Securities Mosaic® Blogwatch
February 23, 2018
Antitrust and Economic Liberty: A Policy Shift from the Trump Administration?
by Joseph Coniglio

For the past 40 years, U.S. antitrust law has been understood as a consumer welfare prescription against conduct leading to higher prices, reduced output, and lower quality or innovation. A growing number of commentators argue, however, that this understanding of antitrust law should expand to include social or political goals to counter the ills of what some have termed a "New Gilded Age."[1] Just as the Sherman Act was needed to address the common law’s failure to curb the concentration of economic power resulting from business trusts and predatory practices, a new enforcement regime may be needed to replace a consumer welfare theory of the antitrust laws that has not protected the public from concentrations of economic power fueled by mergers and, in some cases, exclusionary conduct by dominant firms.

Antitrust law must preserve the basic principles of capitalism, such as rent-seeking and the right to contract, but also provide a legal standard for addressing wrongdoing. Achieving this balance has been a challenge since the enactment of the Sherman Act. Initially, the challenge was to determine whether all agreements in restraint of trade (and monopolies) were per se illegal under the Sherman Act. As the Supreme Court made clear in the landmark case of Standard Oil, such a view presented a choice of either being "destructive" of basic commercial activities or making enforcement of the Sherman Act "impossible because of its uncertainty." [2] By requiring judges to use reasonableness to assess whether restraints of trade violated the Sherman Act, the court sought to develop a framework for separating what is now termed "competition on the merits"[3] from illegal business conduct.

After Standard Oil, American courts often understood this framework through not just an economic lens but a social one—most notably, a concern with the loss of small competitors. In Alcoa, for example, Judge Learned Hand wrote that "great industrial consolidations are inherently undesirable, regardless of their economic results" and that a purpose of the antitrust laws was to "perpetuate and preserve, for its own sake and in spite of possible cost, an organization of industry in small units which can effectively compete with each other."[4] In the area of merger enforcement, the courts’ emphasis on protecting the small competitor was perhaps most noticeable. In Brown Shoe, the Supreme Court found that it "must give effect" to Congress’ desire for antitrust merger enforcement to "promote competition through the protection of viable, small, locally owned businesses," even while appreciating "that occasional higher costs and prices might result from the maintenance of fragmented industries and markets."[5]

As Professor Herbert Hovenkamp has said, decisions like Brown Shoe, which aim to protect small competitors, fail to admit of any limiting principle[6]—and thus do not establish the sort of objective standard Standard Oil sought to make the hallmark of antitrust enforcement. If, for example, the merger in Von’s Grocery[7] could represent an unlawful trend toward concentration, then, in principle, any merger between competitors might be illegal. Indeed, Justice Stewart argued forcefully in his dissent that the court’s reasoning implied loss of competition from loss of a competitor.[8] The same is true in the area of unlawful conduct by a monopolist. Even without pricing below its cost, a monopolist who benefits from economies of scale may foreclose a smaller, less efficient rival from the scale needed to compete. By looking only at the effect of the monopolist’s conduct in terms of market structure—be it the number of competitors or market shares—antitrust law risks defining the rules of the game in a way that punishes the successful competitor simply because he wins.

An economic welfare standard and the corresponding economic approach to antitrust analysis[9] are important, because they allow judges and enforcers to distinguish between conduct that merely harms competitors—a natural byproduct of market forces—from conduct that harms competition and the economic welfare of consumers. In so doing, the economic approach to antitrust gave firms a more objective standard than that of Brown Shoe and addressed Standard Oil’s concern about uncertainty. What’s more, economic principles allowed judges and antitrust enforcers to apply the law for the benefit of consumers without undermining free enterprise.

Given this background, I consider in a new article whether the Trump Administration is shifting toward antitrust standards that are broader than consumer welfare. Since the article’s publication, President Trump’s nominee to chair the Federal Trade Commission, Joseph Simons, has been quoted as saying that the antitrust agencies "have been too permissive in dealing with mergers and acquisitions" and reduced consumer welfare by limiting "consumer choice" and harming workers.[10] Simons mention of "consumer choice" echoes the Department of Justice’s complaint that the merger between AT&T and Time Warner would slow "greater choice for consumers."[11] While the details remain to be seen, "consumer choice" has been recognized as distinct from "consumer welfare,"[12] and may signal a return to the types of social concerns expressed in Brown Shoe.[13]

The language of "economic liberty," however, may be a better indicator of a new direction for antitrust enforcement. In a series of speeches, Assistant Attorney General Makan Delrahim stated that a focus on economic liberty and consumer welfare serves "cherished values,"[14] and that "antitrust law employs law enforcement principles to maximize economic liberty subject to minimal government imposition."[15] In the abstract, "economic liberty" has several meanings, and could reflect the substantive due process theory that the Sherman Act rejected, the social goal of protecting competitors that the Supreme Court once readily affirmed, or the laissez faire inclinations of the Chicago School. The best answer may be "none of the above," and Delrahim’s use of "economic liberty" may reflect a distinct paradigm for antitrust enforcement. If history is any guide, modifications to the consumer welfare standard may not only be something to watch for, but a basis for reflecting upon how agency officials and the courts would draw the line between anticompetitive and procompetitive conduct.

ENDNOTES

[1] See, e.g., Robert Reich, Antitrust in the New Gilded Age, Huff. Post (Apr. 17, 2014).

[2] Standard Oil et al. v. United States, 221 U.S. 1, 63 (1911).

[3] Brooke Group Ltd. v. Brown & Williamson Tobacco Corp., 509 U.S. 209, 223 (1993).

[4] United States v. Aluminum Co. of America, 148 F.2d 416, 428-29 (2d. Cir. 1945).

[5] Brown Shoe Co. v. United States, 370 U.S. 294, 344 (1962).

[6] Herbert J. Hovenkamp, Antitrust Policy and Inequality of Wealth, CPI Antitrust Chronicle, at 5 (Oct. 2017).

[7] United States v. Von’s Grocery Co., 384 U.S. 270, 278 (1966) (condemning merger that resulted in a combined market share of less than 8%).

[8] Id. at 287 (Stewart, J., dissenting).

[9] It is here where the various Harvard, Chicago, and Post-Chicago schools share a common technocratic core, as these two pillars of modern antitrust can be affirmed without making any assumptions about the likelihood for markets to self-correct.

[10] Pallavi Guniganti, Simons includes harm to workers and choice in competition mission, Global Competition Review (Feb. 5, 2018). https://globalcompetitionreview.com/article/usa/1153360/simons-includes-harm-to-workers-and-choice-in-competition-mission.

[11] See Complaint, United States v. AT&T et al., No. 1:17-cv-02511, at 2 (D.D.C. 2017), available at https://www.justice.gov/opa/press-release/file/1012896/download.

[12] See, e.g., Joshua D. Wright & Douglas H. Ginsburg, The Goals of Antitrust: Welfare Trumps Choice, 81 Fordham L. Rev. 2405, 2411 (2013) (noting that "both economic theory and empirical evidence are replete with examples of business conduct that simultaneously reduces choice and increases welfare in the form of lower prices, increased innovation, or higher quality products and services"). But see Neil W. Averitt & Robert H. Lande, Using the "Consumer Choice" Approach to Antitrust Law, 74 Antitrust L.J. 175, 176 (2007) (suggesting that in some markets there is "no good way to assess consumer welfare [] without considering the nonprice choice issues").

[13] In addition the social concern about competitors, in a footnote Brown Shoe mentions competitive harm in terms of "consumer choice." See Brown Shoe, 370 U.S. at 345, n.72 ("[E]xpansion through merger is more likely to reduce available consumer choice while providing no increase in industry capacity, jobs, or output.").

[14] Makan Delrahim, Assistant Attorney General, U.S. Dep’t of Justice Antitrust Division, Address at the American Bar Association’s Antitrust Fall Forum 4 (Nov. 16, 2017).

[15] Makan Delrahim, Assistant Attorney General, U.S. Dep’t of Justice Antitrust Division, Remarks at New York University Law School 6 (Oct. 27, 2017).

