There are a number of recent developments in U.S. securities regulation that will be noteworthy to some Canadian companies.
While we cover a broad range of matters here, generally these developments can be categorized as addressing two focal points of U.S. federal securities regulators in recent years: decreasing the burdens of public capital raising and adapting the U.S. securities regime to new technological developments.
Testing the waters
The SEC may soon permit any company to test the waters for a U.S. public offering. Currently, only emerging growth companies (annual revenue < US$700 million) and their investment banks are permitted to test the waters by talking to sophisticated institutional investors. For details, including a Canadian comparison, see "U.S. public offerings: All companies may soon be permitted to test the waters."
In Torys’ recent letter to the OSC on reducing securities regulatory burdens, we suggested expanding the Canadian rules on testing the waters to permit it for all offerings, not just IPOs. This would harmonize better with the U.S. rule and streamline cross-border capital markets activities, as companies and bankers could get earlier indications of investor interest in offerings.
Reducing regulatory burden
Securities regulators on both sides of the border are considering ways they can reduce the number and complexity of rules governing public companies. One area of focus is earnings releases and quarterly reports. The SEC has solicited feedback on their costs and benefits, including whether they cause companies to focus too much on short term results. Moving to a system of semi-annual reporting, as in Europe, would be a significant change for the North American capital markets, and the views of institutional investors will be an important factor for regulators to consider. For details about the OSC’s burden reduction task force, see "Reducing regulatory burdens for market participants: new Ontario task force." Torys has submitted a comment letter to the OSC in which two key themes are cross-Canada harmonization and Canada-U.S. harmonization.
Focus on cybersecurity
The SEC’s Division of Enforcement recently cautioned public companies that they may need to reassess their internal accounting controls in light of cyber threats. A report on investigations of nine public companies representing a variety of industries shows that they lost a combined US$100 million as a result of cyber fraud. No enforcement actions were brought against the companies but the report states that public companies must calibrate their internal accounting controls to the current risk environment.
In Canada, OSFI recently published a bulletin laying out its expectations for cybersecurity incident reporting by the financial institutions it regulates. The bulletin complements OSFI’s 2013 cybersecurity self-assessment guidance on incident management. OSFI expects financial institutions to report, within 72 hours, cybersecurity incidents of high or critical severity that materially impact normal operations. Reports must include the known or suspected root causes and impacts of the incident, whether it originated at a third party, and mitigation actions taken by the financial institution. Updates for the duration of the incident, and a post-incident review, are also required. These reporting obligations became effective March 31.
Companies’ non-GAAP financial measures in earnings releases and MD&A are under scrutiny by the SEC and Canadian securities regulators. The SEC recently settled enforcement charges against ADT Inc., imposing a fine of US$100,000—not a large fine but symbolically important because ADT was not alleged to have misled the market. Instead, ADT simply gave greater prominence to non-GAAP measures than GAAP measures in its earnings releases by putting non-GAAP measures in the headlines and highlights section. Styling earnings releases this way is fairly common among Canadian public companies, despite guidance from securities regulators that this is impermissible. The Canadian regulators recently took steps to ensure better compliance by proposing clear rules matching the SEC’s regime on how non-GAAP measures can be presented. For details, see "Non-GAAP Financial Measures: Canada's Securities Regulators Propose Stricter Rules."
For several years, U.S. and Canadian public companies have had to disclose to the market whether directors and executives are permitted to hedge their holdings of company securities (whether acquired as compensation or otherwise). Now, the SEC is broadening its rule to cover all employees, not just executives. Companies that do not have a hedging policy must disclose that fact (or indicate that the company permits hedging). Companies are not required to disclose actual hedging transactions that have occurred.
U.S. companies must comply with the new SEC rule in their proxy statements for fiscal years ending on or after July 1, 2019, except that emerging growth companies and smaller reporting issuers have an extra year’s grace period. Most Canadian companies are exempt from the new SEC rule. The comparable Canadian hedging disclosure rule covers only the highest-paid executives. As a matter of good governance, we believe that more and more companies are likely to adopt anti-hedging policies in line with the expanded SEC rule.
