This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
  1. Blogs

A Fresh Take

Insights on M&A, litigation, and corporate governance in the US.

All Posts
| 16 minutes read

A Practical Calendar for SEC Rule Change Compliance: Spring 2023 and Beyond

Get in touch

Avatar
Avatar
Avatar
Zo Khalid
Associate

+7 more...

Get in touch

Avatar
Avatar
Avatar
Zo Khalid
Associate
Avatar
Evelyne Kim
Associate
Avatar
Nicole Foster
Partner
Avatar
Lori Goodman
Partner
Avatar
Brandon Gantus
Partner
Avatar
Avatar
Sonia Bennett
Associate
Avatar
Daniel Fox
Associate

The SEC adopted a flurry of new and amended rules in the last few months and as the various requirements of these rules go into effect, this will lead to changing disclosure requirements for SEC registrants. With new disclosures related to share repurchases, executive compensation clawback policies, 10b5-1 plans and cybersecurity incidents, among others, keeping track of when different disclosure and compliance requirements are applicable is a complex maze for in-house counsel.

In the below chart, we outline the timeline for compliance, noting when ongoing reporting obligations are first applicable, and we discuss additional practical implications below the chart (as the information in the chart is a summary of the changes, the chart is of course not a substitute for referring to the rules themselves). For more information about the specifics of each of the different rules by topic, see our prior blog posts [1]:

Key Dates &
Deadlines [2]		Disclosure Requirements

Relevant Rule

Disclosure Frequency
Beginning January 11, 2023
  • Registrants are required to furnish their “glossy” annual reports electronically on EDGAR (in PDF format) no later than the date on which the report is first distributed to stockholders
  • Rule 101(a) of Regulation S-T

Annually

Beginning February 27, 2023
  • Amended 10b5-1 rules take effect, including a requirement to have registrants receive certifications from directors and Section 16 officers upon adoption or modification of their 10b5-1 plans
  • Rule 10b5-1

Beginning April 1, 2023

New Form 4 disclosures

  • 10b5-1 plans: Form 4s (and Form 5s) filed on or after April 1, 2023 include
    • a checkbox disclosing whether the purchases or sales reported are intended to satisfy the affirmative defense conditions of Rule 10b5-1(c) and 
    • a requirement to disclose the adoption date of the relevant 10b5-1 plan in the “Explanation of Responses”
  • Bona fide gifts of equity securities: Reported on Form 4 (within 2 business days following the transaction date)




As needed

Beginning April 13, 2023
  • New Form 144 rules require Form 144 filings to be filed electronically on EDGAR*
  • Rule 101(a) of Regulation S-T

As needed

Beginning Late Summer 2023

Q2 Form 10-Q and quarterly thereafter

Use of Rule 10b5-1 by a registrant’s directors or Section 16 officers

  • Disclose whether, in the most recently completed fiscal quarter, any director or Section 16 officer adopted, modified or terminated a “Rule 10b5-1(c) trading arrangement” or “non-Rule 10b5-1 trading arrangement” each as defined in Item 408(c) of Regulation S-K for the purchase or sale of a registrant’s securities
  • This disclosure must include the material terms of the contract or plan (other than the price at which trades are to be executed), including:*
    • the name and title of the director or Section 16 officer;
    • the date on which the plan was adopted, modified or terminated;
    • the duration of the plan;
    • the aggregate number of securities to be sold or purchased under the plan; and
    • whether the 10b5-1 plan is a “Rule 10b5-1(c) trading arrangement” or “non-Rule 10b5-1 trading arrangement”
  • Item 408(a) of Regulation S-K

Quarterly

December 1, 2023
  • Deadline for registrants listed on a U.S. exchange to adopt an effective executive compensation clawback policy, including approval by the compensation committee or board, as applicable 
    • Clawback policies to cover executive incentive compensation received or deemed received on or after the October 2, 2023 effective date