This post comes to us from Joseph Coniglio at the law firm of Wilson, Sonsini, Goodrich & Rosati and reflects solely his own views. It is based on his recent article, "Antitrust and Economic Liberty: A Policy Shift from the Trump Administration?" which is available here and is a synthesis of and commentary on an article first published in Competition Policy International’s North America Column.

February 23, 2018
Fried Frank Discusses Delaware Decision Absolving LCC Board of Duty to Maximize Price
by Gail Weinstein, Robert C. Schwenkel, Brian T. Mangino, Matthew V. Soran and Andrea Gede-Lange

In Miller v. HCP (Feb. 1, 2018), the Court of Chancery dismissed claims made against the members of a limited liability company board, a majority of whom had been appointed by the private equity firm that was the company’s controlling stockholder, for approving a sale of the company to an unaffiliated third party that was championed by the controller—without attempting to maximize the price.

Under the LLC operating agreement’s "waterfall" provisions governing the allocation of proceeds on a sale of the company, the controller was entitled to receive almost all of the proceeds of any sale up to $30 million and almost none of any proceeds above that amount (which, the court acknowledged, created little incentive for the board to negotiate a price higher than $30 million). The buyer initially offered $31 million and ultimately increased the price to $43 million (after the company had received a competing offer for $36 million and an unsolicited indication of interest that valued the company at $50-$60 million—neither of which the controller-allied board members pursued). Only $48,000 of the $13 million price increase was allocated to the plaintiff (who was a co-founder of the company), with the balance being allocated to other minority stockholders who had priority over the plaintiff in the waterfall. Under the waterfall, the plaintiff was entitled to an allocation of significant proceeds on a sale only if the price reached $60 million.

The plaintiff claimed that an open auction process would have resulted in a much higher sale price that would have made proceeds available to all of the Trumpet preferred unitholders. Although, under the LLC operating agreement, all fiduciary duties of the board to the LLC members and of the LLC members to one another were waived, and the board was granted "sole discretion" to approve a sale to an unaffiliated third party, the plaintiff contended that, based on the contractual implied covenant of good faith (which adheres to every contract and cannot be waived), the board was obligated to seek to maximize the price. The court disagreed and granted the motion of the controller and the controller-allied board members to dismiss the case.

Key Points
  • The decision underscores that minority investors in non-corporate entities typically have very limited rights as compared to investors in corporations. In contrast with the corporate context, where fiduciary duties apply under the common law (and cannot be waived), the relationship between an LLC board and the investors (and among the investors) is contractual in nature and the board’s fiduciary duties can be waived. Miller highlights (i) the significant impact of the contractual waiver of fiduciary duties common in agreements governing non-corporate entities and (ii) the general reluctance of the court to "read in" protections for minority investors, based on the implied covenant of good faith, that were not specifically negotiated for and expressly set forth in the governing agreement.
  • The implied covenant of good faith did not require that the board seek to maximize the price on a sale of the company to an unaffiliated third party. The court observed that, based on consistent precedent, the implied covenant of good faith and fair dealing may be invoked only when there is a "gap to be filled" in the parties’ agreement because an event arose that the parties could not have anticipated. The court found no gap in this agreement, as the agreement expressly provided that the board had sole discretion to approve a sale of the company other than to an insider. The court inferred from this language that the parties had "considered and addressed" the potential of a sale to an unaffiliated party and had not intended to restrict the board’s sole discretion in that context.
  • The court distinguished between the defendants acting in bad faith and their acting in the controller’s self-interest as contemplated by the agreement. The implied covenant of good faith may have been invoked if there had been allegations of bad faith by the defendants, the court stated. Here, however, the court reasoned, the controller-allied board members had not acted with the "purpose of harming" the other investors, but had simply acted in "their own self-interest manifest from the waterfall provisions in the [Operating Agreement]"—provisions that the controller had specifically negotiated for and the parties had agreed to. In the court’s view, the board’s conducting an auction could have risked the $31 million transaction—thus depriving the controller of the negotiated-for benefit of the board having sole discretion to accept a sale with an unaffiliated party even if the sale favored the controller’s interests (which in this case it did because the controller was the only investor to obtain a full payout under the waterfall provisions).
Background

When the co-founders of Trumpet Search LLC sought capital investment, private equity firm HCP & Company, with a $15 million investment, became the owner of 78% of Trumpet’s units and appointed a majority of Trumpet’s board. As noted, the LLC operating agreement provided that all fiduciary duties were disclaimed; that the LLC board had "sole discretion" to approve any sale to an unaffiliated third party; and that the class of units acquired by HCP were entitled to receive almost all of the first $30 million in proceeds on any sale of the company and almost none of any proceeds above that amount. Less than a year after HCP made the investment, HCP proposed a sale of Trumpet to MTS Health Partners, an unaffiliated third party. MTS initially offered a purchase price of $31 million. The HCP-allied majority of Trumpet’s board favored the proposal and decided not to conduct any market check. When the non-HCP-allied board members (including the plaintiff) "pushed back" at the absence of any sale process, they were given five days "to find competing offers" and the Trumpet CEO was permitted to speak to two entities which had previously expressed an interest in Trumpet. The HCP-allied board members continued to champion the MTS deal and to reject investigating the possibility of any other deal notwithstanding that, during the "abbreviated" sale process (which was not made public), the company received an offer from another party of $36 million and an unsolicited indication of interest that valued Trumpet at $50-60 million. Based on these developments, MTS, feeling "pressure," raised its price to $43 million. The company then entered into the sale to MTS at that price. HCP received $30 million of the sale proceeds, and minority investors received the additional $13 million (with the plaintiff receiving only $48,000, based on his position under the waterfall provisions).

Discussion

The court stated that (a) the waiver of fiduciary duties in the LLC operating agreement meant that the board could act in the controller’s interest in the event of a sale to an unaffiliated third party—subject only to the contractual implied covenant of good faith, and (b) the implied covenant did not require that the board seek to maximize the price. Unlike in the corporate context, where boards have fiduciary duties to the stockholders by common law (which cannot be waived), the relationship between an LLC board and the investors, or among LLC investors, is solely contractual in nature. Therefore, although an LLC board has fiduciary duties, they can be modified or eliminated in the LLC operating agreement. In addition, the agreement can specify a standard or safe harbor under which the LLC board can approve conflicted transactions. In this case, in the operating agreement, the parties expressly waived all fiduciary duties and expressly granted the board "sole discretion" with respect to a sale of the company to any unaffiliated third party (while imposing restrictions with respect to a sale to an affiliated party). According to the plaintiff, based on the implied covenant of good faith, "implying an auction condition [was] necessary…in light of the incentive created by the [operating agreement’s] waterfall provisions" (i.e., the incentive to negotiate only for a deal price up to $30 million). Notwithstanding the waiver of fiduciary duties, the plaintiff argued, the minority investors could not have anticipated that, in the event of a sale to an unaffiliated third party, the board would not seek to maximize the sale price. The plaintiff contended that the contractual covenant of good faith "provide[d] a term that the parties would have employed had they considered the matter: that any sale of Trumpet required an open-market sale or auction to ensure maximum value for all members."

The court found that the sale of the company without an auction was anticipatable on the face of the contract—as the controller’s lack of incentive to negotiate for a price higher than $30 million was clear under the waterfall provisions. The LLC members, "despite creating this incentive, eschewed fiduciary duties, and gave the Board sole discretion to approve the manner of sale, subject to a single protection for the minority, that the sale be to an unaffiliated third party," the court wrote. Moreover, the court reasoned, based on the "language of the agreement," the parties had "considered and addressed" the possibility of a sale to an unaffiliated third party and had not expressed any obligation to maximize the price. According to the court, the provision limiting the board’s discretion with respect to a sale to any affiliated party reflected that the parties did not intend to include any restriction with respect to the exercise of sole discretion in the case of a sale to an unaffiliated party. The court concluded that it "appear[ed] that the parties to the [operating agreement] did consider the conditions under which a contractually permissible sale could take place. They avoided the possibility of a self-dealing transaction but otherwise left to [HCP] the ability to structure a deal favorable to [its] interests." Further, the defendants’ actions were not arbitrary or unreasonable, according to the court, as conducting an auction could have risked loss of the $31 million offer—which would have "deprive[d] the Defendants of a negotiated-for benefit."

