Skip to main content
Jun 11, 2021

The week in GRC: Gensler seeks to revise 10b5-1 plan rules and CEOs press governments for climate action

This week’s governance, compliance and risk-management stories from around the web

The Wall Street Journal reported that Google agreed to pay French regulators a fine of nearly $270 mn, settling one of the first antitrust cases globally alleging that the company abused its leading role in the digital advertising sector. France’s competition authority said it had accepted proposed commitments Google made to settle the case, including promises to make it easier for competitors to use its online-ad tools. Google’s commitments will be binding for three years, the authority said.

‘We have agreed on a set of commitments to make it easier for publishers to make use of data and use our tools with other ad technologies,’ wrote Maria Gomri, Google’s legal director in France, in a blog post. ‘We’re committed to working collaboratively with regulators and investing in new products and technologies that give publishers more choice and better results when using our platforms.’

Although Google’s commitments are binding only in France, they will become a template for how the company could resolve similar complaints from publishers and advertising-technology rivals elsewhere. Gomri said Google would test its changes ‘over the coming months before rolling them out more broadly, including some globally.’

– The WSJ also looked at a proposed framework for guiding decisions on bringing enforcement actions against financial services industry chief compliance officers (CCOs), which aims to address growing concern over the individual liability of compliance professionals.

The New York City Bar Association’s proposed framework asks regulators to evaluate 12 affirmative factors and three mitigating factors in deciding whether to charge CCOs for conduct linked to their job-related duties under federal securities laws. The proposal is intended to guide decisions to charge CCOs made by the SEC and FINRA.

Representatives for the SEC didn’t immediately respond to a request for comment. A spokesperson for FINRA didn’t immediately provide a comment.

CNN reported that a study released by the Alliance for Board Diversity in collaboration with Deloitte found that white women and minorities made up 38.3 percent of Fortune 500 board seats in 2020, up from 34 percent in 2018. Since 2010 the number of companies with greater than 40 percent diversity (including women) has almost quadrupled. But the average growth rate in minority representation on Fortune 500 boards has remained unchanged – at less than 0.5 percent a year – since 2004.

‘The progress made on overall diversity has largely been due to the increase of white women on boards,’ the study noted.

The ‘recycle rate’ of board members – that is, one person serving on multiple boards – has fallen across all groups, the report found. In 2020, however, more than a third of diverse board seats were still held by people serving on multiple Fortune 500 boards, and the rate was highest among black directors.

– According to the WSJ, mining companies are trying to tap into the flood of money targeting green investments by proclaiming their production of materials that go into wind turbines, power lines and batteries, while downplaying the environmental impact of their operations and, for many of them, their big businesses mining coal.

Mining companies are trying to differentiate themselves from fossil-fuel producers, which are facing growing pressure from investors over climate change. The potential for tougher investor-driven climate and emissions actions may lead to higher capital costs and diminished access to capital for oil companies, according to Moody’s.

– In its first annual ESG report, M&T Bank Corp said 60 percent of its employees are female and 23 percent are people of color, according to Bloomberg. In its top ranks, 40 percent of the bank’s board members come from diverse backgrounds, the bank said. Of three directors added to the board last year, two are women and one is a person of color, according to a statement released alongside the report. Among the bank’s executive management staff, 26 percent are female, and 6 percent are people of color, according to the report.

The disclosure emerges as major financial firms face the prospect of undertaking racial audits that would review their potential adverse impacts on communities of color. M&T said in the report that it intends to invest in efforts to reach previously ‘under-represented’ consumers, including the unbanked and the underbanked.

The Guardian reported that the US Department of Justice has recovered the majority of a multi-million-dollar ransom payment to hackers after a cyber-attack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month. The operation to recover the cryptocurrency is the first undertaken by a specialized ransomware taskforce created by the Biden administration, and reflects what US officials say is an increasingly aggressive approach to deal with a ransomware threat that in the last month has targeted critical industries around the world.

– The WSJ reported that the SEC is drafting a proposal that would restrict plans corporate insiders use to avoid insider-trading claims when buying or selling their own company’s stock. SEC chair Gary Gensler said he is seeking to revise rules that govern the arrangements, known as 10b5-1 plans. Insiders set up plans ahead of time and use them to schedule future trades.

The arrangement gives executives a defense against insider-trading claims that would stem from having undisclosed material non-public information at the time of a trade. But the plans often generate controversy because there is no required public disclosure of a plan at the time an insider sets one up. Some investors say plans can be manipulated because, for example, executives can modify or cancel them. Public companies sometimes disclose the plans to mitigate the perception that executives are trading on non-public information.

