Davis Polk & Wardwell LLP

2018 was another busy year for lawyers in the privacy/cybersecurity world – GDPR, CCPA, Marriott, New York Department of Financial Service’s cybersecurity rule deadlines, increased SEC enforcement, more data breach lawsuits, more companies doing table top exercises and risk assessments, etc. But 2019 is looking to be even busier. Below are our predictions for the Top 10 things that will keep us busy in 2019, and what companies should be preparing for: 1.  Consumer Consent…
CII has published an update to its analysis of disclosure on board evaluations in proxy statements, highlighting as “Seven Indicators of Strength” a wish list of information. The report contains multiple qualifications and statements designed to reassure companies, including that they are not expected to reveal any specific details about the results of the evaluations, but instead the disclosure should focus on the process for continued improvement.  In addition, the seven benchmarks selected in the…
Fitch Ratings announced on Monday that it has launched a new integrated scoring system that shows how environmental, social and governance (ESG) factors, such as climate change, human rights and labor issues, impact individual credit rating decisions. Its ESG Relevance Scores are sector-based and entity-specific. Fitch has started with over 1,400 non-financial corporate ratings, which it is initially making publicly available at www.fitchratings.com/site/esg.  In contrast to other third-party ESG ratings available in the market…
At the very end of the year, the SEC announced the entry of an administrative order instituting cease-and-desist proceedings in connection with financial reporting at a major rental car company, including earnings guidance. According to the order, “under persistent pressure to meet budgets, and to generate opportunities to help close company-wide budget gaps or revenue shortfalls,” the company did not comply with GAAP in 2012 in accounting for contingencies, particularly in determining when to increase…
As 2018 came to a close, U.S. financial regulators continued to pursue anti-money laundering (“AML”) enforcement actions against financial institutions, announcing monetary penalties against and resolutions with three U.S. broker-dealers.  The Financial Crimes Enforcement Network (“FinCEN”), the Securities and Exchange Commission (“SEC”) and the Financial Industry Regulatory Authority (“FINRA”) announced on December 17, 2018 that they had issued parallel fines against UBS Financial Services Inc. (“UBSFS”) totaling $14.5 million for willful failures to comply with…
The SEC instituted a cease-and-desist proceeding in a fairly straightforward enforcement action that nonetheless emphasizes the importance of the requirement that GAAP measures must be provided with “equal or greater prominence” when a company discloses non-GAAP measures. The SEC found that a company provided non-GAAP financial measures, such as adjusted EBITDA, adjusted net income and free cash flow before special items, without giving equal or greater prominence to the comparable GAAP measures. In the headline…
The Federal Reserve and FDIC (the Agencies) provided feedback on the U.S. resolution plans filed in July 2018 by four Foreign Banking Organizations – finding shortcomings in each, but acknowledging the need for more coordination among U.S. and home country regulators.  Unredacted copies of the letters sent on December 20 to the CEO of each of Barclays, Credit Suisse, Deutsche Bank and UBS (the FBO Filers) were posted on the Federal Reserve’s website
On December 19, 2018, the Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced its plan to lift sanctions on three Russian entities for agreeing to distance their businesses from a prominent oligarch.  Specifically, OFAC informed Congress of its intention to terminate sanctions on entities previously designated for being owned and controlled by sanctioned oligarch Oleg Deripaska (“Deripaska”). Treasury Secretary Steven Mnuchin announced that En+ Group plc (“En+”), UC Rusal plc (“Rusal”), and…
On December 19, 2018 the European Commission published the legislative proposals and delegated acts (the “Package”) which it had previously outlined in its Contingency Action Plan of November 13, 2018 to prepare for a “no-deal” scenario whereby the UK exits the EU on March 29, 2019 without a ratified withdrawal agreement in place. The Package includes 14 measures in a number of areas where a no-deal scenario may create major disruption for citizens…
The SEC yesterday announced that it has adopted the Dodd-Frank hedging policy disclosure rules and issued a request for comment on quarterly reporting.  We will provide additional information in the form of client memos, but preliminary information based on the fact sheets published includes: Hedging Rules.  Compliance is required in proxy statements during fiscal years beginning on or after July 1, 2019.  Companies must disclose any practices or policies it has adopted about the ability…