The contractual implied covenant of good faith is a weak tool for plaintiffs. The Delaware Supreme Court has long viewed the implied covenant as only "rarely" capable of imposing obligations that are not specifically set forth in an agreement. The Delaware Supreme Court’s 2010 Nemec decision narrowed even further the limited circumstances under which the implied covenant previously could be invoked. Nemec held that "[t]he implied covenant only applies to developments that could not be anticipated, not developments that the parties simply failed to consider . . . ." (emphasis added). Moreover, for the court to "fill the gap" in an agreement based on an event having arisen that could not have been anticipated, it must be apparent what the parties would have agreed to provide had they anticipated the event. Further, it is well established that the covenant must be considered in the context of the agreement as a whole and, in an operating agreement governing a non-corporate entity, it cannot revive fiduciary duties that have been expressly waived.

We note that, in contrast to Miller, in the recently issued Oxbow Carbon LLC Unitholder Litigation decision (Feb. 12, 2018), Vice Chancellor Laster, in a 178-page post-trial opinion (more than 100 pages of which recites the factual background of the case), found that the implied covenant of good faith was available to fill a gap in the parties’ LLC operating agreement. The Oxbow facts vary considerably from Miller; and Vice Chancellor Laster reiterated in his opinion that the implied covenant is "deployable" only in "rare cases." We will be distributing a Fried Frank Briefing on Oxbow shortly.

Contrast with the corporate form. The court noted in Miller that, if Trumpet had been a corporation rather than an LLC, the board would have had fiduciary duties to the other investors that would have required that it seek to obtain the best price reasonably available. In addition, the court noted, in connection with any challenge to the sale, given that the controller’s interest was not fully aligned with the other investors’ interest, the applicable standard of judicial review would have been "entire fairness," requiring that both the price and process were fair to the minority investors (unless the procedural protections for minority stockholder set forth in the MFW decision are in place). The court explained that the co-founders of Trumpet, when they sought investment capital, "forwent the suite of common law protections available with the corporate form and instead chose to create an LLC"— which, the court commented, made the investment opportunity they were offering more attractive to HCP because, although acquiring a majority of the company’s units, HCP would not have fiduciary duties to the co-founders or the other minority investors. The court noted that the co-founders chose this tradeoff "despite the presence of a controller [i.e., HCP] with an incentive to take a quick sale, and a Board with sole discretion to approve such a sale, with the single safeguard that the sale must not be to [HCP or its affiliates]."

Cases in which the court has found that "sole discretion" must be exercised in good faith. The court acknowledged a number of Delaware decisions holding that, when a contract provides a party with discretion to be exercised, that discretion, based on the implied covenant of good faith, must be exercised in good faith. However, the court stated, "if the scope of the discretion is specified, there is no gap in the contract as to the scope of discretion, and there is no reason for the Court to look to the implied covenant to determine how the discretion should be exercised." In this case, the court determined, the LLC operating agreement "define[d] the scope of the board’s discretion by providing it with sole discretion to determine how to conduct a sale process, cabined by the requirement that any transaction be with an unaffiliated third party." According to the court, this language indicated that "the members considered the implications of vesting discretion in a conflicted board" and it "thus [left] no room for the implied covenant to operate." The court acknowledged that the implied covenant was applied in a number of Delaware cases when an agreement granted the board "sole discretion" to approve a sale of the company—but found that these precedents were distinguishable because, in the instant case (unlike the precedents), the parties had set forth restrictions on sole discretion with respect to certain matters (sale to an affiliated party) but not with respect to other matters (sale to an unaffiliated party)—indicating that they did not intend sole discretion to be restricted in the latter cases. "[B]y providing that the Board [did] not retain sole discretion to sell the company to insiders," the parties indicted that they had considered and addressed "the potential for self-dealing inherent in [the provision granting sole discretion with respect to selling the company to unaffiliated parties]," the court wrote.

The factual context. We note below a number of factors that were favorable to the defendants in the case (notably, however, under the court’s reasoning, the plaintiff’s claims apparently would have been dismissed even if the board had simply accepted the initial offer—that is, even if the board had engaged in no sale process and the buyer had not increased its price):

  • Some sale process and a price increase. The board did not simply accept MTP’s initial offer of $31 million but ultimately engaged in an "abbreviated" (albeit non-public) sale process and ultimately the buyer did increased its price by more than a third (to $43 million) even though the controller did not benefit from the increase.
  • No bad faith. The court noted that there were no allegations of "bad faith" against the defendants. The court wrote: "There are no allegations of fraud or a kickback from the buyer. There is no indication that the Defendants acted from any perverse or cryptic incentive, other than their own self-interest manifest from the waterfall provisions in the [Operating Agreement]—there is, for example, no allegation that they acted with the purpose of harming the non-affiliated members. Such actions plausibly would be of the type addressed by the implied covenant." Thus, we note, the court might have reached a different result if, say, a credible $60 million offer had actually been received and was still on the table when the board agreed to the $31 million sale. In that situation, bad faith might have been found if there was no conceivable explanation for the board’s choice other than an intent to harm the minority investors.
  • Remorse over the waterfall provisions. As noted, under the waterfall provisions, HCP received the first $30 million of the sale process. Of the remaining $13 million in sale proceeds, the plaintiff received only $48,000 ("next to nothing," the plaintiff complained) and other minority investors received the balance. Notably, however, the plaintiff’s allocation represented an almost 70% return of his investment of just $70,000. The plaintiff would have received his full investment back if the sale price had reached $53 million; and would have received a significant return on his investment only if the sale price reached $60 million. (The controller would not have received additional proceeds until the sale price exceeded $60 million, at which point the investors would share pro rata in the proceeds.) We note that the other minority investors—almost all of whom had priority over the plaintiff in the waterfall—did not join the lawsuit. The court appeared to view the plaintiff’s claim as based on "remorse [having] set in" over the waterfall provisions that he had negotiated and agreed to, rather than on any improper conduct by the board.
Practice Points
  • Persons considering a minority investment in a non-corporate entity (such as an LLC or MLP) should read and understand the offering materials and the governing agreement before investing—as they are frequently surprised, after-the-fact, to discover that (a) the agreement provides only very limited rights to the minority investors and (b) the implied covenant of good faith only rarely can be invoked to provide for protections not expressly set forth in the agreement. Often, LLC managers or general partners have no fiduciary duties to the other investors and have very broad discretion, including with respect to conflicted transactions.
  • Controllers should seek to specify in the governing agreement the broadest possible waiver of fiduciary duties permitted under law and sole discretion for the board. On the other hand, minority investors, taking into account all anticipatable events, should seek to specifically negotiate for and expressly include in the agreement any minority investor protections. In Miller, minority investor protections could have included, for example, that, on a sale of the company, the board would be required to conduct an auction, or to implement a sale process designed to, or use reasonable efforts to, maximize price. Other possible protections include a minimum sale price or a majority-of-the-minority stockholder approval requirement.
  • The scope of the board’s discretion (including "sole discretion") should be defined as clearly as possible to avoid any ambiguity. A grant of discretion to a board generally will be subject to exercise in good faith unless the agreement clearly specifies a different standard. In Miller, it was a critical factor in the court’s finding the implied covenant to be inapplicable that the agreement language, in the court’s view, indicated that the parties had considered the potential for action by HCP that might favor HCP and had specifically addressed it by limiting the board’s discretion with respect to a sale to HCP, but not limiting the board’s discretion with respect to any sale to an unaffiliated party. If "sole" discretion is granted, any limitations on that discretion should be clearly stated and the controller should seek to include a statement that the specified limitations are the only ones intended by the parties. A controller may seek to specify that there is no obligation on a sale to conduct an auction or otherwise seek to maximize the price.

