2018 Year-End U.S. Legal & Regulatory Developments

The following is our summary of significant U.S. legal and regulatory developments during 2018 of interest to Canadian companies and their advisors.  The first section below covers developments from the fourth quarter of 2018; the second section reprises key developments from the first three quarters of 2018 as previously reported in our quarterly client memoranda published during the year.

Recent Developments (Fourth Quarter 2018)

1. SEC Issues Report Reminding Registrants to Consider Cyber Threats When Implementing Internal Accounting Controls

On October 16, 2018, the Securities and Exchange Commission (“SEC”) issued a Report of Investigation (“Report”) cautioning public companies to carefully consider cyber threats when implementing and maintaining their internal accounting controls. The Report is based on the Enforcement Division’s investigations of nine SEC registrants spanning multiple industries that were victims of cyber fraud.  Although the SEC declined to take enforcement action, it noted that public company internal accounting controls may need to be reassessed in light of risks from increasingly widespread cyber-related frauds.

The Report highlights the SEC’s increased focus on cybersecurity issues following its release of guidance in February 2018 to assist registrants in preparing disclosures concerning cybersecurity risks and incidents. That guidance, discussed in our earlier client memorandum referenced below, reminded registrants to assess whether they have sufficient disclosure controls and procedures in place to ensure that relevant information about cybersecurity issues is processed and reported to the appropriate personnel to enable senior management to make decisions about public disclosure and fulfill their certification obligations. Shortly following the release of that guidance, and as discussed in our earlier client memorandum referenced below, the company formerly known as Yahoo! was fined $35 million to settle charges that it misled investors by failing to disclose a significant data breach.

Following the release of the Report, the SEC will likely also apply increased scrutiny to the adequacy of registrants’ internal accounting controls with respect to cybersecurity risks.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3978246/29oct18-sec-cyber-threats.pdf

2. Delaware Court of Chancery Finds Target MAE and Permits Acquiror to Terminate Merger Agreement

On October 1, 2018, Paul, Weiss secured a major victory for German healthcare group Fresenius SE & Co. (“Fresenius”) when the Delaware Court of Chancery ruled that Fresenius was justified in canceling its $4.8 billion agreement to acquire Illinois-based Akorn, Inc. (“Akorn”).

Vice Chancellor Laster found that Fresenius validly responded to a sharp downturn in Akorn’s business and Akorn’s blatant breaches of FDA data integrity requirements in deciding to terminate the deal under the Material Adverse Event (“MAE”) clause in the merger agreement.  Noting the many prior cases in which the court has criticized buyers who filed litigation after industry-wide or cyclical downturns made the acquisition less attractive, Vice Chancellor Laster called the Fresenius case “markedly different.”  Writing that Fresenius “responded to a dramatic, unexpected, and company-specific downturn in Akorn’s business that began in the quarter after signing,” he held that Akorn suffered a MAE as a result of its post-signing financial collapse.  He further held that Fresenius also validly terminated the acquisition because Akorn breached its representations and warranties regarding regulatory compliance and failed to operate in the ordinary course after signing the agreement.  In so holding, Vice Chancellor Laster relied on the “overwhelming evidence of widespread regulatory violations and pervasive compliance problems at Akorn,” including Akorn’s repeated deception of the FDA.  Akorn subsequently filed an appeal, and on December 7, 2018, the Delaware Supreme Court affirmed Vice Chancellor Laster’s opinion.

