issuers as they prepare their Form 10-K and 20-F filings for fiscal year 2019.18

On August 8, 2019, the SEC announced proposed rule amendments to modernize the description of business, legal proceedings and risk factor disclosures that issuers are required to make pursuant to Regulation S-K in order to make these disclosures more principles-based and to update certain requirements for disclosure of legal proceedings. No changes have been adopted at this time, but issuers should consider whether some of the guidance provided in the proposed rules should be considered in their annual disclosure, such as the SEC’s focus on discouraging repetition, the requirement to include a description of the issuer’s human capital resources in the description of the business and the reorganization of risk factors under relevant headings.20

XBRL Updates

Although many issuers have already started making changes in their machine-readable eXtensible Business Reporting Language (“XBRL”), as large accelerated filers preparing U.S. GAAP financials were subject to new requirements for fiscal periods ending on or after June 15, 2019, it is worth noting the XBRL updates as other filers may comply early, or will not be required to comply until a later point in time in accordance with the phased-in compliance period.21

Proxy Changes

Certain changes under the Disclosure Rules will likely have greater relevance for issuers’ annual proxy statements but will still have implications for their Form 10-Ks.

Apart from the changes under the Disclosure Rules, at a December 2019 AICPA conference, Mr. Hinman recommended that, where relevant, issuers should include additional disclosure in the compensation discussion and analysis section of the proxy describing how stock buybacks are considered by the compensation committee, noting concerns that stock buybacks are often perceived as a way for management to unfairly increase executive compensation that is tied to stock price.


1  “Staff Statement on LIBOR Transition” (July 12, 2019), available at

2  A joint statement by SEC Chairman Clayton, Sagar Teotia, Chief Accountant, and William Hinman, Director, Division of Corporation Finance, dated December 30, 2019 (the “December 30, 2019 Joint Statement”), encourages audit committees to understand management’s plan to identify and address the risks associated with LIBOR reform and the expected impact on accounting and financial reporting and any related issues associated with financial products and contracts that reference LIBOR. For further discussion of the guidance contained in the December 30, 2019 Joint Statement, please see our Memorandum to Clients, “Audit Committee Oversight of Financial Reporting” (Jan. 7, 2020), available at Committee-Oversight-of-Financial-Reporting.pdf.

3  “Staff Statement on LIBOR Transition” (July 12, 2019), available at

4  In a June 2019 speech, Randal Quarles, Vice Chair for Supervision of the Federal Reserve Board of Governors, also encouraged market participants to move away from using LIBOR and, if they continue to use LIBOR, to use more effective fallback language. Speech available at

5  In September 2019, the IASB amended certain IFRS standards with respect to certain hedge accounting requirements to provide relief from the potential uncertainties of the LIBOR transition. The amendments require issuers to provide additional information to investors about their hedging relationships which are directly affected by these uncertainties. IASB, “Interest Rate Benchmark Reform (Amendments to IFRS 9, IAS 39, and IFRS 7)” (September 26, 2019). That same month, the Financial Accounting Standards Board (“FASB”) issued a proposed Accounting Standards Update to provide temporary optional guidance designed to ease the potential burden in accounting for the LIBOR transition and related reference rate reforms. The proposed update contains additional disclosure requirements that issuers will need to take into account. FASB, “Exposure Draft: Proposed Accounting Standards Update” (September 5, 2019), available at laimer=true.

6  Securities and Exchange Commission Press Release, “SEC Staff Publishes Statement Highlighting Risks for Market Participants to Consider As They Transition Away from LIBOR” (July 12, 2019), available at

7  Jay Clayton, Chairman, Securities and Exchange Commission, “SEC Rulemaking Over   the Past Year, the Road Ahead and Challenges Posed by Brexit, LIBOR Transition and Cybersecurity Risks” (Dec. 6, 2018), available at

8  “Commission  Statement  and  Guidance  on  Public  Company  Cybersecurity Disclosures,” SEC Release Nos. 33-10459, 34-82746 (Feb. 20, 2018), available at

9  Securities and Exchange Commission, “Facebook to Pay $100 Million for Misleading Investors About the Risks It Faced From Misuse of User Data” (July 24, 2019), available at

10 “Report  of  Investigation  Pursuant  to  Section  21(a)  of  the  Securities  Exchange  Act of  1934 Regarding Certain Cyber-Related Frauds Perpetrated Against Public Companies and Related Internal Accounting Controls Requirements,” Release No. 34-84429 (Oct. 16, 2018), available at The 21(a) Report states that internal controls over financial reporting may need to be reassessed in light of risks arising from cyber- related frauds and other emerging risks.

