Following up on clues earlier this year that the SEC may increase its scrutiny of cybersecurity disclosures, SEC Chairman Mary Jo White has asked the Commission to evaluate current guidance for cybersecurity disclosures and to consider whether more stringent requirements are necessary. White asked the Commission to assemble a report on general practice and compliance with existing guidelines, and to make recommendations for future guidance. White did not yet commit to changes to the current guidelines, issued in October 2011, pending issuance of the report.
Senator Jay Rockefeller, who disclosed the Chairman’s directive, has recently encouraged the SEC to provide further guidance on cybersecurity disclosures. He has already sponsored legislation in this arena, including the Cybersecurity Act of 2012, which would have pushed the private sector to share internal information within the industry and with government agencies. The proposed legislation in 2012 would have also encouraged the enactment of protective measures for computer networks. Senator Rockefeller has expressed concern about the lack of information regarding cybersecurity risks, and appears poised to push for additional disclosures. Read More
Orrick partner Jim Meyers provides his perspective to JD Supra in the May 14, 2013 article, “A Look Ahead at SEC Enforcement Actions – with Orrick’s Jim Meyers.” Jim comments on trends in Securities and Exchange Commission enforcement, the new arrivals of SEC chairwoman, Mary Jo White and Enforcement Unit co-head, Andrew Ceresney, the recent “Non-Prosecution Agreement” with Ralph Lauren, and more.
To read the full JD Supra article, please click here.
Yesterday the SEC filed an Order Instituting Cease and Desist Proceedings against the City of Harrisburg, Pennsylvania for violations of Rule 10b-5. The City consented to entry of a Cease and Desist Order. The SEC also issued a Report of Investigation under Section 21(a) discussing “Potential Liability of Public Officials With Regard to Disclosure Obligations in the Secondary Market.”
The headline message from this proceeding is that the SEC found that the City had violated the securities laws through public statements made by public officials, as well as budget documents released during a certain time period, which allegedly failed to disclose material information about the City’s dire financial condition (primarily related to its obligations on certain waste-to-energy project bonds which the City had guaranteed). The reason these statements were deemed so significant is that during this period the City had fallen far behind in releasing its Comprehensive Annual Financial Reports (“CAFRs”), so that investors had no other available current financial information. The SEC used this proceeding and its Report of Investigation to re-emphasize the statements made in its 1994 Interpretive Guidance on the obligations of participants in the municipal securities markets, and its 1996 Report following the bankruptcy of Orange County, California, that statements made by public officials which might be “reasonably expected to reach investors and the trading markets” can be subject to antifraud rules, even when such statements are not part of a specific securities offering. Read More
Almost two years after the Supreme Court issued its momentous decision in Janus Capital Group, Inc. v. First Derivative Traders, 131 S. Ct. 2296 (2011), lower courts continue to reach significantly different conclusions concerning its scope. The Supreme Court held that, for purposes of SEC Rule 10b-5, “the maker of a statement is the person or entity with ultimate authority over the statement, including its content and whether and how to communicate it.” Id. at 2302. Specifically, in Janus, the Supreme Court held that an investment advisor could not be liable for statements in prospectuses filed by a related, but legally separate entity. Because the investment advisor did not “make” the statements—that is, did not have “ultimate authority” over them—it could not be liable as a primary violator of Rule 10b-5 for any misstatements or omissions contained therein.
Janus established a bright-line rule. But the Southern District of New York, in particular, has split over whether Janus applies beyond the context of private actions brought under Rule 10b-5(b). In the most recent decision from that district to address the issue, SEC v. Garber, No. 12 Civ. 9339, 2013 WL 1732571 (S.D.N.Y. Apr. 22, 2013), Judge Shira A. Scheindlin deepened this divide. Read More
On April 24, 2013, the Public Company Accounting Oversight Board issued its inaugural “Policy Statement Regarding Credit for Extraordinary Cooperation in Connection with Board Investigations.” The Policy Statement reiterates many of the themes of the SEC’s “Seaboard Report,” and therefore many may view it as largely plowing over well-trodden ground. But, the Policy Statement merits close attention, because it is the first such statement the Board has issued since it was formed, it sets forth specific examples of conduct that is likely to earn credit for cooperation, and it focuses specifically on the auditing profession.
The Policy Statement identifies three forms of “extraordinary” cooperation that could result in audit firms and/or individuals receiving credit in enforcement investigations:
remedial or corrective action; and
According to the Board, “[a] firm or associated person may earn credit for self-reporting by making voluntary, timely and full disclosure of the facts relating to violations before the conduct comes to the attention of the Board or another regulator.” And, the sooner self-reporting is made, the more likely it will result in credit. The Board stressed, however, that self-reporting is “not eligible for cooperation credit” if it is “required by legal or regulatory obligations,” e.g., the auditor’s obligation under Section 10A of the Securities Exchange Act of 1934 to report a client’s illegal acts. Read More
The SEC issued a release today confirming that companies can use social media outlets like Facebook, Twitter, and LinkedIn to announce information in compliance with Regulation FD (“Reg FD”) so long as investors have been alerted in advance about which social media will be used to send the information.