For the full text of our announcement, please see:
https://www.paulweiss.com/practices/litigation/mergers-acquisitions-litigation/news/chancery-court-rules-that-fresenius-can-terminate-akorn-deal?id=27545

For the full text of the Delaware Court of Chancery’s decision, please see:
https://courts.delaware.gov/Opinions/Download.aspx?id=279250

3. Delaware Court of Chancery Denies Corwin Protection in Two Recent Cases

On November 20, 2018, the Delaware Court of Chancery issued its decision in In re Tangoe, Inc. Stockholders Litigation (“Tangoe”), holding that directors who approved a sale of the company were not entitled to business judgment protection under Corwin KKR Financial Holdings LLC (“Corwin”) because company stockholders were not adequately informed when tendering into the transaction. This was due to the “information vacuum” created by, among other things, the lack of audited financials, even though neither federal securities nor Delaware law mandates disclosure of audited financials in this context per se. The court explained, however, in an opinion by Vice Chancellor Slights, that directors facing difficult decisions amid a “regulatory storm” (such as a restatement of financials) may still receive business judgment protection if they carefully and thoroughly explain all material aspects of a proposed transaction and remain focused on the best interests of stockholders.  Tangoe is a reminder for boards wishing to invoke business judgment protection under Corwin to provide stockholders with all material information (i.e., information that a reasonable stockholder would consider important in deciding how to vote).  This may embody information beyond what is legally required, such as the case here where the court considered the lack of audited financials to be dispositive at the pleadings stage of litigation.

Subsequently, on December 10, 2018, the Delaware Court of Chancery issued its decision in In re Xura, Inc. Stockholder Litigation, denying a motion to dismiss fiduciary duty claims against the CEO of Xura, Inc. for his actions in negotiating a sale of the company. The court, in an opinion by Vice Chancellor Slights, concluded that business judgment review did not apply under Corwin because stockholders were not fully informed about aspects of the negotiations when they approved the deal. Moreover, the court held that the plaintiff pled a viable claim that, in negotiating the transaction, the CEO favored his own interests—which included securing continued employment—over those of the stockholders and may therefore be personally liable for an unexculpated breach of his duty of loyalty.  The case reminds executives and boards about the dos and don’ts of how to conduct an appropriate sale process under Delaware law.

For the full text of our memorandum regarding In re Tangoe, Inc. Stockholders Litigation, please see:
https://www.paulweiss.com/media/3978306/29nov18-del-court.pdf

For the full text of our memorandum regarding In re Xura Inc. Stockholder Litigation, please see:
https://www.paulweiss.com/media/3978342/14dec18-delaware-xura.pdf

4. OFAC Reaches Settlement with Cobham Holdings, Inc. for Violations Resulting from Deficient Screening Software

On November 27, 2018, the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) announced a nearly $90,000 settlement agreement with Virginia-based Cobham Holdings, Inc. (“Cobham”), a global provider of technology and services in aviation, electronics, communications and defense, on behalf of its former subsidiary, Aeroflex/Metelics, Inc. (“Metelics”). The settlement involves three shipments of goods through distributors in Canada and Russia to an entity that did not appear on OFAC’s Specially Designated Nationals and Blocked Persons List, but that was blocked under OFAC’s “50% rule” because it was 51% owned by a company sanctioned under the Russia/Ukraine sanctions program. This is the second OFAC action of which we are aware that has relied on the 50% rule.  The apparent violations appear to have been caused by Metelics’s (and Cobham’s) reliance on deficient third-party screening software.

While difficult to predict, OFAC’s decision to pursue this action—involving only three shipments, a violation of the 50 percent rule, and where the root cause of the apparent violations is attributable to deficient sanctions screening software—may signal a raising of OFAC’s compliance expectations, consistent with Treasury Under Secretary Sigal Mandelker’s warning in a recent speech that private sector companies “must do more to make sure [their] compliance systems are airtight.”

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3978299/29nov18-ofac.pdf

5. SEC Solicits Public Comment on Earnings Releases and Quarterly Reports

On December 18, 2018, the SEC published a request for comment soliciting input on questions regarding the nature, content, and timing of earnings releases and quarterly reports provided by reporting companies. The request for comment follows a 2016 concept release requesting, among other things, comment on the benefits or disadvantages associated with quarterly reporting and an August 2018 tweet by President Trump requesting that the SEC study the issue. The request for comment asks how the SEC can reduce burdens on reporting companies associated with quarterly reporting without eroding disclosure effectiveness and investor protections and seeks to understand how the process by which investors access, process, and evaluate information could be simplified.  In addition, the SEC requests comment on how the existing periodic reporting system, earnings releases, and earnings guidance, alone or in combination with other factors, may foster an overly short-term focus by companies and other market participants.

