Prep notes for proxy season

As companies prepare for the 2014 proxy season, there are a number of rules that may need added attention. This is a brief run-down of those rules, and what companies should be doing about them. In a recent policy update, Meridian Compensation Partners reminds firms of the ISS policy change on evaluating a board’s responsiveness to a majority-supported shareholder proposal. For 2014 ISS will recommend an ‘against’ or ‘withhold’ vote for individual directors or an entire board if the board ‘fails to act’ on a shareholder proposal that received majority shareholder support the previous year. This will serve to strengthen shareholders’ involvement with corporate strategy.

‘ISS will consider a response to a shareholder-approved proposal adequate if the proposal is either fully implemented or, if the matter requires a vote by shareholders, a management proposal is included on the next annual ballot to implement the proposal,’ Meridian says. ‘ISS will evaluate on a case-by-case basis the adequacy of a partially implemented shareholder-approved proposal, taking into account the following’:

• The subject matter of the proposal
• The level of support or opposition to the resolution in past meetings
• Disclosed outreach efforts by the board to shareholders in the wake of the vote
• Actions taken by the board in response to its engagement with shareholders
• The continuation of the underlying issue as a voting item on the ballot (as either shareholder or management proposals)
• Other factors as appropriate.

It is also noted that ISS will consider the board’s rationale for the level of implementation. This means companies that disagree with shareholder votes on governance issues – even non-binding ones – may need to think twice before ignoring them.

It will be interesting to see the impact this new approach by ISS will have on executive compensation and say-on-pay votes this year. Companies that do not fully implement majority-supported shareholder proposals should at the very least include a full explanation of why they chose not to in their proxy statement.

Conflict minerals rule disclosure

Reporting requirements for the SEC’s conflict mineral disclosure rules are due on May 31, 2014, and all public companies are reminded that they will need to prepare a new Form Special Disclosure (SD) in order to comply. This new disclosure requires companies that manufacture products containing gold, tin, tungsten or wolframite to report due diligence efforts to ensure the minerals used by the company or its third-party suppliers do not come from war-torn nations including the Democratic Republic of the Congo and adjoining countries Angola, Burundi, the Central African Republic, the Republic of the Congo, Rwanda, South Sudan, Tanzania, Uganda and Zambia.

A recent securities regulation and compliance alert from Skadden Arps Slate Meagher & Flom advises companies to be proactive when filing this disclosure.

‘We do not recommend that companies wait for a reprieve from reporting under the rules,’ the alert reads. ‘Companies should assess the impact of the conflict minerals disclosure rules as early as possible. If a Form SD needs to be filed, companies should consider the procedures that will need to be performed and whether outside advisers – lawyers, accountants or other consultants – may be helpful to the process.

Because all companies that are obligated to do so will first have to file a Form SD by May 31, 2014 and, therefore, it is unlikely that examples of Forms SD will be available much before the filing deadline, advisers may be able to provide particularly helpful guidance. We also recommend that initial drafts of the disclosures to be provided in Form SD and the potential conflict minerals report that may need to be filed on Form SD be prepared and shared with relevant company personnel well before the May 31 filing deadline.’

The SEC will no doubt have more to say about conflict minerals disclosures prior to the May filing deadline, so stay tuned.

CEO pay gap disclosure

Although final rules regarding the disclosure of the pay gap between employees and the CEO have not yet been approved, public companies should begin preparing to deliver these disclosures, which may be required by late 2014 or early 2015.

According to an advisory from Sheppard Mullin Richter & Hampton, ‘under the proposed rules, in addition to the compensation disclosure already required for the chief executive and the other ‘named executive officers’ and the mandated ‘say-on-pay advisory vote disclosures’, a public company would also need to disclose ‘(i) the median of the annual total compensation of all its employees except the CEO; (ii) the annual total compensation of its CEO; and (iii) the ratio of the two amounts.’

While observers suggest there may be legal challenges to the rule before it becomes finalized, it would be a smart move for companies to begin calculating these ratios in advance and formulating an appropriately worded defense should the ratio happen to draw objections from investors.

Cyber-security risk disclosure

Although there are no current disclosure rules for cyber-security risk, this will be an area of continued interest for regulators in 2014. While the SEC has not yet issued rules, its staff have begun extensive research in this area as hacking incidents and thefts of consumer personal information have increased in number and severity. There is significant agreement that since the risk of a cyber-incident is an important consideration when investors make decisions, public companies may need to be compelled to disclose their material risk in this area – including information about known or threatened cyber-incidents.

According to a recent client update from Mayer Brown, SEC guidance on this issue suggests ‘cyber-security risks and cyber-incidents would need to be described in the management’s discussion and analysis (MD&A) if the costs or other consequences represent an event, trend or uncertainty that is reasonably likely to have a material effect on results of operations, liquidity or financial consideration, or cause reported financial information to be not indicative of future results or conditions. MD&A disclosure would also be needed if it is reasonably likely a cyber-attack could lead to reduced revenues or increased protection costs, if material. If a company’s products, services, customers or supply relationships or competitive conditions are materially affected by cyber-incidents, disclosure would be needed in the business section.’

Disclosures would also be needed if there was litigation regarding a cyber-incident or ‘situations that could require disclosures in financial statements prior to, during or after a cyber-incident’.

It was also noted that ‘if cyber-incidents pose a risk to a company’s ability to record, process, summarize and report information required in SEC filings, SEC staff suggest management should consider whether there are any deficiencies in the company’s disclosure controls and procedures that need to be addressed.’

With the number of cyber-incidents increasing, it seems only a matter of time before there is some movement on rules for disclosures in this area. Companies should review and disclose their strategy for preventing cyber-intrusions and begin preparing additional disclosures based on what their largest shareholders would like to know.