This post comes to us from Fried, Frank, Harris, Shriver & Jacobson LLP. It is based on the firm’s memorandum, "LLC Board Did Not Have Duty to Maximize Price on Sale of the Company that Favored the Controller—Miller v. HCP," dated February 13, 2018, and available here.

February 23, 2018
Public Company Cybersecurity Disclosures
by Kara Stein, U.S. Securities and Exchange Commission
Editor's Note: Kara M. Stein is a Commissioner at the U.S. Securities and Exchange Commission. The following post is based on Commissioner Stein’s recent public statement, available here. The views expressed in the post are those of Commissioner Stein and do not necessarily reflect those of the Securities and Exchange Commission, the other Commissioners, or the Staff.

Yesterday [February 20, 2018], the Commission attempted to tackle an increasingly important issue: How should a public company tell its investors about its cybersecurity risks and incidents? [1]

Undeniably, the high-profile data losses and security breaches that have occurred across the public and private sectors show that no company or organization is immune from cyberattack. Unfortunately, one only need look back to the past eight years to see example after example of these attacks. In 2010, a sophisticated cyberattack affected more than 75,000 computer systems at nearly 2,500 companies in the United States and around the world. [2] In 2014, hackers broke into the computer systems of a major Hollywood studio, stealing confidential documents and exposing these documents and other personal information to potential cybercriminals. [3] And last year, we learned that a major cybersecurity breach at a public company may have potentially affected half of the U.S. population. [4] When the magnitude of the breach was revealed publicly, the company’s stock price plummeted, losing over $5 billion in market value. [5]

Unfortunately, the risks and costs of cyberattacks appear to be growing. And the consequences of such attacks could have devastating and long-lasting collateral effects. Cybercriminals are only becoming more cunning and sophisticated. It is estimated that cybercrime will cost businesses approximately $6 trillion per year on average through 2021. [6] Globally, the average cost of cybercrime has increased 62% over the last five years. [7] In addition, the cost of unintentional data loss—the most expensive component of a cyberattack—has risen nearly ten percent over the last three years alone. [8] Not surprisingly, public companies, investors, and other market participants increasingly view confronting and mitigating cyberrisk as a major priority.

So, what has the Commission done in response? In 2011, the staff of the Division of Corporation Finance attempted to address cyberrisks from a disclosure perspective. The staff issued disclosure guidance that discussed how public companies should disclose cyberrisks and their related impact within the existing disclosure framework. [9]

Unfortunately, despite the staff’s best efforts to develop guidance that elicits robust disclosure to investors, meaningful disclosure has remained elusive. In fact, a 2014 study noted that the staff guidance “resulted in a series of disclosures that rarely provide differentiated or actionable information for investors.” [10] That same year, the Commission hosted a roundtable at in order to discuss the cybersecurity issues faced by various market participants, including public companies. [11] As one participant pointed out during the roundtable, a public company’s disclosures are supposed to allow investors to understand a company’s particular risks to better determine how a company’s risk profile may differ from another company’s risk profile. [12] Nevertheless, other roundtable participants observed that public company disclosures regarding cybersecurity risks and incidents were far from robust and, instead, largely consisted of boilerplate language that failed to provide meaningful information for investors. [13] Just a few months ago, the SEC’s Investor Advisory Committee noted that public company disclosures regarding cybersecurity risks and incidents have not improved. [14] This is the case despite the very real increase in the number and sophistication of, and damaged caused by, cyberattacks on public companies in recent years. Members of Congress also have repeatedly called for the Commission do to more to help public companies, investors, and other market participants address cyberrisks. [15]

And so, when the Chairman put cybersecurity on the Commission’s agenda, I was very supportive. Unfortunately, I am disappointed with the Commission’s limited action.

Yesterday, the Commission issued interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents. This guidance reminds companies that they should consider cybersecurity risks and incidents when preparing documents that they file with the Commission, as the federal securities laws require them to disclose information about material cybersecurity risks and incidents. As this guidance describes, disclosure may be required in the context of a public company’s existing reporting obligations—such as the company’s risk factors, management’s discussion and analysis, or financial statements. This guidance also reminds companies of the importance of maintaining comprehensive policies and procedures—including effective disclosure controls and procedures—that address cybersecurity risks and incidents. In addition, it reminds company insiders that trading securities while in possession of non-public information about cybersecurity incidents may violate the federal securities laws.

To be sure, these are all valuable reminders and raising them to the Commission level indicates a level of significance the staff guidance from seven years ago simply does not. The problem, however, is that many of these reminders were offered by the staff back in 2011. If our staff has already provided guidance regarding cyber-related disclosures, the question, then, is what we, as the Commission, should be doing to add value given seven additional years of insight and experience. Should we be, in effect, re-issuing staff guidance solely to lend it a Commission imprimatur? Will companies, their general counsels, and their boards suddenly take notice of their cyber-related disclosure obligations because of the Commission’s new endorsement? Or will law firms simply produce a host of client alerts reaffirming their alerts from years past?

These questions serve to demonstrate only part of the problem. The more significant question is whether this rebranded guidance will actually help companies provide investors with comprehensive, particularized, and meaningful disclosure about cybersecurity risks and incidents. I fear it will not.

I would like to highlight just a few examples of what we could have achieved in the context of disclosure:

  • We could have examined what the staff has learned since the release of its 2011 guidance and provided new guidance that capitalized on these findings. After all, the staff of the Division of Corporation Finance reviews hundreds of public company filings every year. The staff also reviews hundreds of shareholder proposals each year, many of which have been increasingly calling on companies to provide more effective cyber-related disclosure.
  • We could have discussed the various advances in technology used in cyberattacks since 2011, and how such advances could affect a company’s disclosure regarding company-specific risks.
  • We could have considered the suggestions from some of our leading commenters, including academics and practitioners. We could have, for example, considered some of the recent Investor Advisory Committee Subcommittee’s preliminary suggestions, [16] and discussed the value to investors of disclosure relating to:
    • a company’s protocols relating to, or efforts to minimize, cybersecurity risks and its capacity, and any measures taken, to respond to cybersecurity incidents;
    • whether a particular cybersecurity incident is likely to occur or recur; or
    • how a company is prioritizing cybersecurity risks, incidents, and defense.
  • We could have discussed the value to investors of disclosure regarding whether any member of a company’s board of directors has experience, education, expertise, or familiarity with cybersecurity matters or risks. And, if not, why the company believes that board-level resources are not necessary for the company to adequately manage its cybersecurity risks.

The list goes on. In effect, we could have helped companies formulate more meaningful disclosure for investors. Instead, yesterday’s guidance provides only modest changes to the 2011 staff guidance.

Some would say that the Commission is confined in what it can do in the context of guidance, without engaging in a formal rulemaking. I agree. I believe it is important for the Commission to be mindful of the guidance it or its staff produces that may be tantamount to rulemaking. [17]

That is why, as I have remarked before, it is imperative that the Commission do more. [18] As we have heard from a variety of commenters since the 2011 staff guidance, guidance, alone, is plainly not enough. This makes it all the more confusing that the Commission more or less reissued that very guidance. Simply put, seven years since the staff guidance was released, despite dramatic increases in cyberattacks and their related costs, there have been almost imperceptible changes in companies’ disclosures. This to me strongly suggests that guidance alone is inadequate.

Yet, the Commission has ignored pleas from issuers, investors, market participants, and members of Congress to do more. And we could have done so much more. For example:

  • We could have sought notice and comment on proposed rules that address improvements to the board’s risk management framework related to cyberrisks and threats. Too many companies currently fail to consider cybersecurity as a business risk and, thus, do not incorporate it within the risk management framework overseen by their boards. These proposed rules could address current weaknesses in the nature, timing, and extent of disclosure to investors.
  • We could have sought notice and comment on whether the Commission should establish minimum standards to protect the personally identifiable information of investors and whether such standards should be required for key market participants, such as broker-dealers, investment advisers, and transfer agents. [19]
  • We could have sought notice and comment on proposed rules that would require a public company to provide notice to investors (g., a Current Report on Form 8-K) in an appropriate time frame following a cyberattack and to provide disclosure that is useful to investors, without harming the company competitively.
  • We could have sought notice and comment on whether the Commission should issue rules that are more programmatic and that would require a public company to develop and implement cybersecurity-related policies and procedures beyond just disclosure.