Comments are due 90 calendar days after publication of the request for comment in the Federal Register, on March 21, 2019.

For the full text of the SEC’s request for comment, please see:
https://www.sec.gov/rules/other/2018/33-10588.pdf

For comments already submitted by the public pursuant to the SEC’s request for comments, please see:
https://www.sec.gov/comments/s7-26-18/s72618.htm

For the SEC’s comment submission page, please see:
https://www.sec.gov/cgi-bin/ruling-comments

6. SEC Chair Reminds Reporting Companies of the Importance of Brexit-Related Disclosures

On December 6, 2018, SEC Chairman Jay Clayton, at an event hosted by Columbia University’s School of International Public Affairs, reviewed the SEC’s achievements in 2018 and outlined his views on its rulemaking agenda and priorities for 2019. He also took the opportunity to highlight a few significant risks that the SEC staff is monitoring, including the potential effects of Brexit on U.S. investors and securities markets, as well as on global financial markets more generally. Importantly, Chairman Clayton indicated that he has directed the SEC staff to focus on Brexit-related disclosure.

Since the June 2016 Brexit referendum, we have chronicled in a series of client memoranda the tremendous level of uncertainty and potentially far-reaching effects of the different Brexit scenarios. Public companies are not alone in worrying about Brexit; securities regulators have from time to time highlighted the obvious: Brexit has the potential to pose a range of challenges for businesses and the markets, depending on which scenario or combination of scenarios plays out. In particular, as long as a “no-deal” Brexit remains a possibility, a myriad of materially adverse developments could be only a few months away.  In this respect, public companies, regardless of where they are listed, need to assess the potential impact of the various Brexit scenarios and craft appropriate disclosure in their risk factor sections, business descriptions and analysis of results.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3978335/11dec18-brexit-sec.pdf

For the full text of our most recent Brexit update, please see:
https://www.paulweiss.com/media/3978293/26nov18-brexit-update.pdf

Previously Reported 2018 Developments (First through Third Quarters)

7. President Trump Signs CFIUS Reform Legislation

President Trump signed the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (“FY 2019 NDAA”) (H.R. 5515) into law on August 13, 2018. One subtitle of the FY 2019 NDAA, entitled the “Foreign Investment Risk Review Modernization Act of 2018” (“FIRRMA”), reforms the current interagency process for reviewing foreign investments that raise national security issues. After a lengthy House-Senate conference to resolve differences between the versions of the legislation that had passed the House of Representatives in May and the Senate in June, the House passed the compromise version of the FY 2019 NDAA on July 26 and the Senate did likewise on August 1.  While many of the provisions of FIRRMA will not take effect until the earlier of 30 days following the publication of final regulations in the Federal Register or February 13, 2020, the legislation authorizes the creation of pilot programs to implement provisions of FIRRMA that did not become effective immediately upon enactment.  On October 10, 2018, the Treasury Department issued interim regulations creating the first of such pilot programs, which went into effect on November 10, 2018, along with a second set of regulations making technical amendments to the existing Committee on Foreign Investment in the United States (“CFIUS”) regulations to reflect both the pilot program and the changes brought about by FIRRMA (which went into effect on October 11, 2018).  The pilot program will end on the earlier of (i) the day on which the Treasury Department issues regulations fully implementing FIRRMA or (ii) March 5, 2020.