Beginning December 18, 2023

New Form 8-K requirement: cybersecurity incident reporting

  • Registrants must disclose any material cybersecurity incident they experience and describe the material aspects of the incident’s nature, scope and timing, as well as the material impact (or reasonably likely material impact) on the registrant, including its financial condition and results of operations
  • Subject to limited exceptions, reporting required within four business days of the registrant’s determination that it has experienced a material cybersecurity incident (which determination must be made without unreasonable delay after discovery of the incident)
    • Filing may be delayed if the U.S. Attorney General determines that immediate disclosure would pose a substantial risk to national security or public safety
  • If any required information was not determined or was unavailable at the time of the original filing, registrants must disclose that fact in the original Form 8-K and file an amendment with such information when determined (without unreasonably delay) or when available
  • Failure to file under Item 1.05 does not impact Form S-3 eligibility
  • Item 1.05 of Form 8-K
Current Reporting

Beginning Winter 2024

Form 10-K for FY 2023 and quarterly thereafter

Disclosure of share repurchases by the registrant or its “affiliated purchasers”

  • Disclosure of daily purchases by or on behalf of the registrant or any “affiliated purchasers” (as defined in Rule 10b-18 of the Exchange Act) as an exhibit in tabular format:*
    • the purchase date;
    • the class of shares;
    • the total number of shares purchased on such date;
    • the average price paid per share;
    • the total number of shares purchased on this date as part of publicly announced repurchase plans or programs;
    • the aggregate maximum number of shares that may yet be purchased under any announced repurchase plans or programs;
    • the total number of shares purchased on such date in the open market;
    • the total number of shares purchased on such date that are intended to qualify for the Rule 10b-18 safe harbor; and
    • the total number of shares purchased on such date that are intended to satisfy the affirmative defense conditions of Rule 10b5-1(c) 
  • By footnote to the table, disclose the date any plan that is intended to satisfy the affirmative defense conditions of Rule 10b5-1(c) for the plans covering shares described in the last column of the table was adopted or terminated
  • Check the checkbox to indicate whether any officer or Section 16 officer purchased or sold shares that are subject of a publicly announced plan or program within 4 business days before or after the registrant’s announcement of such repurchase plan or program or the announcement of an increase of an existing share repurchase plan or program
  • Item 601(b)(26) of Regulation S-K

Quarterly

Additional disclosure of share repurchases

  • Narrative disclosure relating to the following information must also be included:*
    • the objectives or rationales for each repurchase plan or program and the process or criteria used to determine the amount of repurchases;
    • the number of shares purchased other than through a publicly announced plan or program and the nature of the transaction;
    • for publicly announced repurchase plans or programs,
      • the date each plan or program was announced,
      • the dollar or share amount approved,
      • the expiration date of each plan or program,
      • each plan or program that has expired during the covered period, and
      • each plan or program the registrant terminated prior to expiration or under which it does not intend to make further purchases; and
      • any policies and procedures relating to purchases and sales of the registrant’s securities by its officers and directors during a repurchase program, including any restrictions on such transactions
  • Item 703 of Regulation S-K 

Quarterly


Disclosure related to the registrant’s clawback policy

  • File the clawback policy as an exhibit to the annual report on Form 10-K
  • Disclosure via checkbox on Form 10-K indicating:*
    • whether the financial statements included in the filing reflect the correction of any error to previously issued financial statements; and
    • whether any of those corrections are restatements that required a recovery analysis
  • Item 601(b)(97) of Regulation S-K

Annually

Disclosure when clawback policy is triggered

  • If the clawback policy has been triggered, disclosure of recovery of excess incentive-based compensation, including:*†
    • the amount of excess incentive-based compensation recoverable under the registrant’s clawback policy;
    • an analysis of how the amount was calculated; and
    • to the extent the board determined recovery was impracticable, an explanation of the determination not to pursue recovery
  • Item 402(w)(1)-(2) of Regulation S-K

Annually

Disclosure when clawback policy is triggered

  • If excess incentive-based compensation previously paid to named executive officers and disclosed in a prior proxy statement has been received:*†
    • The amounts recovered under the registrant’s clawback policy must be deducted from the summary compensation disclosure relating to the year in which the relevant incentive compensation was reported, with the recovered amounts to be identified via footnote
  • Item 402(c) of Regulation S-K

