Developments in Securities Regulation, Corporate Governance, Capital Markets, M&A and Other Topics of Interest. MORE

The SEC staff has promulgated new views on stablecoins.   Specifically, the staff statement addresses stablecoins that are designed to maintain a stable value relative to the United States Dollar, or “USD,” on a one-for-one basis, can be redeemed for USD on a one-for-one basis (i.e., one stablecoin to one USD), and are backed by assets held in a reserve that are considered low-risk and readily liquid with a USD-value that meets or exceeds the redemption value of the stablecoins in circulation. The SEC staff statement refers to the types of stablecoins addressed by this statement as “Covered Stablecoins.”

The staff notes that Section 2(a)(1) of the Securities Act and Section 3(a)(10) of the Exchange Act each defines the term “security” by providing a list of various financial instruments, including “stock,” “note,” and “evidence of indebtedness.” Because Covered Stablecoins share some characteristics with a note or other debt instrument, the staff believes is it appropriate to analyze them under the test set forth in Reves v. Ernst & Young.

Under Reves, while a note is presumed to be a security, that may be rebutted by showing that the note strongly resembles one of the several types of notes issued in connection with typical commercial transactions and, accordingly, are properly excepted from the definition of security.  After reviewing relevant factors, the staff concluded on balance, Covered Stablecoins are not securities under Reves because:

  • sellers use the proceeds to fund a reserve and buyers are not motivated by an expected return on their funds;
  • Covered Stablecoins are distributed in a manner that does not encourage trading for speculation or investment;
  • a reasonable buyer would likely expect that Covered Stablecoins are not investments; and
  • the availability of a reserve adequately funded to fully satisfy redemptions on demand is a risk-reducing feature of Covered Stablecoins.

According to the staff the offer and sale of Covered Stablecoins is to advance a commercial or consumer purpose.

The Staff also conducted further analysis of the offer and sale of Covered Stablecoins under the “investment contract” test set forth in Howey. The “Howey test” is used to analyze arrangements or instruments not listed in Section 2(a)(1) of the Securities Act and Section 3(a)(10) of the Exchange Act based on their “economic realities.”

According to the staff in evaluating the economic realities of a transaction, the test is whether there is an investment of money in a common enterprise premised on a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others. The staff notes that since Howey, the Supreme Court has contrasted the motivations of investors – those who are attracted to a scheme by the “prospects of a return on their investment” – with the motivations of consumers – those who are “motivated by a desire to use or consume the item purchased.” The staff asserts that while the federal securities laws apply to transactions in investments, they do not apply to consumer transactions.

The staff concludes that buyers do not purchase Covered Stablecoins with a reasonable expectation of profit derived from the entrepreneurial or managerial efforts of others because these instruments are not marketed as investments or with any emphasis on the potential for profit. Rather, buyers are motivated to use or consume Covered Stablecoins as so-called “digital dollars” in the same way one would use USD. Accordingly, it is the staff’s view that Covered Stablecoins are not offered or sold as investment contracts.

The SEC announced that the Commission had voted to end its defense of the rules requiring disclosure of climate-related risks and greenhouse gas emissions.

SEC Acting Chairman Mark T. Uyeda said, “The goal of today’s Commission action and notification to the court is to cease the Commission’s involvement in the defense of the costly and unnecessarily intrusive climate change disclosure rules.”

In a dissenting statement,  SEC Commissioner Caroline A. Crenshaw said “By way of politics, the current Commission would like to dismantle that rule. And they would like to do so unlawfully. The Administrative Procedure Act (APA) governs the process by which we make rules. The APA prescribes a careful, considered framework that applies both to the promulgation of new rules and the rescission of existing ones. There are no backdoors or shortcuts. But that is exactly what the Commission attempts today.”