When fully implemented, FIRRMA will cause fundamental changes in the foreign investment review process overseen by CFIUS, including the broadest expansion in CFIUS jurisdiction since this interagency committee was reconstituted in 1988. In particular, FIRRMA will expand the range of transactions subject to CFIUS jurisdiction to include certain investments in areas related to critical infrastructure, critical technologies and national security-sensitive data collection. Further, FIRMMA will require mandatory filings with CFIUS for any transaction where a U.S. business (dealing in the areas listed above) is acquired by a foreign person in which a foreign government has, directly or indirectly, a “substantial interest.”  Under the initial pilot program, CFIUS will (i) exercise jurisdiction over certain non-controlling, non-passive foreign investments in U.S. businesses that involve critical technology and certain industry sectors and (ii) introduce the mandatory CFIUS filing requirement with respect to foreign acquisitions of control over, as well as certain non-controlling, non-passive foreign investments in, U.S. businesses that involve critical technology in certain industry sectors.

For the full text of our memorandum regarding FIRRMA, please see:
https://www.paulweiss.com/media/3977953/13aug18-cfius-reform.pdf

For the full text of our memorandum regarding the initial pilot program, please see:
https://www.paulweiss.com/media/3978244/26oct18-cfius-pilot.pdf

8. SEC Proposes Simplified Disclosure Requirements for Guaranteed and Secured Notes in Registered Offerings

On July 24, 2018, the SEC proposed rules amending and simplifying the financial disclosure requirements of Rule 3-10 of Regulation S-X for guarantors and issuers of guaranteed securities registered with the SEC and of Rule 3-16 of Regulation S-X for affiliates whose securities collateralize registered securities. The proposed rules are intended to focus disclosures in the context of registered debt offerings on material information, make the disclosures easier to understand, reduce the cost of compliance and encourage potential issuers to offer guaranteed or collateralized securities on a registered basis or on a private basis with registration rights, thereby affording investors protections they may not be provided in “Rule 144A-for-life” offerings.

If adopted, the proposed rules would amend a portion of Rule 3-10, and relocate part of Rule 3-10 and all of Rule 3-16 to new Article 13 of Regulation S-X.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977950/6aug18-sec.pdf

For the SEC’s announcement of the proposed rule, please see:
https://www.sec.gov/rules/proposed/2018/33-10526.pdf

9. SEC Adopts Updates to Rationalize Disclosure Requirements

On August 17, 2018, the SEC adopted amendments to certain of its disclosure requirements that have become redundant, duplicative, overlapping, outdated or superseded, in light of other SEC disclosure requirements, U.S. Generally Accepted Accounting Principles (“U.S. GAAP”), International Financial Reporting Standards (“IFRS”) and changes in the information environment. The SEC also adopted amendments to certain disclosure requirements that overlap with, but require information incremental to, U.S. GAAP, and referred other disclosure requirements to the Financial Accounting Standards Board for potential incorporation into U.S. GAAP.

The amendments are an effort to streamline the SEC’s disclosure requirements and do not significantly alter the total mix of information currently provided to investors or otherwise implement the substantive revisions to Regulation S-K discussed in the SEC’s April 2016 concept release, “Report on Review of Disclosure Requirements in Regulation S-K.” The amendments are a result of the SEC’s Disclosure Effectiveness Initiative, a comprehensive evaluation of the SEC’s disclosure requirements with the objective of improving the disclosure regime for both investors and companies, and also implement a requirement under the Fixing America’s Surface Transportation Act that the SEC eliminate provisions of Regulation S-K that are duplicative, overlapping, outdated or unnecessary.

In several cases, the amendments will result in the relocation of disclosures within a filing—often from the non-financial portion of the filing to the financial statements—potentially changing the prominence or context of both the relocated disclosures and the remaining disclosures. Certain amendments will replace existing rules that have bright line disclosure thresholds with rules that do not, potentially changing the disclosure provided to investors.

Disclosure moved into the financial statements as a result of the amendments will be subject to an annual audit or interim review by the issuer’s auditors and to internal control over financial reporting, together with eXtensible Business Reporting Language (“XBRL”) tagging requirements. Consequently, such disclosure will no longer benefit from the safe harbor protections of the Private Securities Litigation Reform Act (“PSLRA”) for forward-looking statements, which may cause companies to be less likely to voluntarily supplement those disclosures with forward-looking information. The converse is also true, and information moved from the financial statements to the text of a registration statement or report will not be subject to annual audit or interim review by the issuer’s auditors and to internal control over financial reporting, together with XBRL tagging requirements, and will benefit from the PSLRA safe harbor.