Annually


Disclosure of cybersecurity risk management, strategy and governance

  • A description of the registrant’s process, if any, for assessing, identifying and managing material risks from cybersecurity threats, addressing, as applicable:
    • whether and how any such processes have been integrated into the registrant’s overall risk management system or processes;
    • whether the registrant engages assessors, consultants, auditors, or other third parties in connection with any such processes; and
    • whether the registrant has processes to oversee and identify such risks from cybersecurity threats associated with its use of any third-party service provider
  • A description of whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to affect the registrant, including its business strategy, results of operations or financial condition (and if so, how).
  • Disclosure regarding cybersecurity governance and oversight, including:
    • the board of directors’ oversight of risks from cybersecurity threats, including, if applicable, identification of any board committee or subcommittee responsible for oversight of risks from cybersecurity threats and description of the processes by which the board or such committee is informed about such risks; and
    • management’s role in assessing and managing the registrant’s material risks from cybersecurity threats, addressing, as applicable:
      • whether and which management positions or committees are responsible for assessing and managing such risks, and their relevant expertise;
      • the processes by which such persons or committees are informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents; and
      • whether such persons or committees report information about such risks to the board of directors or a committee or subcommittee of the board of directors
  • Item 106 of Regulation S-K
Annually
Beginning December 18, 2024Tagging of cybersecurity incident reporting on Form 8-K* 
  • Registrants must begin tagging cybersecurity incident disclosure in Inline XBRL
  • Item 1.05 of Form 8-K
Current Reporting

Beginning Winter 2025

Form 10-K for FY 2024 and annually thereafter


Disclosure of the registrant’s insider trading policy as an exhibit

  • File any insider trading policies or procedures as an exhibit to the annual report on Form 10-K
  • Item 601(b)(19) of Regulation S-K

Annually

Disclosure related to the registrant’s insider trading policy 

  • Disclose whether the registrant has adopted insider trading policies and procedures designed to promote compliance with insider trading laws, regulations and listing standards, or explain why the registrant has not*†
  • Item 408(b) of Regulation S-K

Annually


Disclosure of option awards made close in time to the release of material nonpublic information, including

  • If applicable, tabular disclosure of each option award, stock appreciation right or other option-like instrument granted in the past fiscal year to a named executive officer within 4 business days before and 1 business day after the filing of a Form 10-Q or Form 10-K or release of material non-public information, including*†
    • the name of the named executive officer;
    • the grant date;
    • the number of underlying securities;
    • the exercise price;
    • the grant date fair value; and
    • the percentage change in the closing market price of the securities underlying the award between 1 trading day before and after the release of material non-public information
  • Narrative disclosure of the registrant’s policies and practices on the timing of awards of options in relation to the disclosure of material nonpublic information, including:*†
    • how the board determines when to grant such awards;
    • whether and, if so, the board takes material nonpublic information into account when determining the timing and terms of such an award; and
    • whether the registrant has timed the disclosure of material nonpublic information for the purpose of affecting the value of executive compensation
  • Item 402(x) of Regulation S-K

Annually



Tagging of cybersecurity risk management, strategy and governance disclosure*

  • Registrants must begin tagging required disclosure in Inline XBRL

  • Item 106 of Regulation S-K
Annually

Additional Considerations and Tips for Compliance

Please refer below for additional details on the new SEC rules discussed above along with practical recommendations to help registrants address the broader implications of the new rules. 

Section 16 Filings

Recommendations: 

  • Registrants should consider advising their Form 4 filers to review their gifting and estate planning practices with their personal advisors to ensure compliance with the two-day filing deadline for reporting gifts of equity securities
  • For registrants that handle Section 16 filings for directors and Section 16 officers, ensure there is sufficient training and that internal practices are updated to allow for the registrant to continue making timely filings on their behalf

10b5-1 Trading Plans

Recommendations:

  • Review internal processes to ensure that they are designed to review and track insider trading plans for purposes of complying with the new disclosure obligations
  • Educate directors, Section 16 officers and other employees with 10b5-1 plans regarding the new rules (e.g., cooling off periods, new director and Section 16 officer certifications and reporting of bona fide gifts) to ensure compliance
  • Review the registrant’s reporting calendars to ensure directors, officers and others understand how compliance with the new “cooling off” period requirements align with registrant practices on open windows
  • Be mindful of the sell-to-cover exception when approving full value equity awards and managing equity award programs to allow insiders to take advantage of this exception (if desired), in particular consider:
    • For registrants that provide for a sell-to-cover mechanism for settling tax withholding obligations, approve a non-discretionary sell-to-cover tax withholding mechanism as part of the equity award grant or equity award program; and/or
    • Eliminate the discretion for insiders (e.g., directors, officers and others who might potentially possess material non-public information) to select their tax withholding percentages and methods for equity compensation awards