The SEC looked favorably on designated crypto mining activities by stating that such activities are not securities. Specifically, the SEC addressed “proof-of-work” activities.  According to the SEC, Proof-of-work (“PoW”) is a consensus mechanism that incentivizes network transaction validation by rewarding network participants, called “miners,” who operate nodes adding computational resources to the network. PoW involves validating transactions on a network and adding them in blocks to the distributed ledger. The “work” in PoW is the computational resources that miners contribute to validate transactions and add new blocks to the network. Miners do not have to own the network’s Covered Crypto Asset to validate transactions.

The statement suggests solo mining is not a security.  It says “A miner’s Self (or Solo) Mining is not undertaken with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others. Rather, a miner contributes its own computational resources, which secure the network and enable the miner to earn Rewards issued by the network in accordance with its software protocol.”

The statement also suggests pooled mining activities are not securities.   It says “Likewise, when a miner combines its computational resources with other miners to increase their chances of successfully mining new blocks on the network, the miner has no expectation of profit derived from the entrepreneurial or managerial efforts of others. By adding its own computational resources to a mining pool, the miner merely is engaging in an administrative or ministerial activity to secure the network, validate transactions and add new blocks, and receive Rewards.”

Democratic Commissioner Caroline A. Crenshaw did not seem impressed.  She stated:

“In short, the statement leaves us exactly where we started: with a facts and circumstances application of Howey. For the sake of investors, other market participants, and the markets themselves, I hope that readers do not mistake it for something more than it is. The meme coin statement issued by the staff similarly cautioned (again, buried in a footnote) that its discussion was limited to what it called “typical” meme coin offers and that a determination as to any specific coin would require a facts and circumstances analysis under Howey. Predictably, these cautionary footnotes were largely ignored and the statement was widely reported as a wholesale exemption for meme coins. I hope that the statement on crypto mining is more accurately understood for what it is and is not. Beware of any headlines that herald a wholesale exemption for mining. And mine the fine print.

Finally, buried in the footnotes, the statement reveals its true limitation: one actually would have to conduct a Howey analysis to know if a specific mining arrangement constitutes an investment contract. In fact, the footnote accurately notes that to make a “definitive determination” under Howey, one would need to analyze the economic realities and real-world arrangements, including “the way in which pool members may be compensated, how miners or other persons may participate in mining pools, or the activities conducted by pool operators,” and other “facts relating to the specific Mining Activity.””

The SEC announced that its Division of Corporation Finance is further facilitating capital formation by enhancing the accommodations available to companies for nonpublic review of draft registration statements.

The enhanced accommodations include:

  • Expanding the availability of the nonpublic review process for the initial registration of a class of securities under the Exchange Act to include both Section 12(b) and Section 12(g) registration statements on Forms 10, 20-F, or 40-F.
  • Permitting issuers to submit draft registration statements regardless of how much time has passed since they became subject to the reporting requirements of Section 13(a) or 15(d) of the Exchange Act.
  • Expanding the availability of the nonpublic review process for a de-SPAC transaction in situations where the SPAC is the surviving entity (i.e., SPAC-on-top structure) as long as the target is eligible to submit a draft registration statement.
  • Permitting issuers to omit the name of the underwriter(s) from their initial draft registration statement submissions, when otherwise required by Items 501 and 508 of Regulation S-K, provided that they include the name of the underwriter(s) in subsequent submissions and public filings.

The SEC Staff at the Division of Corporation Finance issued a statement which said “It is the Division’s view that transactions in the types of meme coins described in this statement, do not involve the offer and sale of securities under the federal securities laws.”

What types of meme coins were described?  “A “meme coin” is a type of crypto asset inspired by internet memes, characters, current events, or trends for which the promoter seeks to attract an enthusiastic online community to purchase the meme coin and engage in its trading. Although individual meme coins may have unique features, meme coins typically share certain characteristics. Meme coins typically are purchased for entertainment, social interaction, and cultural purposes, and their value is driven primarily by market demand and speculation. In this regard, meme coins are akin to collectibles. Meme coins also typically have limited or no use or functionality. Given the speculative nature of meme coins, they tend to experience significant market price volatility, and often are accompanied by statements regarding their risks and lack of utility, other than for entertainment or other non-functional purposes.”