I recognize that in our current Digital Age, these matters are complicated. But this cannot be the reason we do not engage. We should proceed, and engage investors, market participants, and pubic companies through notice and comment rulemaking in order to get their best thoughts. [20]

In conclusion, it is hard to disagree with the Commission emphasizing the importance of the disclosure of cybersecurity risks and incidents. As a result, I supported the Commission’s guidance, but not without reservation. While it may have the potential of providing both companies and investors with incremental benefit, the guidance does not sufficiently advance the ball—even in the context of disclosure guidance. Even more, it may provide investors a false sense of comfort that we, at the Commission, have done something more than we have.

Ultimately, the step the Commission took with respect to cybersecurity risks and incidents should only be its first. There is so much more we can and should do. I hope we will proceed accordingly for the good of investors, public companies, and our capital markets.

Endnotes

1As we all know, fundamental to the federal securities laws is the principle that public companies disclose information to allow investors to make informed investment decisions. This means that public companies must disclose, among other things, risks and events that a reasonable investor would consider important. And depending on the company and its particular facts and circumstances, this could mean disclosure relating to cyber risks.(go back)

2See Ellen Nakashima, “More than 75,000 computer systems hacked in one of largest cyberattacks, security firm says,” The Washington Post (Feb. 18, 2010), available at http://www.washingtonpost.com/wp-dyn/content/article/2010/02/17/AR2010021705816.html.(go back)

3See Andrea Peterson, “The Sony Pictures hack, explained,” The Washington Post (Dec. 18, 2014), available at https://www.washingtonpost.com/news/the-switch/wp/2014/12/18/the-sony-pictures-hack-explained/?utm_term=.5b8531b2bf8f .(go back)

4See Victor Reklaitis, “Equifax’s stock has fallen 31% since breach disclosure, erasing $5 billion in market cap,” MarketWatch (Sept. 14, 2017), available at https://www.marketwatch.com/story/equifaxs-stock-has-fallen-31-since-breach-disclosure-erasing-5-billion-in-market-cap-2017-09-14.(go back)

5Id.(go back)

6See Nick Eubanks, “The True Cost Of Cybercrime For Businesses,” Forbes (Jul. 13, 2017), available at https://www.forbes.com/sites/theyec/2017/07/13/the-true-cost-of-cybercrime-for-businesses/#6c0453c44947(go back)

7See Cost of Cyber Crime Study: Insights on the Security Investments That Make a Difference, Accenture (2017), available at https://www.accenture.com/t00010101T000000Z__w__/fr-fr/_acnmedia/PDF-62/Accenture-2017CostCybercrime-US-FINAL.pdf.(go back)

8See Path to cyber resilience: Sense, resist, react, EY’s 19th Global Information Security Survey 2016-17, Ernst & Young LLP, available at http://www.ey.com/Publication/vwLUAssets/ey-global-information-security-survey-2016-pdf/%24FILE/GISS_2016_Report_Final.pdf.

(go back)

9CF Disclosure Guidance: Topic No. 2, Cybersecurity, Division of Corporation Finance (Oct. 13, 2011), available at https://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm.(go back)

10See What investors need to know about cybersecurity: How to evaluate investment risks, Investor Responsibility Research Center Institute (Jun. 2014), available at https://irrcinstitute.org/wp-content/uploads/2015/09/cybersecurity-july-20141.pdf.(go back)

11See Cybersecurity Roundtable, U.S. Securities and Exchange Commission (Mar. 26, 2014), available at https://www.sec.gov/spotlight/cybersecurity-roundtable.shtml.(go back)

12See Transcript, Cybersecurity Roundtable, U.S. Securities and Exchange Commission (Mar. 26, 2014), available at https://www.sec.gov/spotlight/cybersecurity-roundtable/cybersecurity-roundtable-transcript.txt.(go back)

13Id.(go back)

14See “Discussion Draft Re: Cybersecurity and Risk Disclosure,” Investor as Owner Subcommittee, SEC Investor Advisory Committee (Dec. 2017) (“IAC Discussion Draft”), available at https://www.sec.gov/spotlight/investor-advisory-committee-2012/discussion-draft-cybersecurity-disclosure-iac-120717.pdf.(go back)

15See, e.g., Letter from Congressmen Jim Langevin and Jim Himes, Members, Committee on Homeland Security, Cybersecurity, Infrastructure Protection, and Security Technologies, to Mary Jo White, Chair, U.S. Securities and Exchange Commission (Jun. 17, 2015), available at http://langevin.house.gov/sites/langevin.house.gov/files/documents/06-17-15_Langevin_Himes_Letter_to_SEC.pdf.(go back)

16See IAC Discussion Draft.(go back)

17See, e.g., Commissioner Kara M. Stein, Statement on the Staff’s No-Action Relief Regarding MiFID II (Oct. 26, 2017), available at https://www.sec.gov/news/public-statement/statement-stein-2017-10-26.(go back)

18See Commissioner Kara M. Stein, “Mutualism: Reimagining the Role of Shareholders in Modern Corporate Governance,” Remarks at Stanford University (Feb. 13, 2018), available at https://www.sec.gov/news/speech/speech-stein-021318 (discussed on the Forum here).(go back)

19See Chair Mary Jo White, Statement at Open Meeting on Regulation SCI (Nov. 19, 2014), available at https://www.sec.gov/news/public-statement/spch112014mjw (“I have directed the staff to prepare recommendations for the Commission’s consideration as to whether an SCI-like framework should be developed for other key market participants, such as broker-dealers and transfer agents.”)(go back)

20See Steven T. Mnuchin & Craig S. Phillips, U.S. Dep’t of the Treasury, A Financial System That Creates Economic Opportunities: Capital Markets 219 (Oct. 2017), available at https://www.treasury.gov/press-center/press-releases/Documents/A-Financial-System-Capital-Markets-FINAL-FINAL.pdf (“Treasury recommends that the CFTC and the SEC take steps to ensure that guidance is not being used excessively or unjustifiably to make substantive changes to rules without going through the notice and comment process.”).(go back)

February 23, 2018
The Supreme Court and the Scope of Whistleblowing Anti-retaliation Protections
by Cydney Posner, Cooley
Editor's Note: Cydney S. Posner is special counsel at Cooley LLP. This post is based on a Cooley publication by Ms. Posner.

Yesterday [February 21, 2018], SCOTUS handed down its decision in Digital Realty v. Somers, a case addressing the split in the circuits regarding the application of the Dodd-Frank whistleblower anti-retaliation protections: do the protections apply regardless of whether the whistleblower blows the whistle all the way to the SEC or just reports internally to the company? You might recall that during the oral argument, the Justices seemed to signal that the plain language of the statute was clear and controlling, thus suggesting that they were likely to decide for Digital, interpreting the definition of “whistleblower” in the Dodd-Frank anti-retaliation provision narrowly to require SEC reporting as a predicate. There were no surprises. As Justice Gorsuch remarked during oral argument, the Justices were largely “stuck on the plain language.” The result may have an ironic impact: while the win by Digital will limit the liability of companies under Dodd-Frank for retaliation against whistleblowers who do not report to the SEC, the holding that whistleblowers are not protected unless they report to the SEC may well drive all securities-law whistleblowers to the SEC to ensure their protection from retaliation under the statute—which just might not be a consequence that many companies would favor.