Rule Recap:

  • Trading plans adopted or modified on or after February 27, 2023 are subject to new requirements
    • Cooling off period for first trades to begin after adoption or modification of a 10b5-1 plan
      • Directors and Section 16 officers: later of 90 days or 2 business days after a Form 10-Q or Form 10-K filing for the fiscal quarter in which the plan was adopted (up to a maximum of 120 days)
      • All others: 30 days 
    • Director and Section 16 officer certification (which can be included in the Rule 10b5-1 plan as a representation)
      • At the time of adoption or modification of any 10b5-1 plan, directors and Section 16 officers must certify, via representations in the 10b5-1 plan, that:
        • They are not aware of any material non-public information about the registrant or its securities; and
        • They are adopting the plan in good faith and not as part of a plan or scheme to evade the prohibitions of Rule 10b-5
    • Clarification that 10b5-1 plans must be entered into in good faith and not as part of a plan or scheme to evade the prohibitions of Rule 10b5-1 and the person who entered into the plan has acted in good faith with respect to the plan 
    • Limitations on the ability for persons, other than registrants, to rely on the affirmative defense for a single-trade plan to one single-trade plan during any consecutive 12-month period
    • The affirmative defense under Rule 10b5-1 is not available for persons, other than registrants, entering into overlapping 10b5-1 plans with limited exceptions for:
      • separate contracts with different broker dealers due to securities being held in different accounts (treated as a single plan);
      • sell-to-cover transactions undertaken to satisfy tax withholding obligations arising from the vesting or settlement of compensatory awards (other than stock options); and
      • two separate plans where trades under the later-commencing plan is not authorized to begin until all trades under the earlier-commencing plan are completed or expire without execution and after the “effective” cooling off period has elapsed (except for expiring plans that are not terminated or modified where trades under the later-commencing plan may begin immediately following the expiration of the expiring plan)

Insider Trading Policies

Recommendations:

  • Update insider trading policies or 10b5-1 plan policies to align with the amendments to Rule 10b5-1 (including cooling off periods, overlapping or single-trade plans, amendments/terminations of existing plans and applicability to gifts) 
  • Pay particular attention to blackout periods when reviewing insider trading policies as these policies will be required to be publicly disclosed

Share Repurchases

Recommendations:

  • Carefully consider and plan for how the justifications, triggers and timing of repurchase programs and repurchase activity will be perceived by investors, stakeholders and regulators
  • Limit or coordinate transactions that would trigger potentially unfavorable disclosure
  • Incorporate the repurchase activity reporting and qualitative disclosure into disclosure controls and procedures by:
    • carefully considering how to implement these new requirements in disclosure controls and procedures;
    • assessing whether any changes will be required; and
    • communicating as necessary with disclosure committees, internal or external auditors or audit committees and modifying upward certification processes

Option Awards

Recommendations:

  • Consider adopting new or amending existing option grant policies to provide specific parameters for granting option awards to reduce the discretion registrants can exercise when granting such awards
    • e.g., prescribing a predetermined, non-discretionary schedule for granting option awards
  • Be mindful of when option awards are granted to named executive officers to avoid triggering the new tabular disclosure of option awards granted close in time to the release of material non-public information
    • e.g., registrants may need to reschedule preestablished board or compensation committee meetings at which option grants are scheduled to be made

Compensation Clawback Policies

Recommendations:

  • Review existing clawback policies for compliance with the anticipated new listing standards
  • Consider whether go-forward clawback policy will include provisions beyond the legal requirements (e.g., clawback on misconduct)
  • Prepare a compliant clawback policy and make any other amendments to existing compensation plans or arrangements with the compensation committee and board calendars 
  • Socialize the clawback policy among management, the compensation committee and/or board and other key stakeholders
  • Implement compliance practices to align with new clawback policy and designate a person responsible for tracking compliance
  • Consider any changes to executive compensation programs to provide executive officers additional financial security and ease increased administrative burdens under the new rules