According to the Staff, the described meme coins do not meet the definition of an investment contract: “The offer and sale of meme coins does not involve an investment in an enterprise nor is it undertaken with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others. First, meme coin purchasers are not making an investment in an enterprise. That is, their funds are not pooled together to be deployed by promoters or other third parties for developing the coin or a related enterprise. Second, any expectation of profits that meme coin purchasers have is not derived from the efforts of others. That is, the value of meme coins is derived from speculative trading and the collective sentiment of the market, like a collectible. Moreover, the promoters of meme coins are not undertaking (or indicating an intention to undertake) managerial and entrepreneurial efforts from which purchasers could reasonably expect profit.”

SEC Commissioner Caroline A. Crenshaw disagrees with the Staff statement: “Today’s guidance from the Division of Corporation Finance turns that concept on its head. It advances an incomplete, unsupported view of the law to suggest that an entire product category is outside the bounds of SEC jurisdiction.”

Further: “The guidance offers no clear definition from law or even a basic dictionary. It generally describes a meme coin as an asset reflective of online or social trends, of speculative value, that tends to experience high volatility. But these are near universal hallmarks of crypto assets. The lack of a useful definition alone makes the value of this guidance questionable, except perhaps as a roadmap for crypto enterprises looking to evade oversight by labeling themselves as a meme coin.”

In a settled enforcement action, the Securities and Exchange Commission (“SEC”) charged Shift4 Payments, Inc. (“Shift4”), a payment processing company based in Pennsylvania, with failing to disclose payments made to immediate family members of executive officers and directors as compensation.

Item 404(a) of Reg S-K requires companies describe transactions since the beginning of the last fiscal year if: (1) the transaction is in excess of $120,000; (2) the company was a participant; and (3) any “related person had or will have a direct or indirect material interest.” The definition of a “related person” is quite broad, as it includes any director (or nominee), executive officers, and immediate family members of directors (or nominees) and executive officers. Under Item 404(a), immediate family members include “any child, stepchild, parent, stepparent, spouse, sibling, mother-in-law, father-in-law, son-in-law, daughter-in-law, brother-in-law, or sister-in-law of such director, executive officer or nominee for director, and any person (other than a tenant or employee) sharing the household of such director, executive officer or nominee for director.”

If the transaction meets the requirements outlined in Item 404(a), the company must disclose:

  • the related person’s name;
  • the nature of the relationship;
  • the related person’s interest in the transaction;
  • the approximate dollar amount of the transaction; and
  • any other information that would be material to investors.

The same disclosure requirements also apply to transactions between companies and any 5% shareholder.

As an example, X is a director of Company A. Company A employs X’s son at a yearly salary of $150,00. Because X’s son is a related person and has a material interest in his yearly compensation, this transaction must be disclosed under Item 404(a).

In its Order against Shift4, the SEC alleged Shift4 violated Sections 13(a) and 14(a) after failing to disclose two transactions which met the requirements for disclosure under Item 404(a). Specifically, Shift4 employed a sibling of an executive officer and director, who received $1.1 million in compensation between 2020 and 2022. Additionally, another sibling of an executive officer and director received over $1 million as “residual commissions while acting as an independent sales agent” between 2020 and 2022. Shift4 did not disclose either of these transactions in its Form 10-K or proxy statements. As such, it violated Item 404(a).

Because Shift4 cooperated with the SEC during its investigation and took several remedial acts, including improving its company policies and procedures, Shift4 and the SEC settled. The company agreed to pay a civil money penalty of $750,000.

Shift4 did not admit or deny the SEC’s allegations.

On January 21, 2025, SEC Acting Chairman Mark T. Uyeda launched a crypto task force charged with “developing a comprehensive and clear regulatory framework for crypto assets.”

The SEC acknowledged in the announcement that it “has relied primarily on enforcement actions to regulate crypto retroactively and reactively,” resulting in “confusion about what is legal, which creates an environment hostile to innovation and conducive to fraud.” The task force will “help the Commission draw clear regulatory lines, provide realistic paths to registration, craft sensible disclosure frameworks, and deploy enforcement resources judiciously.”

