In this blog feature, our in-house readers share tips, anecdotes, and thoughts about topics that arise in their daily practice. This particular batch of thoughts is about disclosure controls, particularly in the context of the climate and cybersecurity disclosure rules that could be coming soon from the SEC:

  1. “We spent time aligning with our information security team on what makes a cyber incident sufficiently significant that it should be promptly discussed with a disclosure controls working group. The objective was that the information security team would not be making decisions about whether an incident is “material” and would report the “significant” incidents quickly for disclosure consideration.

    We also added to our disclosure working group a lawyer who supports our cybersecurity and privacy compliance efforts, for ongoing alignment on related disclosure objectives.”
  2. “I still blame Enron for too much emphasis on “check the box” practices, sometimes to the exclusion of a thoughtful analysis and discussion. There is now a full generation or more of people who rely on certifications as a substitute for doing the hard work of understanding the intricacies of a business and determining what should be disclosed in any given situation.”
  3. “Disclosure controls? Ugh. If I wanted to be an accountant, I would have become a CPA.”
  4. “We modified our disclosure controls about seven years ago over cybersecurity incident concerns. Any new rulemaking in that area will probably not cause us to do much in the way of change.

    But the new SEC climate rules will have a sizable impact on our controls and we have been mapping that out in draft form for the past year. We recently added a lawyer to our disclosure working group who supports our climate change initiatives, to help with alignment on disclosure objectives.”
  5. “Ahead of the SEC’s climate rules, our Controller’s office has been leading the way by creating a mammoth spreadsheet in an effort to figure out where we may need to change our controls, both internal and disclosure. We have also talked to several technology providers about assisting in this process.”
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Broc Romanek Broc Romanek

As a strategist for the firm’s Corporate & Securities practice, Broc Romanek has a deep understanding of the regulatory and environmental, social, and governance (ESG) marketplace. Prior to joining Perkins Coie, Broc served as editor at TheCorporateCounsel.net, CompensationStandards.com, and DealLawyers.com, where he oversaw…

As a strategist for the firm’s Corporate & Securities practice, Broc Romanek has a deep understanding of the regulatory and environmental, social, and governance (ESG) marketplace. Prior to joining Perkins Coie, Broc served as editor at TheCorporateCounsel.net, CompensationStandards.com, and DealLawyers.com, where he oversaw and managed coverage on issues related to ESG, corporate governance, executive pay, deals, and market trends and analysis.

In addition to his nearly two decades of working as a journalist and publisher, Broc served as assistant general counsel at a Fortune 50 company, worked in the Office of Chief Counsel of the U.S. Securities and Exchange Commission’s (SEC) Division of Corporation Finance, was a counselor to former SEC Commissioner Laura Unger, and worked in private practice. He also is the author, or co-author, of four legal treatises, and has authored several books focused on the legal industry.