Disclosure in Focus: It’s Not Just the Climate Rule

The companies we advise have never been more diverse. They compete in wide-ranging industries, markets, and jurisdictions. They face varying risks, and operate under different rules. No two have identical needs, prospects, goals, or values.

Yet for nearly all of our clients these days, one item is fast becoming a common area of focus: disclosure.

Investors demand it and policymakers regulate it. Plaintiffs seek it and courts order it. Compliance teams prepare it, law enforcement encourages it, and many consumers shun companies that fail to produce it.

Companies invest extraordinary time and energy in disclosure-related work. And if recent history is any guide, the end is nowhere in sight.

In this edition of Vantage Point, three disclosure developments we’re watching closely.

The SEC’s Climate Rule Arrives: Is Anyone Happy?

By now you’ve heard the news.

After nearly two years of ferocious debate among policymakers and lobbyists across the political spectrum, the SEC voted 3–2 last Wednesday to adopt its controversial climate disclosure rule.

But don’t expect the controversy to end.

As had been widely anticipated in recent weeks, the final rule turned out far weaker than the 2022 proposal. And no one seems especially happy with where the Commission landed.

The headline change is the most contentious: dropping a requirement for companies to disclose greenhouse gas emissions that result from activities in their value chains — often referred to as Scope 3 emissions. But the Commission didn’t stop there.

Instead of mandating that all SEC-registered companies disclose emissions generated from operations (Scope 1) and energy purchases (Scope 2), as the proposal did, the final rule requires this disclosure only for larger companies that the SEC classifies as accelerated filers and large accelerated filers.

The rule’s materiality threshold is another major change. Companies must disclose Scope 1 and 2 emissions only if they are “material” — essentially, if a reasonable investor would consider knowing about them important when making an investment or voting decision.

A materiality threshold also applies to various items associated with companies’ consideration of climate-related risks.

In hollowing out the rule, SEC Chair Gary Gensler will have hoped to satisfy both his allies and critics, dissuading court challenges while delivering what climate activists would consider a key step toward a long-held priority.

So far he looks to have accomplished neither. Hours after the vote, climate activists were assailing the rule as a capitulation to big business, and two petitions aiming to block the rule — one in the Fifth Circuit and one in the Eleventh — were already under way.

Where to from here?

Until a court grants a preliminary stay — and the stay is no longer subject to appeal — companies should expect the rule to go into effect as scheduled.

That means beginning to prepare right away. The work will be complex, time-consuming, and expensive, and the compliance deadlines will be here before we know it.

Our attorneys share their five key takeaways from the landmark rule.

Balancing Act: Cybersecurity Disclosure Poses Competing Challenges

The SEC requires US public companies to file an annual report containing highly detailed information about their financial condition, and preparing the report is never easy work.

But beginning this year, compliance teams face a new layer of complexity: the SEC’s new cybersecurity disclosure rules.

Adopted last July, the rules require companies to disclose a range of cybersecurity-related information in their annual reports, including how they identify, manage, oversee, and respond to risks from cybersecurity threats.

Companies face competing challenges here: preparing robust disclosure that complies with the new rules and demonstrates strength in cybersecurity to investors, while taking caution not to reveal so much information that they open themselves to attack.

How can companies strike the right balance?

Three priorities will be essential: excluding details that could create a roadmap for malicious actors to breach their systems or those of their customers, avoiding promises they’re not prepared to deliver on, and acknowledging material cybersecurity risks and prior incidents.

Our lawyers with more on getting this disclosure right.

‘Call Us Before We Call You’: A New Individual Self-Disclosure Program

Government authorities continue to introduce new ways and incentives for individuals to self-report criminal conduct, and the Southern District of New York’s (SDNY) new Whistleblower Pilot Program is a prime example.

Under the program, the SDNY will enter into a non-prosecution agreement with individuals who disclose information about specific criminal offenses and meet certain eligibility criteria.

As our lawyers explain, the program applies to individuals, but companies have much to consider around the program’s incentives for employees and consultants, as well as their approach to conducting internal investigations and evaluating whether to self-disclose.

So far, the SDNY is the only US Attorney’s Office to implement this type of self-reporting program, but others could easily follow suit.

Companies should thus remain vigilant — and maintain an effective compliance program — to detect and rectify potential misconduct before it is reported to the government.

Interested in more insights from Vinson & Elkins? Choose your areas of interest — and subscribe here.