11 For the full text of the Disclosure Guidance, see, “Intellectual Property and Technology Risks Associated with International Business Operations”, available at technology-intellectual-property-international-business-operations.

12 William Hinman, Director, Division of Corporation Finance, “Applying a Principles-Based Approach to Disclosing Complex, Uncertain and Evolving Risks” (Mar. 15 2019), available at 031519.

13 PCAOB, “Implementation of Critical Audit Matters: The Basics” (Mar. 18, 2019), available at Basics.pdf.

14 For a more detailed description of the CAMs requirement and related PCAOB    guidance, please see our Client Memorandum, “Critical Audit Matters Guidance” (Mar. 25, 2019), available at

15 See PCAOB “Critical Audit Matters Spotlight”, available at Spotlight.pdf.

16 The December 30, 2019 Joint Statement encourages audit committees to engage in a substantive dialogue with the issuer’s auditor regarding the audit and expected CAMs to understand the nature of each CAM, the auditor’s basis for the determination of each CAM and how each CAM is expected to be described in the auditor’s report. For further discussion of the guidance to audit committees contained in the December 30, 2019 Joint Statement, please see our Client Memorandum, “Audit Committee         Oversight of Financial Reporting” (Jan. 7, 2020), available at Reporting.pdf.

17 “FAST Act Modernization and Simplification of Regulation S-K,” SEC Release No.  33-10618; 34- 85381; IA-5206, available at

18 For a more detailed description of the changes included in the Disclosure Rules, please   see our Client Memorandum, “SEC Adopts Amendments to Modernize and Simplify Disclosure Requirements” (Mar. 22, 2019), available at SEC-Adopts-Amendments-to-Modernize-and-Simplify-Disclosure-Requirements.pdf.

19 Information may be redacted under the new streamlined process only if the information would likely cause  competitive  harm if disclosed.  Issuers  may  also  file  traditional confidential treatment requests following the procedures under Exchange Act Rule 24b-2 without a showing of competitive harm.  Earlier  this  year,  the  Supreme  Court  held  that  information  submitted  to  the federal government qualifies as “confidential” for purposes of Exemption 4 under the Freedom of Information Act when the information is customarily and actually treated as private and the information is provided to the government under an assurance of privacy. For a more detailed discussion of this decision, please see our Client Memorandum, “FMI v. Argus Leader Media – Supreme Court Broadens Scope of FOIA Exemption: Court Holds That, Under FOIA, the Federal Government May Not Disclose Commercial Information That a Corporation Has Kept Private and Provided to the Government Under an Assurance of Privacy” (June 25, 2019), available at Court-Broadens-Scope-of-FOIA-Exemption.pdf. In December 2019, the Division of Corporation Finance issued guidance describing the process and additional considerations for issuers that wish to protect confidential information using the traditional confidential treatment application process, available at

20 For a more detailed description of the proposed rule changes, please see our Client Memorandum, “SEC Proposes Amendments to Regulation S-K Disclosure Requirements” (Aug. 12, 2019), available at to-Regulation-S-K-Disclosure-Requirements.pdf.

21 “Inline XBRL Filing of Tagged Data,” SEC Release Nos. 33-10514, 34-83551, IC-33139 (June 28, 2018), 83 FR 40846 (Aug. 16, 2018), available at 08-16/pdf/2018-14365.pdf. For more information, see our Client Memorandum, “SEC Adopts New Rules Affecting Public Company Reporting: SEC Requires Use of Inline XBRL for Public Companies Including Funds, Eliminates XBRL Website Posting Requirement, Expands Companies Eligible for ‘Smaller Reporting Company’ Scaled Disclosure and Modifies Rules for Financial Statements of Smaller Acquired Businesses” (July 5, 2018), available at

22  Issuers subject to Form 10-K filing requirements will not be required to submit Inline XBRL files for a Form 10-K until they have already submitted Inline XBRL files for at least one 10-Q.

This post comes to us from Sullivan & Cromwell LLP. It is based on the firm’s memorandum, “Key Considerations for Fiscal Year 2019 Form 10-K and 20-F Filings,” dated January 7, 2020, and available here.

Exit mobile version