The task force will be led by Commissioner Hester Peirce, and will include Uyeda’s senior advisor, Richard Gabbert, as its chief of staff, and Uyeda’s senior policy advisor, Taylor Asher, as its chief policy advisor. The task force will coordinate with federal departments and agencies, including the Commodity Futures Trading Commission (CFTC), and state and international counterparts, as well as across SEC divisions and offices.

Peirce noted that the task force “will succeed only if [it] has input from a wide range of investors, industry participants, academics, and other interested parties. To that end, the task force anticipates holding roundtables in the future and welcomes public input via email in the meantime.

President Donald Trump has already announced that he intends to nominate Paul Atkins to chair the Commission, but the Senate has yet to schedule a hearing on his nomination.

On December 17, 2024, the Securities and Exchange Commission (“SEC”) announced that it had settled charges against Ohio-based Express, Inc. (“Express”). The SEC ultimately found that Express violated Sections 13(a) and 14(a) of the Securities Exchange Act of 1934 and Rules 12b-20, 13a-1, 13a-15(a), 14a-3, and 13a-9 by failing to disclose all of its former Chief Executive Officer’s (“CEO”) executive compensation. Specifically, Express did not disclose a number of perks provided to the CEO during his employment with the company.

Public companies are required to comply with disclosure obligations regarding executive compensation to assist investors in making educated investment decisions. Specifically, under Reg S-K Item 402, companies must disclose and identify executive perks and other personal expenses by type for each executive that receives at least $10,000 of perks or other personal benefits each year. For each perk or personal benefit exceeding a value of $25,000 or 10% of total perks for that executive, the total number of perks must be quantified and disclosed.

According to the SEC, for fiscal years 2019, 2020 and 2021, Express ‘s “All Other Compensation” for its CEO consisted of retirement contributions, insurance premiums, one private flight for the CEO’s relocation, and private aircraft usage by the CEO’s family members. However, these proxies understated other compensation for its executive officers by an average of 94% by failing to classify personal travel expenses, paid by Express, as perks or personal benefits.

The SEC determined that Express’s system used to identify, track and calculate perks applied an improper standard. Items were not categorized as a perk or benefit needing disclosure if there was a business purpose for the expense. However, whether an item has a business purpose does not affect whether an expense needs to be disclosed as a perk.

Rather, Express and other public companies subject to the SEC’s guidelines must engage in a separate inquiry to classify expenses. Specifically, the SEC considers the following factors:

  • If an item is integrally and directly related to the performance of an executive’s duties, it is not a perk.
  • If the item is not generally available on a non-discriminatory basis to all employees and confers a direct or indirect benefit that is personal in some aspect, it is a perk, regardless of whether it is provided for some business reason or for the convenience of the company.

Integrally and directly related to job performance is a narrow distinction, encompassing only items a company provides because the executive needs it to do his or her job. In Release No. 33-8732A (Aug. 29, 2006), the SEC specifically explained that a company policy permitting an executive (and/or his or her family) to use a company aircraft for personal travel does not affect the ultimate conclusion that the use of the aircraft is a provided perk or personal benefit. Although this policy had a business purpose in providing security to its executives, the personal use still needed to be disclosed.

According to the SEC, for Express, this meant that the “expenses associated with the CEO’s personal flights, including transportation, meals, and hotel” were in fact perks. Upon learning of its errors, Express acted promptly by self-reporting and instructing outside counsel to conduct an internal investigation. The former CEO ultimately reimbursed Express for approximately $454,000 of expenses that were determined to be perks. Because of Express’s cooperation, the SEC declined to impose a civil penalty and Express agreed to a cease-and-desist order without admitting or denying the SEC’s findings.

Erik Gerding, Director, SEC Division of Corporation Finance, issued a statement to clear up misconceptions following filing of an 8-K disclosing a cybersecurity incident.