Rule Recap:

  • Registrants will have 60 days after the effective date of October 2, 2023 (i.e., by December 1, 2023) to adopt clawback policies that are compliant with the applicable listing standards
  • The SEC directed the stock exchanges to establish listing standards requiring registrants to adopt clawback policies that:
    • apply to any current or former executive officer of a registrant who served in that capacity at any time during the 3-year look-back period or any transition period (within the meaning of the final rules)
      • the 3-year look-back period consists of the three completed fiscal years immediately preceding the earlier of:
        • the date a registrant concludes, or reasonably should have concluded, that it is required to prepare a restatement; or
        • the date a court or authorized body mandates a registrant to prepare a financial restatement
    • are triggered if a registrant is required to prepare either:
      • a financial restatement that corrects an error in prior period financial statements that is material to that financial statement; or
      • a financial restatement to correct an error that is not material to prior period financial statements of the registrant, but would result in a material misstatement in the current period financial statement if left uncorrected or if the correction were recorded only in the current period
    • include clawback of cash and equity-based incentive compensation that is granted, earned or vested based wholly or in part on the achievement of a financial reporting measure and received or deemed received during the covered period to the extent it is in excess of what would have been received
    • require registrants to seek recovery reasonably promptly after the policy is triggered except in limited circumstances where recovery would be impracticable because:
      • the cost of enforcement exceeds the amount to be recovered; 
      • recovery violates the pre-existing home-country laws of a foreign registrant as in effect on the publication date of the final rules based on the opinion of counsel; or
      • recovery would likely cause the loss of tax-qualified status of a broad-based employee benefit plan
        • Before concluding that recovery is impracticable, however, a registrant must make a “reasonable attempt” to recover the incentive-based compensation
    • restrict the registrant from indemnifying executives against the losses of recovered amounts or pay premiums on an insurance policy that would cover executives’ potential clawback obligations
    • may be amended as the compensation committees/boards deem necessary, including as and when it is legally required by any federal securities laws (including the final rules)
  • Both the NYSE and Nasdaq proposed listing standards include a notice and cure period for registrants that fail to timely adopt compliant clawback policies by the applicable effective date.  Failure to adopt compliant clawback policies after the cure period is expected to lead to suspension and delisting procedures

Cybersecurity Disclosure

Recommendations: 

  • Review disclosure control policies and procedures for identifying and escalating cybersecurity incidents
  • Perform periodic reviews of cyber posture and resourcing
  • Strengthen governance and oversight of mission-critical cybersecurity risks, and consider auditing policy framework and implementation practices
  • Seek vulnerability assessment and penetration testing to enable necessary remedial efforts

 __________________

Asterisks (*) indicate an XBRL tagging requirement.

† indicates that this information is required to be disclosed in a registrant’s Form 10-K, but may be incorporated by reference from the relevant proxy statement so long as the proxy statement is filed within 120 days of the end of the fiscal year.

[1]

The final SEC rule setting listing standards for clawback policies and the new C&DI regarding Form 10-K clawback checkboxes can be found here and here, respectively; the NYSE and Nasdaq proposed rules can be found here and here, respectively; the amendments filed by the NYSE and Nasdaq can be found here and here, respectively. The final SEC rule on Rule 10b5-1 trading plans and related disclosures and the new C&DI regarding overlapping 10b5-1 trading plans and the timing for compliance can be found here and here, respectively. The final SEC rule on share repurchase disclosure can be found here. The final SEC rule on cybersecurity disclosure can be found here.


[2] 

Each of the deadlines assume the registrant is not a smaller reporting company or a foreign private issuer and has a fiscal year end of December 31, unless otherwise noted.

featured image

Get in touch

Avatar
Avatar
Avatar
Zo Khalid
Associate

+7 more...

Get in touch

Avatar
Avatar
Avatar
Zo Khalid
Associate
Avatar
Evelyne Kim
Associate
Avatar
Nicole Foster
Partner
Avatar
Lori Goodman
Partner
Avatar
Brandon Gantus
Partner
Avatar
Avatar
Sonia Bennett
Associate
Avatar
Daniel Fox
Associate

Country Selector

Our regional experience

Europe

Americas

Asia-Pacific

Middle East

Africa

    International language sites