The New York Times reported that Royal Dutch Shell CEO Ben van Beurden said the company will respond to a recent defeat in a Dutch court by accelerating its efforts to reduce its carbon dioxide emissions. Van Beurden said he was ‘disappointed’ by the ruling requiring the company to move faster in cutting greenhouse gases but added that Shell was planning to do just that.

‘For Shell, this ruling does not mean a change but rather an acceleration of our strategy,’ van Beurden said in an article published on LinkedIn. ‘We will seek ways to reduce emissions even further in a way that remains purposeful and profitable.’ The District Court in The Hague ruled that Shell must reduce its global net carbon emissions by 45 percent by 2030 compared with 2019.

Van Beurden said his first reaction to the ruling was ‘surprise’ because Shell had been at the forefront among oil companies in setting targets to reduce emissions. He said the company still expected to appeal the judgment.

– According to the WSJ, Wall Street is selling a record number of junk bonds meant to finance environmental projects, but a lot of borrowers don’t guarantee that they will use the money for such purposes. Many of those bonds also included fine-print warnings that the companies might not fulfill their environmental pledges, according to documents reviewed by the WSJ. Money managers are so eager to buy green-labeled investment products they are disregarding the potential risk that the bonds aren’t as environmentally friendly as advertised, bond attorneys and analysts said.

CNBC reported that, according to an internal memo, Goldman Sachs is requiring its US employees to report whether they’ve taken one of the Covid-19 vaccines. Goldman Sachs last month told its workforce that they should be ready to return to offices in the US and the UK by June 14.

Although it is legal for companies to ask workers about their vaccination status, they must keep that information confidential. Many employers have been reluctant to force staff to take the vaccine or provide evidence of shots, instead relying on an honor system.

‘Registering your vaccination status allows us to plan for a safer return to the office for all of our people as we continue to abide by local public health measures,’ the bank said in the memo. ‘As a result, it is mandatory that you submit your vaccination status on the Canopy app, whether or not you are vaccinated.’ Canopy is the bank’s in-house portal for employee updates.

The Guardian said JBS, the world’s biggest meat processor, paid an $11 mn ransom after a cyber-attack shut down operations including abattoirs in the US, Australia and Canada. Although most of its operations have been restored, the Brazil-headquartered company said it hoped the payment would avoid further complications such as data theft.

‘This was a very difficult decision to make for our company and for me personally,’ said JBS CEO Andre Nogueira. ‘However, we felt this decision had to be made to prevent any potential risk for our customers.’

– More than 70 CEOs from some of the world’s biggest companies have called on governments to do much more to tackle climate change, including forcing businesses to reduce their carbon emissions, according to CNN. In an open letter, executives including Mark Schneider of Nestlé and Ramon Laguarta of PepsiCo urged all governments to set policies to meet targets consistent with the Paris climate agreement’s most ambitious goal of capping the global rise in temperatures to 1.5ºC.

The letter was published ahead of leaders of the G7 group meeting in the UK this weekend and ahead of COP26, a global climate summit, in November. A separate call by investors managing more than $41 tn in assets warned that governments ‘risk missing out on a wave of investment’ if they fail to implement meaningful policies to tackle climate change.

– Compliance officers are getting more involved in diversity and inclusion efforts, using their expertise in helping employees follow laws and company policies to push for change, according to the WSJ. Kellye Gordon, vice president of ethics and compliance and legal operations at VF Corp, says their skills in engaging with company leadership, building teams and setting up training and awareness programs can be put to use in the drive to increase diversity and inclusion.

‘It’s so important as a legal team and a compliance team to get involved. People listen to us; we have a voice to be heard on this topic,’ said Gordon, an executive sponsor of VF’s diversity and inclusion efforts in the legal department. ‘And moving to this world in ethics and compliance, because we care about justice and equality, it’s a pillar of the work we do.’

CNN reported that McDonald’s has become the latest high-profile company to be affected by a data breach, resulting in the exposure of private information of customers and employees in South Korea and Taiwan. The company said an investigation revealed a ‘small number of files were accessed,’ some of which had personal data. McDonald’s is contacting affected customers and regulators and said payment information wasn’t accessed.

McDonald’s credited its ‘substantial investments’ in cyber-security measures for finding this breach. ‘These tools allowed us to quickly identify and contain recent unauthorized activity on our network,’ a spokesperson said. ‘A thorough investigation was conducted, and we worked with experienced third parties to support this investigation.’

Ben Maiden

Ben Maiden is the editor-at-large of Governance Intelligence, an IR Media publication, having joined the company in December 2016. He is based in New York. Ben was previously managing editor of Compliance Reporter, covering regulatory and compliance...