According to Mr. Gerding, some companies are under the impression that if they experience a material cybersecurity incident, the SEC’s new rules prohibit them from discussing that incident beyond what was included in the Item 1.05 Form 8-K disclosing the incident.  Mr. Gerding added “That is not the case.”

According to the statement, nothing in Item 1.05 prohibits a company from privately discussing a material cybersecurity incident with other parties or from providing information about the incident to such parties beyond what was included in an Item 1.05 Form 8-K.

Mr. Gerding also addressed selective disclosure questions under Regulation FD.  As is well-known, Regulation FD requires public disclosure of any material nonpublic information that has been selectively disclosed to securities market professionals or shareholders, as specified in the regulation.  Depending on the information disclosed, and the persons to whom that information is disclosed, discussions regarding a cybersecurity incident may implicate Regulation FD.

“Nothing in Item 1.05 alters Regulation FD or makes it apply any differently to communications regarding cybersecurity incidents” according to Mr. Gerding.  There are several ways that a public company can privately share information regarding a material cybersecurity incident beyond what was disclosed in its Item 1.05 Form 8-K without implicating Regulation FD:

  • For example, the information that is being privately shared about the incident may be immaterial, or the parties with whom the information is being shared may not be one of the types of persons covered by Regulation FD.
  •  Further, even if the information being shared is material nonpublic information and the parties with whom the information is being shared are the types of persons covered by Regulation FD, an exclusion from the application of Regulation FD may apply.
  •  For example, if the information is being shared with a person who owes a duty of trust or confidence to the issuer (such as an attorney, investment banker, or accountant) or if the person with whom the information being shared expressly agrees to maintain the disclosed information in confidence (e.g., if they enter into a confidentiality agreement with the issuer), then public disclosure of that privately-shared information will not be required under Regulation FD.

Erik Gerding, Director, Division of Corporation Finance, released a statement on the preferred methods to disclose certain cybersecurity incidents.  Mr. Gerding noted “The cybersecurity rules that the Commission adopted on July 26, 2023 require public companies to disclose material cybersecurity incidents under Item 1.05 of Form 8-K.  If a company chooses to disclose a cybersecurity incident for which it has not yet made a materiality determination, or a cybersecurity incident that the company determined was not material, the Division of Corporation Finance encourages the company to disclose that cybersecurity incident under a different item of Form 8-K (for example, Item 8.01).  Although the text of Item 1.05 does not expressly prohibit voluntary filings, Item 1.05 was added to Form 8-K to require the disclosure of a cybersecurity incident “that is determined by the registrant to be material,” and, in fact, the item is titled “Material Cybersecurity Incidents.”  In addition, in adopting Item 1.05, the Commission stated that “Item 1.05 is not a voluntary disclosure, and it is by definition material because it is not triggered until the company determines the materiality of an incident.”  Therefore, it could be confusing for investors if companies disclose either immaterial cybersecurity incidents or incidents for which a materiality determination has not yet been made under Item 1.05.”

Mr. Gerding also noted “This clarification is not intended to discourage companies from voluntarily disclosing cybersecurity incidents for which they have not yet made a materiality determination, or from disclosing incidents that companies determine to be immaterial.  I recognize the value of such voluntary disclosures to investors, the marketplace, and ultimately to companies, and this statement is not intended to disincentivize companies from making those disclosures.”

Finally, Mr. Gerding indicates “in determining whether a cybersecurity incident is material, and in assessing the incident’s impact (or reasonably likely impact), companies should assess all relevant factors.  As the Commission noted in the Adopting Release, that assessment should not be limited to the impact on “financial condition and results of operation,” and “companies should consider qualitative factors alongside quantitative factors.”  For example, companies should consider whether the incident will “harm . . . [its] reputation, customer or vendor relationships, or competitiveness.”  Companies also should consider “the possibility of litigation or regulatory investigations or actions, including regulatory actions by state and Federal Governmental authorities and non-U.S. authorities.””