The SEC’s release grows out of an inquiry involving the CEO of a major Internet television network. The CEO posted on his Facebook page that his company’s online viewing had exceeded a key milestone for the first time. His Facebook statement was not accompanied or preceded by any company press release or 8-K. The stock jumped substantially, and the SEC came knocking.
The SEC’s release confirms that companies are permitted to announce material news through social media, provided investors know when and where to expect it. In response to the SEC’s latest release on Reg FD, we expect that public companies will update their social media protocols and, as appropriate, integrate investor relations communications more closely with links to sites like Facebook, Twitter and LinkedIn.
Today, the Solicitor General filed a motion asking the Supreme Court to dismiss the Securities and Exchange Commission’s petition for a writ of certiorari in SEC v. Bartek. As noted in a previous blog post, the Bartek petition focused on when the limitations period under 28 U.S.C. § 2462 begins to accrues, a question that was answered in Gabelli.
However, the petition also presented a second question: whether director and officer bars and injunctive relief constituted penalties. Although the Supreme Court was unlikely to take up that question at this juncture, the government’s decision to dismiss the petition perhaps signals a view that Gabelli will not have a significant adverse impact on the SEC’s civil enforcement activities. Certainly, Gabelli’s impact can be minimized if, as expected, Mary Jo White is confirmed as the next SEC Chair and follows through on her commitment to the Senate Banking Committee to “aggressive” pursuit of wrongdoers.
Cybersecurity may be the SEC’s newest area for enforcement actions. While the SEC first released Disclosure Guidance concerning cybersecurity in 2011, the recent media attention surrounding significant cybersecurity breaches at a number of U.S. companies may cause the SEC to renew interest in the issue, and may result in enforcement actions, as well as shareholder class actions and derivative lawsuits. Companies that fail to disclose cybersecurity events in their public filings may find themselves on the wrong end of an SEC investigation and enforcement action.
Companies may also see an increase in class actions where there is a significant stock drop following disclosure of a cybersecurity breach—however, to date, there is little evidence to suggest the market reacts in a negative way following disclosure of a cybersecurity breach, leaving questions about whether plaintiffs could prove materiality and causation in a securities fraud case. Finally, increased focus on cybersecurity disclosures may result in an increase in shareholder derivative actions against officers and directors, with shareholders alleging that the company breached their fiduciary duties by failing to ensure adequate security measures. Read More
In Gabelli v. SEC, a unanimous Supreme Court held that the statute of limitations for “penalty” claims in governmental enforcement actions begins to run from the date of the underlying violation of the law, not when the government discovers or reasonably should have discovered the misconduct. Gabelli has important implications for the Securities and Exchange Commission (“SEC”) and all governmental agencies because it limits the sanctions available to the agency for conduct that occurred more than five years before it commences a civil enforcement action. Opinion.
Gabelli involved the application of 28 U.S.C. § 2462, which provides that “an action, suit or proceeding for the enforcement of any civil fine, penalty or forfeiture … shall not be entertained unless commenced within five years from the date when the claim first accrued[.]” In 2008, the SEC sought civil penalties from Mark Gabelli, a mutual fund portfolio manager, for alleged violations of the Investment Advisers Act in connection with alleged market timing issues. Gabelli successfully moved to dismiss the penalty claims as time-barred under Section 2462 because the complaint was filed almost six years after the alleged misconduct. On appeal, the Second Circuit reversed, reasoning that in cases of fraud the statute of limitations does not begin to run until the SEC discovered (or reasonably could have discovered) the wrongful acts. The Supreme Court disagreed, holding that “a claim based on fraud accrues—and the five-year clock begins to tick—when a defendant’s allegedly fraudulent conduct occurs.” Read More
In the latest development in an SEC lawsuit filed Friday, February 15, U.S. District Judge Rakoff extended a freeze on a Swiss Goldman Sachs account linked to possible insider trading in H.J. Heinz Company call options. The complaint alleges that these options were bought for $90,000 the day before the ketchup maker agreed to be bought by Warren Buffett’s Berkshire Hathaway, Inc. and Brazilian investment firm 3G Capital, giving the mystery investors $1.7 million in profits. The SEC said that the timing and size of the trades were suspicious because the account had had no history of trading Heinz stock over the last six months.
On Friday, February 15, Rakoff approved an emergency court order to freeze the assets in a Swiss trading account, which would prevent the investors from taking the profits out of the account until they showed up in court to “unfreeze” them. At a hearing the following week, none of the investors showed up. Rakoff relished: “They can hide, but their assets can’t run.” Read More
Please do not include any confidential, secret or otherwise sensitive information concerning any potential
or actual legal matter in this e-mail message. Unsolicited e-mails do not create an attorney-client
relationship and confidential or secret information included in such e-mails cannot be protected from
disclosure. Orrick does not have a duty or a legal obligation to keep confidential any information that
you provide to us. Also, please note that our attorneys do not seek to practice law in any jurisdiction
in which they are not properly authorized to do so.
By clicking "OK" below, you understand and agree that Orrick will have no duty to keep confidential any
information you provide.