The amended disclosure requirements are generally technical in nature and went into effect on November 5, 2018. Companies, together with their outside auditors, should carefully consider the new disclosure requirements in connection with the preparation of periodic reports and registration statements anticipated to be filed on or after that date.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977986/4sept18-sec.pdf

For the full text of the adopted final rules, please see:
https://www.sec.gov/rules/final/2018/33-10532.pdf

10. Second Circuit Confirms That Statements of Opinion Need Not Be Accompanied by Disclosure of All Underlying Conflicting Information

On May 1, 2018, in Martin Quartermain, No. 17-2135 (2d Cir. May 1, 2018), the Second Circuit reiterated that plaintiffs must overcome a high bar to plead an actionable misstatement of opinion under Section 10(b) of the Securities Exchange Act of 1934 (the “Exchange Act”). When an issuer’s opinion is honestly held and the issuer has a reasonable basis for its belief, disclosure of underlying conflicting information is not required—“even when the ‘fact’ cutting the other way is the contrary opinion of an expert or authority.” The decision is the second time that the Second Circuit has meaningfully discussed the Supreme Court’s 2015 decision in Omnicare, Inc. v. Laborers District Council Construction Industry Pension Fund.  The Second Circuit’s decision in Martin reaffirmed its prior holding in Tongue v. Sanofi that Omnicare provides broad protections for speakers with a good-faith basis underlying their estimates, projections or opinions.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977757/3may18-pretium.pdf

11. President Signs Dodd-Frank Reform Legislation

On May 24, 2018, following passage in both the House and Senate earlier this year, President Trump signed into law a financial services reform bill relaxing certain elements of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank”). The bill, titled the “Economic Growth, Regulatory Relief, and Consumer Protection Act” (the “Act”), limits the application of various provisions of Dodd-Frank with respect to small and mid-sized banks and raises asset thresholds above which larger banks are subject to increased oversight and regulation. The Act also amends certain other provisions of the federal securities laws.  Unlike earlier proposed legislation seeking a comprehensive re-working of Dodd-Frank, such as the Financial CHOICE Act (see our memorandum on the proposed legislation linked below), the Act preserves the basic structure of Dodd-Frank while making various targeted adjustments.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977813/31may18sec.pdf

For our memorandum on the proposed CHOICE Act, please see:
https://www.paulweiss.com/media/3977148/12june17-choice.pdf

12. Yahoo! Agrees to $35 Million SEC Penalty for Failure to Disclose Cyber Incident

On April 24, 2018, the SEC announced that Altaba, the company formerly known as Yahoo! Inc., agreed to pay a $35 million penalty as part of a cease-and-desist order to settle charges that it misled investors by failing to disclose a significant data breach in which hackers stole personal data relating to hundreds of millions of Yahoo! accounts in 2014. This was the first fine issued by the SEC based on allegations that investors were misled by a company’s failure to disclose a cyberattack and it highlights the SEC’s increasing focus on cybersecurity issues and related disclosure obligations for public companies.

The settlement comes two months after the SEC’s release of guidance to assist public companies in preparing disclosures concerning cybersecurity risks and incidents. The guidance, discussed in a prior client alert discussed below, noted that cybersecurity risk management policies and procedures are key elements of enterprise-wide risk management, including as it relates to compliance with the federal securities laws. Registrants were reminded to assess whether they have sufficient disclosure controls and procedures in place to ensure that relevant information about cybersecurity risks and incidents is processed and reported to the appropriate personnel, including up the corporate ladder, to enable senior management to make disclosure decisions and certifications.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977759/3may18-yahoo.pdf

For the cease-and-desist order, please see:
https://www.sec.gov/litigation/admin/2018/33-10485.pdf

