The huge scope of the Dodd-Frank Act poses an enormous problem for the Securities and Exchange Commission: How, in the midst of everything else, can the SEC perform the various functions assigned to it by Congress?
As of this writing, the SEC is behind, and scrambling, in a variety of areas. Most notably, it has yet to issue proposed rulemaking in pay for performance disclosure; disclosure of median employee pay compared to CEO pay; implementation of claw-backs from management for compensation based on erroneous financials; limiting the ability of senior management to hedge stock positions in their companies; and incentive pay at financial institutions.
(On Dec. 21, the SEC did finally adopt a formal rule, effective 60 days from publication, embodying the requirement of Section 413(a) of Dodd-Frank to exclude in most instances both the value of and mortgage on an investor’s primary residence in calculating net worth for purposes of “accredited investor” status under the Regulation D exemption from registering private placements.)
All this sits on top of the SEC’s unfortunate foray into mandatory proxy access, where final rules requiring management to open the solicitation process to shareholder nominees was struck down so resoundingly by the U.S. Court of Appeals for the District of Columbia that the SEC abandoned the initiative rather than seek judicial appeal.
Among the several Dodd-Frank-mandated rules that the SEC has issued, two in particular have caused substantial discussion (in addition to the whistleblower provisions, which are discussed in my November 2011 column).
Limited proxy reform
The court struck down SEC-mandated director nominations by shareholders. Another approach, embodied in an amendment to SEC Rule 14a-8 (“amended rule”), was not challenged and took effect in late September 2011.
Often referred to as the “private ordering” of proxy access, the general import of the amended rule is to compel registrants to include, in their proxy solicitation, previously excludable shareholder proposals requiring the corporation to adopt specific procedures for shareholder nominations of directors (and to have their solicitation information included in the corporate proxy statement).
Such procedures could specify the number of shareholder nominees, the qualifications for nominators and nominee, and the mechanics of nominations.
It is not clear the extent to which shareholders will embrace the private ordering approach. One interesting perspective, reflecting lack of fully developed analysis, appears in Institutional Shareholders Services’ 2012 Corporate Governance Policy Updates and Process Executive Summary (Nov. 17, 2011). (Formerly named Risk Metrics, ISS is a much-followed arbiter of board actions, and its endorsement for election of board candidates is courted within many registrants.)
The ISS summary sets forth policies to be applied by ISS for meetings on or after Feb. 1, and discusses generally the evaluative standards for ISS approving or refusing to support board slates or individual candidates.
The revised 2012 ISS policy on proxy access is impenetrable. It states that ISS will evaluate on a “case by case” basis, no change from prior practice, but expands the factors used in evaluation: ISS will consider whether management itself has put forward a proposal for privately ordered proxy access; a non-exclusive “range of company-specific and proposal-specific factors” that include the stock ownership threshold (percentage and duration) before shareholders can offer a proposal; the proportion of the whole board that shareholders may nominate; the manner in which multiple shareholder nominations are sorted out; “as well as any other factors deemed relevant.”
The ISS summary notes that institutional investors generally supported the ISS draft but, not surprisingly, called for greater specificity; hence, the promise of a policy update this month.
Thus, with some level of ISS support of (and credit for) company-crafted proxy access proposals, boards may consider putting forward their own proposed version as a way to avoid uncomfortably radical alternate shareholder suggestions while gaining ISS credit.
There remains the intriguing prospect that a proxy statement this year may contain dueling proposals for proxy access, put forward by the company and by shareholders both.
The playing field may indeed become contentious, particularly since the amended rule requires proposing shareholders only to have held at least $2,000 in market value or 1 percent of the company’s voting securities for at least one year (a low trigger, far less than the 3 percent requirement contained in the now-abandoned SEC rule that mandated proxy statement inclusion of nominees).
Risk management again
Dodd-Frank was driven by the general congressional consensus that the 2008 financial meltdown was caused by a failure of large companies (primarily in the financial sector) properly to assess risks inherent in their business strategies.
That perception was echoed in Dodd-Frank’s ’34 Act increase in required disclosure of executive compensation, aimed at disincentivizing risk undertaken for the purpose of meeting short-term performance targets that, in turn, increased executive comp.
Indeed, the SEC has been successful in promulgating a variety of disclosure rules specifically addressing the statutory focus on risk assessment, including rules requiring specific disclosure of the manner in which risk is evaluated and dealt with (although, significantly, the SEC has not sought to cause the Exchanges to require listed companies to have a formal risk committee or risk officer).
The corporate governance press has been deluged with articles seeking an acceptable articulation of the board’s role in risk management.
For example, as noted in the November 2011 Compliance Week, a poll of board members of companies with revenues over $250 million revealed many companies did not have a risk management committee of the board, and more than half did not have a chief risk officer or similar executive position.
Of those companies that did have a chief risk officer, only 9 percent reported to the board. Further, risk management was the most often cited area in which boards felt that they lacked sufficient time to focus.
In ISS’s full Nov. 17, 2011, report on “US Corporate Governance Policy-2012 Updates,” ISS for the first time identified “risk oversight” as a specific basis upon which it might recommend a vote against, or withholding a vote for, individual directors or the entire board.
Risk oversight is added to the prior litany of failures that might trigger a negative recommendation: governance, stewardship and fiduciary responsibilities. ISS is careful to point out that it does not intend to penalize boards for taking prudent business risks or for exhibiting a responsible risk appetite, but instead is attempting to focus on “situations where there has been a material failure in a board’s role in overseeing the company’s risk management practices.”
That articulation is carefully consistent with a proper role of the board. The board should insure that the company possesses risk management practices, not itself have hands-on monitoring responsibility. Presumably that distinction is designed to preserve the historical bailiwick of a board in establishing strategic directions for a company, which indeed always involve some level of business risk (sometimes, materially so).
Some inkling of what kinds of risks ISS is talking about can be found in the examples it specifically cites. Noting that failures of board risk oversight “are not limited to the financial sector,” ISS identifies two examples of failure in board risk oversight: the “Deepwater Horizon” oil spill in 2010 and the News Corporation’s 2011 hacking scandal. Those examples focus on catastrophic events or material legal violations, not on strategic business decisions.
There is, at the edge of these concepts, an unclear gray area. How is a board to exercise its fiduciary duty to fix strategy in light of risk assessment, without being informed directly by management as to management’s assessment of that risk?
Although risk assessment will remain a hot topic, and the SEC requires annual reports on how each registrant processes risk, the level of granularity with which boards need to evaluate not just risk management practices but also the identification of specific risks remains unclear both operationally and in the 2012 ISS standards.
In other areas, much of what the SEC has left to do under Dodd-Frank is in the reporting realm, although not all of it. As for claw-back implementation, Dodd-Frank itself was unusually specific, and we should not expect material deviation in an SEC rule from the provisions contained in the act itself.
The SEC position that now-pending greater disclosure in executive compensation will limit earnings disparities is likely, in the final analysis, to prove illusory. Experience shows that heightened compensation disclosure may aggravate counsel but does little to roll back the mounting pay disparity between senior management and the rest of the world.
Stephen M. Honig is a partner in the Boston office of Duane Morris.