Background

The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 added Section 21F to the Exchange Act, establishing new incentives and protections for whistleblowers, including monetary awards for reporting information, confidentiality provisions and employment retaliation protections. The statute defines a “whistleblower” as a person who reports potential violations of the securities laws to the SEC. Under the anti-retaliation provisions, an employer is prohibited from discharg­ing, harassing or otherwise discriminating against a “whistleblower” because of the whistleblower’s having made protected disclosures in any of three situations: (i) providing information to the SEC, (ii) testifying or assisting in the SEC’s investigation and (iii) “making disclosures that are required or protected under” SOX, the Exchange Act, specified criminal anti-retaliation prohibitions or “any other law, rule, or regulation subject to the jurisdiction of the Commission.” In its rulemaking under the statute, the SEC employed the definition of “whistleblower” in the statute in connection with the incentive award provisions, but, with regard to the anti-retaliation protections, adopted a broader definition covering all three clauses above, thereby allowing the protections to apply to internal company reporting even if the individual did not report to the SEC.

Somers, formerly a vice-president of the company, was terminated by the company and claimed that his termination was a result of his reports to senior management regarding possible securities law violations. However, he did not make any disclosure of the alleged misconduct to the SEC. Somers sued, claiming that Digital had retaliated against him as a whistleblower in violation of the whistleblower protections of Dodd-Frank. Digital argued that, because he did not report to the SEC, Somers was not a “whistleblower” as defined in Dodd-Frank, which, Digital contended, expressly applies only to “any individual who provides, or 2 or more individuals acting jointly who provide, information relating to a violation of the securities laws to the Commission, in a manner established, by rule or regulation, by the Commission.” As a result, Digital maintained, Somers was not entitled to the protection of the Dodd-Frank anti-retaliation provisions.

The 9th Circuit refused to dismiss Somers’ whistleblower claim, even though he had failed to report the violation to the SEC. After analyzing the statute, the 9th Circuit panel concluded that the definition of “whistleblower” as an employee who reports to the SEC “should not be dispositive of the scope of [Dodd-Frank’s] later anti-retaliation provision”; the term “whistleblower,” the panel held, did not limit protections to persons who alerted the SEC regarding alleged unlawful activity, but also protected persons who were terminated after making internal disclosures. The panel reasoned that applying the narrow definition to the entirety of the anti-retaliation provision would narrow clause (iii) (quoted above) “to the point of absurdity” because it would require the employee to report both internally and to the SEC.

In addition, the 9th Circuit panel noted that Rule 21F-2, adopted by the SEC, expressly supported that interpretation. (That rule provides that “[t]he anti-retaliation protections apply whether or not you satisfy the requirements, procedures and conditions to qualify for an award.”) The 9th Circuit panel agreed with the 2d Circuit that,

“even if the use of the word ‘whistleblower’ in the anti-retaliation provision creates uncertainty because of the earlier narrow definition of the term, the agency responsible for enforcing the securities laws has resolved any ambiguity and its regulation is entitled to deference.”

(See this PubCo post for a discussion of the 2nd Circuit case.) In contrast, the 5th Circuit has interpreted the statute to protect only those who report to the SEC.

The allusion of the 9th Circuit panel to agency deference is a reference to the “Chevron doctrine,” a two-step test used to determine whether deference should be accorded to federal administrative agency actions interpreting a statute, first articulated by SCOTUS in 1984 in Chevron v. Natural Resources Defense Council. Generally, the doctrine established in that case mandates that, if there is ambiguity in the language of a statute, courts must accept an agency’s interpretation of a law unless it is arbitrary or manifestly contrary to the statute. For example, in a decision last year, Monica Lindeen v. SEC, the D.C. Circuit applied Chevron to uphold the SEC’s rules adopted under Reg A+ against a challenge by two state securities regulators. And, as another example, the D.C. District Court applied Chevron in initially upholding the SEC’s conflict minerals rules in 2013 in Nat’l Ass’n of Mfrs. v. SECNational Association of Manufacturers v SEC, which was subsequently reversed on other grounds.

Question presented

The question presented for review was “[w]hether the anti-retaliation provision for ‘whistleblowers’ in the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 extends to individuals who have not reported alleged misconduct to the Securities and Exchange Commission and thus fall outside the Act’s definition of a ‘whistleblower.’” (For a discussion of the Court’s oral argument in this case, see this PubCo post.)

Held

Dodd-Frank’s anti-retaliation provision does not extend to an individual, like Somers, who has not reported a violation of the secu­rities laws to the SEC.

Opinion

The Court reversed the decision of the 9th Circuit. In her opinion, Justice Ginsburg focused on interpreting the precise language of the Dodd-Frank provision, comparing it to the broader scope of the whistleblower protection provisions in SOX, which do extend to internal reporting. In contrast to SOX, she wrote, Dodd-Frank was adopted in part to help the SEC identify securities law violations. Accordingly, Dodd-Frank addressed this goal by adding a new whistleblower provision to the Exchange Act that defines “whistleblower” as an individual who provides in­formation regarding a securities law violation to the SEC. The statute establishes an incentive program for reporting to the SEC as well as anti-retaliation provisions, and, she observed, directs that the definition be applied throughout the statute’s whistleblower provisions (§78u–6). Justice Ginsburg also noted the differences in the procedures and available recovery under the two statutes.

Quoting from Burgess v. United States, 553 U. S. 124, 130 (2008), Justice Ginsburg maintained that the question before the Court was resolved by applying the principle that, “‘[w]hen a statute includes an explicit definition, we must follow that definition,’ even if it varies from a term’s ordinary meaning”:

“Our charge in this review proceeding is to determine the meaning of ‘whistleblower’ in §78u–6(h), Dodd-Frank’s anti-retaliation provision. The definition section of the statute supplies an unequivocal answer: A ‘whistleblower’ is ‘any individual who provides … information relating to a violation of the securities laws to the Commission.’… (emphasis added). Leaving no doubt as to the definition’s reach, the statute instructs that the ‘defi­nitio[n] shall apply’ ‘[i]n this section,’ that isthroughout §78u–6.”

That definition, she concluded, describes who is eligible for anti-retaliation protection if the individual engages in any of the protected conduct enumerated in the three clauses. An individual not within that definition is not entitled to protection. Moreover, she observed, this interpretation is consistent with “the ‘core objective’ of Dodd-Frank’s robust whistleblower program, as Somers acknowledges, [which] is ‘to motivate people who know of securities law violations to tell the SEC.’” That’s why, for example, the program provides for substantial monetary rewards for SEC reporting. By comparison, SOX had a broader mission: to “disturb the ‘corporate code of silence’ that ‘discourage[d] employees from reporting fraudulent behavior not only to the proper authorities, such as the FBI and the SEC, but even internally.’”

Somers had argued that the narrow whistleblower definition applied only to the Dodd-Frank award program, not to its anti-retaliation provisions, and urged the Court to give the term its ordinary meaning in the anti-retaliation context. To do otherwise, he argued, would produce anomalous results and “gut” the protections for the other types of conduct, particularly the conduct encompassed by the third clause above. Even employees providing testimony to the SEC (under the second clause) could potentially be in jeopardy if providing testimony were not viewed as “reporting to the SEC.” In addition, the Solicitor General contended that, because there was no required “temporal or topical connection” between the violation that was reported to the SEC and internal disclosure that triggered the retaliation, it would possible, under Digital’s reading, for an employee fired for reporting accounting fraud internally in 2017 to have protection because the employee had reported an insider-trading violation to the SEC years ago.

The Court disagreed:

“With the statutory definition incorporated, clause (iii) protects a whistleblower who reports misconduct both to the SEC and to another entity, but suffers retaliation because of the latter, non-SEC, disclosure. That would be so, for example, where the retaliating employer is unaware that the employee has alerted the SEC. In such a case, without clause (iii), retaliation for internal reporting would not be reached by Dodd-Frank, for clause (i) applies only where the employer retaliates against the employee ‘because of’” the SEC reporting…. Moreover, even where the employer knows of the SEC reporting, the third clause may operate to dispel a proof problem: The employee can recover under the statute without hav­ing to demonstrate whether the retaliation was motivated by the internal report (thus yielding protection under clause (iii)) or by the SEC disclosure (thus gaining protec­tion under clause (i)).”