13. SEC Issues Updated Guidance on Cybersecurity Disclosure

On February 21, 2018, the SEC issued an interpretive release providing guidance to assist public companies in preparing disclosures concerning cybersecurity risks and incidents. The release supplements guidance provided by the SEC in October 2011, and emphasizes the need for comprehensive policies and procedures related to cybersecurity risks and incidents in order to ensure compliance with disclosure obligations and to prevent insider trading. Items addressed include disclosure obligations relating to materiality, risk factors, MD&A, description of business, legal proceedings, financial statements and board risk oversight.  The interpretive guidance also addressed disclosure controls and procedures and selective disclosure.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977641/27feb18-cybersecurity.pdf

For the full text of the SEC’s interpretive release, please see:
https://www.sec.gov/rules/interp/2018/33-10459.pdf

14. SEC Approves NYSE Rule Change to Facilitate Listing Without an Initial Public Offering

On February 2, 2018, the SEC approved a change to the New York Stock Exchange (“NYSE”) listing standards designed to facilitate the direct listing of a company’s shares without conducting an initial public offering. Prior to the rule change, a company that had not previously had its common equity securities registered under the Exchange Act could list without conducting an IPO, at the discretion of the NYSE, if the value of its publicly held shares was at least $100 million, based on the lesser of an independent third-party valuation of the company and the most recent trading price for the company’s shares in another trading market. The rule change eliminates the requirement to have another trading market trading price if there is a valuation from an independent third party of at least $250 million in market value of publicly held shares.

Under the amended rule, a direct listing will require a company to file a resale registration statement for its outstanding shares previously issued in private placements, which will be subject to SEC review and comment. Accordingly, as with listings in connection with IPOs, companies making a direct listing will be subject to restrictions on publicity and the liability provisions of the Securities Act of 1933, as amended. However, a direct listing would eliminate the underwriters’ discounts and commissions of a traditional IPO, would avoid dilution of existing shareholders (as there would be no new issuance at the time of initial listing), and would eliminate the contractual restrictions (lock-ups) on resales imposed by underwriters.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977626/15feb18-sec.pdf

For the SEC’s approval of the proposed rule change, please see:
https://www.sec.gov/comments/sr-nyse-2017-30/nyse201730-2782322-161654.pdf

15. Delaware Court of Chancery Uses DCF Analysis to Appraise Merger Target below Deal Price

On February 23, 2018, in In re Appraisal of AOL Inc., the Delaware Court of Chancery, in an opinion by Vice Chancellor Glasscock, relied solely on its own discounted cash flow (“DCF”) analysis to appraise the fair value of AOL Inc. below the deal price paid in its acquisition by Verizon Communications Inc. While reiterating that deal price is the best evidence of fair value, and must be taken into account, when appraising “Dell compliant” transactions (i.e., those where “(i) information was sufficiently disseminated to potential bidders, so that (ii) an informed sale could take place, (iii) without undue impediments imposed by the deal structure itself”), the court held that this was not such a transaction. The court found that certain of the deal protections combined with informational disparities between potential bidders and certain actions of the parties were preclusive to other bidders, and therefore, the court assigned no weight to deal price in its fair value determination.  Applying its own DCF analysis, the court ultimately determined fair value to be approximately 3% lower than the deal price (possibly due to synergies), thus continuing a string of recent appraisal decisions finding fair value at or below deal price.

For the full text of our memorandum, please see:
https://www.paulweiss.com/media/3977644/28feb18-aol.pdf

*       *       *

For the full text of our Q3 & Q2 U.S. Legal and Regulatory Developments memorandum, please see:

https://www.paulweiss.com/media/3978252/7nov18-q3-q2-canada-quarterly.pdf

For the full text of our Q1 U.S. Legal and Regulatory Developments memorandum, please see:

https://www.paulweiss.com/media/3977774/8may18canada.pdf

For a discussion of certain other developments not highlighted above, please see our memoranda available at:  
http://www.paulweiss.com/practices/region/canada.aspx

*       *       *