Critical audit matters
Auditors will soon have to describe critical audit matters (CAMs) in their audit reports. The change will be phased in for large companies in 2020 and other companies in 2021. CAMs are matters arising from an audit that were communicated (or should have been communicated) to the audit committee relating to material accounts or disclosures or involving challenging, subjective or complex judgments by the auditor. All SEC-reporting companies will be affected, even MJDS companies.
The Canadian equivalent to CAMS are Key Audit Matters (KAMs). The Canadian deadline for KAM disclosure has been harmonized with the U.S. timeline; auditors of TSX-listed companies (except investment funds) will have to disclose KAMs in their audit reports beginning in 2020.
Auditors of cross-border public companies will have to comply with the CAM and KAM rules. We understand that accounting firms are currently considering whether this will be possible in a single audit report.
Disclosure on board diversity
There are regulations pending under the CBCA that will, if enacted, require disclosure addressing board composition in terms of gender, visible minorities, aboriginal people and people with disabilities. An open question is whether CBCA companies, in order to make the required disclosure, will have to formally request directors to identify themselves as belonging to one or more of the enumerated categories. Directors of CBCA companies may or may not want to do this, and those who do may want the opportunity to consent (or not) before the company discloses sensitive information about diversity on the board.
Recent SEC guidance may be helpful if the CBCA regulations are enacted without addressing the matter of consent. (The SEC guidance is technically limited to companies that are subject to the U.S. proxy rules—not MJDS companies or other foreign private issuers, who file annual reports on Form 40-F or 20-F.) The guidance indicates that if directors self-identify (i.e., voluntarily identify) their race, gender identity, ethnicity, religion, nationality, disability, sexual orientation or cultural background, that information should inform the company’s disclosure about board diversity, if the individual has consented to the disclosure.
Digital assets and the scope of securities laws
The growing popularity of digital assets like cryptocurrency has raised the question whether these assets fall within the regulatory ambit of U.S. and Canadian securities laws. The SEC’s FinHub recently published guidance to help market participants determine whether a digital asset is a “security.” If so, the offer, sale and resale of the digital asset must comply with securities laws, including the requirement to register with the SEC (or ensure an exemption is available) and the prohibition on disseminating misleading information to investors. Similarly, in 2018 Canadian securities regulators published cautionary guidance about token offerings—see "Token Offerings: Caution and Advice from Securities Regulators" for details.
The investment contract test in the seminal 1946 U.S. Supreme Court decision in SEC v. W.J. Howey is critical in assessing whether a unique or novel instrument is a security. The same test is applied under Canadian case law. Howey established that an investment contract exists when someone invests money in a common enterprise with a reasonable expectation of profit to be derived from the managerial efforts of others. Factors affecting whether there is an expectation of profit from the efforts of others include:
the role played by management (e.g., developing, enhancing and promoting a digital asset’s network, creating and supporting a liquid market for the asset, and making decisions about the rights associated with the digital asset and other key managerial and governance judgments);
the rights of holders of the asset (e.g., the opportunity to share in the enterprise’s income or profits or to realize gain from capital appreciation); and
how and to whom the digital asset is marketed (e.g., targeting users who care most about the functionality of the asset vs. targeting financial contributions from investors who care most about the financial features of the asset).
Applying the Howey test, SEC staff recently issued a no-action letter to Turnkey Jet Inc. (TKJ) stating that the Division of Corporation Finance would not recommend enforcement action against TKJ’s sale of tokens, provided that:
the tokens are marketed for their functionality - to purchase air charter services – and not for their potential to increase in market value over time;
the tokens will be immediately usable for their intended purpose and will not be transferable except to wallets within TKJ’s platform;
the tokens will be sold for US$1 each, representing an obligation of TKJ to supply air charter services worth US$1 per token; and
TKJ is not using the funds from the sale of tokens to develop its platform, network or app.
Nasdaq listings of non-convertible bonds
Nasdaq had decided to begin listing non-convertible bonds. The principal amount outstanding or the market value must be ≥ US$5 million, and the issuer must have equity securities listed on Nasdaq or the NYSE.