Moreover, dual reporting was hardly anomalous: the Solicitor General, she observed, reported that about 80% of award recipients in 2016 had initially reported internally. Justice Ginsburg also gave short shrift to the hypothetical raised by the Solicitor General, contending that “it veers far from the case before us.” In addition, auditors, attor­neys and other employees who are subject to internal-reporting requirements should not have additional concerns as they would be protected under the provision as soon as they also reported to the SEC. And with regard to the application of the protections to employee testimony, because “the statute expressly delegates authority to the SEC to establish the ‘manner’ in which information may be provided to the Commission by a whistleblower,” the SEC could easily determine that giving testimony was a means of SEC reporting.

Consequently, because the statute was clear, the Court did “not accord defer­ence to the contrary view advanced by the SEC” in its rulemaking: the “statute’s unambiguous whistleblower definition, in short, precludes the Commission from more expansively inter­preting that term.”

Concurring Opinions

Justice Thomas, with Justices Alito and Gorsuch joining, concurred in the judgment, but “only to the extent it relies on the text of [Dodd-Frank,]” objecting to the opinion’s discussion of “the supposed ‘purpose’ of the statute, which it primarily derives from a single Senate Report.” Even assuming that a majority of Senators had read the report, they doubted that it was a “‘particularly reliable source’ for discerning ‘Congress’ intended mean­ing.’”

Justice Sotomayor (with Justice Breyer joining) joined the Court’s opinion in full, but wrote a concurring opinion in support of the use of legislative history in statutory interpretation; she wrote “only to note my disagreement with the suggestion in my col­league’s concurrence that a Senate Report is not an appro­priate source for this Court to consider when interpreting a statute.”

February 23, 2018
This Week In Securities Litigation (Week ending Feb. 23, 2018)
by Tom Gorman

The Supreme Court handed down its decision in Digital Realty Trust this week, rejecting the SEC’s interpretation of the anti-retaliation provisions of Dodd-Frank. Specifically, the Court construed the provisions in accord with the text of the statute which narrows the scope of those provisions in comparison to the more expansive view adopted by the Commission in writing rules under the section. Under the Court’s interpretation only those whistleblowers who report to the Commission are entitled to invoke the Dodd-Frank provision. Others must rely on the protections offered under the Sarbanes-Oxley Act.

SEC

Cybersecurity: The Commission adopted a statement and interpretive guidance on public company cybersecurity disclosures (here). Commissions Stein and Jackson issued statements suggesting that more needs to be done in this area.

Supreme Court

In Digital Realty Trust, Inc., v. Somers, No. 16-1276 (Feb. 21, 2018) the Court narrowed the scope of the Dodd-Frank anti-retaliation provisions as interpreted by the SEC and rejected the approach adopted by the Commission in its rules as inconsistent with the statute. The case is discussed in detail here.

Canadian Securities Class Actions

Increasing numbers of securities class actions have been filed in the U.S. in recent years. That trend contrasts sharply with Canada where the number of actions filed last year declined again, according to a new report prepared by NERA Economic Consulting. Trends in Canadian Securities Class Actions: 2017 Update (February 2018)(here). Last year there were only six new securities class actions filed in Canada. That compares to nine in 2016, four in 2015 and 13 in 2014. This means that the litigation risk for companies listed on Canadian securities exchanges is not only generally lower than that of U.S. issuers, it is declining. Indeed, the risk of being named in a securities class action for issuers whose shares are listed on major U.S. exchanges compared to that of Canadian firms whose shares are listed on an exchange is that country is 10 times higher, according to NERA’s calculation.

SEC Enforcement – Filed and Settled Actions

Statistics: Last week the SEC filed 5 civil injunctive case and 1 administrative proceeding, excluding 12j and tag-along proceedings.

Cryptocurrency—unregistered securities: SEC v. Montroll, Civil Action No. 1:18-cv-01582 (S.D.N.Y. Filed Feb. 21, 2018) is an action which names as defendants Jon Montroll and Bitfunder, respectively, the developer and founder of BitFunder and an unincorporated entity involved with a portal through which users supposedly can create, offer and sell virtual shares. Over a period of several months beginning in December 2012 Mr. Montroll operated the BitFunder on-line platform through which participants were told the had the ability to create, offer, buy and sell virtual "shares" of various virtual currency related enterprises by depositing their bitcoins into a WeExchange Wallet he controlled. During the period Mr. Montroll misappropriated portions of the money deposited. At one point Mr. Montroll also offered investors what he called "shares" of Ukyo.Loan on BitFunder’s platform. Those shares were unregistered securities. Over a period of several weeks there was a cyber attach which resulted in the theft of more than 6,000 bitcoins. This event was not disclosed. Investors were lead to believe that in fact BitFunder was properly funded and profitable when it was not. The complaint alleges violations of Exchange Act Section 10(b) and Securities Act Sections 5(a), 5(c) and 17(a). The case is pending. A parallel criminal action was filed by the Manhattan U.S. Attorney’s Office.

Cherry picking: SEC v. Strong Investment Management, Civil Action No. 8:1-cv-00293 (C.D. Cal. Filed Feb. 20, 2018) is an action which names a defendants the registered investment adviser, Joseph Bronson, its founder and owner, and John Engebretson, the owner’s brother and the CCO. Over a two year period beginning in January 2012 Defendants engaged in a cherry picking scheme. Specifically, Mr. Bronson placed trades though an omnibus account and later allocated them based on performance with the profitable trades going to the firm and the others to client accounts. As the COO Mr. Engebertson was failed to maintain the proper systems to detect this. The complaint alleges violations of Exchange Act Section 10(b), Securities Act Sections 17(a)(1) and (2) and Advisers Act Sections 206(1), 206(2), 206(4) and 207. The case is pending. See Lit. Rel. No. 24054 (Feb. 21, 2018).

Insider trading: SEC v. McPhail, Civil Action No. 24053 (D. Mass.) is a previously filed action centered on the repeated tipping by Eric McPhail of his golf friends, including Jamie Meadows, regarding American Superconductor Corp. The Court entered final judgments by consent against Mr. McPhail and Mr. Meadows. As to Mr. McPhail the Court entered a permanent injunction prohibiting future violations of the antifraud provision of the federal securities laws. Previously, Mr McPhail was convicted of insider trading after a jury trial and sentenced to serve 18 months in prison. The judgment as to Mr. Meadows imposes a similar injunction and requires him to pay disgorgement of $191,521, prejudgment interest of $41,841 and a penalty of $191,521. The other defendants previously settled. See Lit. Rel. No. 24053 (Feb. 20, 2018).

Disgorgement: SEC v. Thibeault, Civil Action No. 24052 (D. Mass.) is a previously filed action against investment adviser Daniel Thibeault. The complaint alleged that the adviser misappropriated funds from an investment fund that he managed. Essentially, the complaint claims that Mr. Thibeault told investors that there funds were going into purchasing consumer loans and that they would profit as the loans were repaid. Defendant Thibeault and others falsified the loan documents so that investor funds could be misappropriated. Relief defendant Shawnet Thibeault, the wife of the Defendant, is alleged to have received a portion of the funds. The judgment entered against her requires the payment of $468,236 along with prejudgment interest of $49,826. See Lit. Rel. No. 24052 (Feb. 16, 2018).

Shell factor scheme: SEC v. Perlstein, Civil Action No. 1:18-cv-0126 (E.D.N.Y. Filed Feb. 16, 2018) is an action which names as defendants Sharone Perlstein, Aric Swartz and Hadas Yaron, all residents of Israel, who are alleged to have created at least 15 shell companies by filing false registration statements and other, related documents. Although public offerings were supposedly conduced, the three men continued to retain control of the companies. Eventually the entities were sold for about $1.8 million. The complaint alleges violations of Securities Act Section 17(a) and Exchange Act Section 10(b). To resolve the case each defendant consented to the entry of a permanent injunction based on the sections cited in the complaint. In addition each Defendant will pay disgorgement prejudgment interest of: Mr. Perlstein — $307,510.15; Mr. Swarts – $106,146.64; and Mr. Yaron – $62,899.82. Each defendant also consented to the entry of a penny stock bar. See also SEC v. Strum, Civil Action No. 1:18-cv00361 (D.D.C. Filed Feb. 16, 2018)(action against Washington, D.C. attorney Jonathan Strum for assisting with the preparation of the papers for the entities; the complaint alleges violations of Securities Act Section 17(a) and Exchange Act Section 10(b)); SEC v. Weinberg, Civil Action No. 118-cv-00360 (D.D.C. Filed Feb. 16, 2018)(action against Alan Weinberg, CPA, an Israeli resident and his firm Weinberg & Baer LLC for filing misleading audit reports as to certain of the entities involved; complaint alleges aiding and abetting the actions of those named as defendants in the Perlstein complaint and also Mr. Weinberg with violations of Exchange Act Section 10A(a) and the firm with violating Rule 2-02(b)(1) of Reg. SK; each defendant consented to a suspension of their privilege of appearing and practicing before the SEC); In the Matter of Simcha Baer, CPA, Adm. Proc. File No. 3-18374 (Feb. 16, 2018)(auditor alleged to have failed to properly conduct certain of the audits for the firms and to have falsified documents produced to the staff; settled with a consent to be permanently barred from practicing before the Commission). The SEC also suspended the registration of one of the shell companies. See Lit. Rel. No. 24051 (Feb. 16, 2018).

CFTC

Fin-Tech: The agency entered into an arrangement with the U.K.’s Financial Conduct Authority under which each agency will collaborate and support innovative firms through each others financial technology or FinTech.

Criminal Cases

Insider trading: U.S. v. Little, No. 1:17-cr-00450 (S.D.N.Y.) is an action in which Walter Little was sentenced to serve 27 months in prison for conspiracy to commit insider trading. Mr. Little had been an associate at an international law firm. He accessed their confidential files and used the information to profitably trade in the securities markets. He also tipped his friend Andrew Berke who traded profitably and agreed to kick back portions of his trading profits to him. The court also ordered the Defendant to forfeit $452,998. See also SEC v. Little, Civil Action No. 1:17-cv-03536 (S.D.N.Y.).

Insider trading: U.S. v. Chang, No. 5:18-cr-00034 (N.D. Cal.) is an action in which Peter Chang, the founder and CEO of Sunnyvale-based fiber optics company Alliance Fiber Optic Products, Inc. pleaded guilty to three counts of insider trading. Mr. Chang admitted that he traded in advance of unfavorable earnings announcements and avoided significant losses. Sentencing is scheduled for May 30, 2018. See also SEC v. Chang, Civil Action No. 5:17-cv-05438 (N.D. Cal.).

Circuit Courts

Insider trading: U.S. v. Metro, No. 16-3813 (3rd Cir. Feb. 14, 2018). Defendant Steven Metro was a clerk at a prominent New York City law firm. From February 2009 through January 2013 he disclosed inside information to his friend, Frank Tamayo, about pending take-over transactions. Mr. Tamayo, in each instance, transmitted the information to broker Vladimir Eydelman who placed trades for his client, himself, his family and other clients. Total trading profits for all of the trades were $5,573,682.

Messrs. Metro and Tamayo both pleaded guilty. Specifically, Mr. Metro pleaded guilty to one count of conspiracy and one count of securities fraud. At his sentencing, Mr. Metro objected to using the entire $5.5 million amount of trading profits in the sentencing calculation, arguing that he was unaware of the broker and his trading activity despite the fact that Mr. Eydelman’s name was included in the conspiracy count to which he pleaded guilty. The government claimed that in fact he was aware of the broker and sought to attribute all $5.5 million to him. The district court overruled Defendant Metro’s objection and, based on the $5.5 million in trading profits, sentenced him to serve 46 months in prison. This appeal followed.

The Circuit Court reversed, finding that the district court made insufficient factual findings to support the attribution of all the trading profits to Appellant Metro. Under the sentencing guidelines all of the gains from illegal insider trading can be attributed to a defendant which he or she realized, from those to whom the defendant provided information, and from those with whom he or she is found to have been acting in concert, the Court stated.

In this case Mr. Metro objected to the attribution of those trading profits which came from the broker, his family and his clients. While the indictment alleged in the conspiracy count that Defendant Metro acted in concert with the broker and others, that is not sufficient the Court held.

In conducting a sentencing hearing, and before attributing gains to a defendant, the district court should analyze the conduct to determine with whom the defendant acted in concert with and those to whom he provided inside information. This was not done here. Accordingly, the sentence was vacated and the case remanded for resentencing.

Australia

Fees: The Australian Securities and Investment Commission permanently banned John Poynter, formerly a representative at Charter Financial Planning Ltd. from the securities business. The Commission determined that over a period of about eighteen months beginning January 2015 Mr. Poynter had charged ten clients a total of about $39,700 for services that were not rendered.

February 23, 2018
Proxy Access: Mother Theresa Placed on a Ballot?!?
by Broc Romanek

Well, not quite. But we’re going to the "Wayback Machine" to remember this shareholder proposal from 1990 submitted by John Jennings "JJ" Crapo to the Bank of Boston. Corp Fin allowed the proposal to be excluded. And it was a humdinger. The proposal itself wanted the company to allow any shareholder – who met the Rule 14a-8 ownership threshold – to place one or more director nominees on the ballot. So it was ahead of its time on the topic of proxy access. Albeit with a lower ownership threshold than anyone could imagine.

But the real joy with this thing is found in the "Supporting Statement." It rambles quite a bit, with a little bit of everything in there for everyone. Annual medical and "emotional" fitness evaluations for each director. A question whether the board’s priest provides it with chaplaincy services. A push to have Desmond Tutu, Mother Theresa and Lech Walesa to sit on boards.

Given the pervasiveness of mindfulness these days – for which I am a big proponent – my favorite is this excerpt from the "Supporting Statement":

I do think of my relations, Godparents, former teachers, pastors, and friends and neighbors usually daily three to four hours. Friends, neighbors, and co-workers are more important than Family.

Thanks to Intelligize for making it easy to find this gem – and for their permission to post the no-action letter!

10-K Summaries: Not All the Rage

Tina Bacce & her colleagues at Troutman Sanders recently reviewed how many companies have taken advantage of Item 16 to the Form 10-K – the new item that "permits" inclusion of a summary in a Form 10-K. They looked at the Form 10-Ks containing Item 16 filed to date – all for Fortune 500 companies – and only two included a summary:

Pfizer’s summary – it really is "Pfizer at a Glance" and consisted of a table of data that you might see in an annual report.
3M’s summary – appears to just call the hyperlinked table of contents a "summary."

Don’t expect this "trend" to accelerate…

Was This "Interim Final" Rule More Final Than Interim?

Speaking of Item 16 of Form 10-K, Keith Bishop covers an interesting topic in this blog – did the SEC go to "final" for it’s Item 16 rulemaking already…

Broc Romanek

View today's posts

2/23/2018 posts

CLS Blue Sky Blog: Antitrust and Economic Liberty: A Policy Shift from the Trump Administration?
CLS Blue Sky Blog: Fried Frank Discusses Delaware Decision Absolving LCC Board of Duty to Maximize Price
The Harvard Law School Forum on Corporate Governance and Financial Regulation: Public Company Cybersecurity Disclosures
The Harvard Law School Forum on Corporate Governance and Financial Regulation: The Supreme Court and the Scope of Whistleblowing Anti-retaliation Protections
SEC Actions Blog: This Week In Securities Litigation (Week ending Feb. 23, 2018)
CorporateCounsel.net Blog: Proxy Access: Mother Theresa Placed on a Ballot?!?

Blog posts are subject to copyrights held by the authors and are republished here with permission. Views expressed are those of the authors alone. Infringement Notification.