Shearman And Sterling

Paperwork and hands on a board room table at a business presentation or seminar. The documents have financial or marketing figures, graphs and charts on them.

January 22, 2024

It is Annual Report Time—Recent Developments and Trends for the Preparation of the 2023 Form 20-F

Subscribe

Jump to...

 

It is Annual Report Time—Recent Developments and Trends for the Preparation of the 2023 Form 20-F

Foreign private issuers (FPIs) with a calendar year end must file their annual report on Form 20-F with the U.S. Securities and Exchange Commission (the SEC) no later than April 30, 2024, and this memorandum provides an overview of recent developments, trends and topics that are relevant to FPIs preparing their 2023 Form 20-F.

Approaching the 2023 Form 20-F

There are several rule changes that have become effective for the 2023 Form 20-F reporting season which will require FPIs to include mandatory additional disclosures in the Form 20-F.

In addition, during 2023, the SEC has indicated its focus on certain disclosure areas, and companies should also evaluate their existing disclosures (or lack thereof) in view of the SEC’s guidance, public statements and proposed rules (as applicable) in relation to these topics. Companies can seek to minimize SEC comments and improve their overall disclosure by evaluating their business and disclosures in relation to these areas of focus.

2023 Form 20-F Quick Reference Summary

The following is a summary of the key points to be addressed by companies in the 2023 Form 20-F, which are discussed in more detail in this memorandum.

 

 

 

Topic

Form 20-F Location

Explanation of New Requirement

Cybersecurity

 

Item 16K

Disclosures relating to (i) processes, if any, for identifying, assessing and managing material risks from cybersecurity threats, (ii) whether any cybersecurity risks (including those as a result of any previous cybersecurity incidents) have materially affected or are reasonably likely to materially affect the company, and (iii) the role of the board of directors and management in cybersecurity governance.

 

Clawback of Incentive-based Compensation

Exhibit 97 and Cover Page

Dodd-Frank mandated clawback policy to be filed as an Exhibit 97 to Form 20-F.

 

Indicate (via checkboxes on the Form 20-F cover page) whether the filing includes errors or corrections to previously issued financial statements and whether these errors or corrections led to analysis of the clawback of executive officer compensation.

 

Disclosure Focus Areas

Various items

Companies should be review disclosures in respect of the following themes in particular:

 

  • Russia-Ukraine conflict
  • Israel-Hamas conflict
  • Climate-related disclosures
  • Non-GAAP financial measures
  • Crypto assets
  • Human capital management
  • Artificial intelligence (AI)

 

Nasdaq Board Diversity Disclosure Requirements

Nasdaq requirement

Nasdaq-listed companies can choose whether to include the required board diversity matrix in their Form 20-F (starting with the 2023 Form 20-F) or whether to include the board diversity matrix on their website.

 

 

New Mandatory Disclosure Requirements in Effect for the 2023 Form 20-F

Cybersecurity

On July 26, 2023, the SEC adopted final rules that require reporting companies, including FPIs, to disclose certain information about cybersecurity risk management and governance and cybersecurity incidents. FPIs are required to make annual disclosures in their Form 20-F relating to their cybersecurity risk management and governance—these requirements are substantially the same as those that apply to domestic U.S. registrants. However, in contrast to domestic registrants, which now have additional Form 8-K current reporting obligations, FPIs are not required to disclose material cybersecurity incidents on a current basis on Form 6-K unless the FPI (i) makes or is required to make such material cybersecurity incident public pursuant to home country law, (ii) files or is required to file with a stock exchange disclosure of any material cybersecurity incidents or (iii) otherwise distributes, or is required to distribute to their security holders, disclosure of any material cybersecurity incidents.

FPIs are required to provide the following disclosures about their cybersecurity risk management, strategy and governance in Item 16K of Form 20-F:

  • Processes: Item 106(b)(1) of Regulation S-K requires companies to describe their processes, if any, for identifying, assessing and managing material risks from cybersecurity threats, in sufficient detail for a reasonable investor to understand those processes. When describing cybersecurity risk processes, companies should disclose whether and how any such processes have been integrated into their overall risk management systems or processes, whether they engage consultants or other third parties in connection with such processes and whether they have processes to oversee and identify such risks from cybersecurity threats associated with the use of third-party service providers. However, unlike the initial rule proposal, the final rules do not require disclosure of a company’s prevention and detection activities, continuity and recovery plans or corrective actions taken as a result of prior cybersecurity incidents.
  • Effect of Cybersecurity Threats: Item 106(b)(2) of Regulation S-K requires companies to describe whether any risks from cybersecurity threats (including as a result of any previous cybersecurity incidents) have materially affected or are reasonably likely to materially affect the company, including its business strategy, results of operations or financial condition, and if so, how.
  • Governance: Item 106(c) of Regulation S-K requires companies to disclose the role of their board of directors and management in cybersecurity governance.
    • Board Oversight: Companies are required to describe the oversight by the board of directors of risks from cybersecurity threats and, if applicable, any board committee or subcommittee responsible for cybersecurity oversight and describe the processes by which the board or such committee is informed about such risks. The SEC decided not to mandate disclosure about any cybersecurity expertise of directors and removed the proposed requirement to disclose the frequency of board or committee discussions on cybersecurity.
    • Management Role: Companies are also required to describe management’s role in assessing and managing a company’s material risks from cybersecurity threats, which should include disclosure of whether and which management positions or committees are responsible for assessing and managing cybersecurity risks, the relevant expertise of such persons or members, the processes management uses to become informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents and whether management reports this information to the board or a cybersecurity risk committee of the board.

Therefore, when preparing the 2023 Form 20-F, companies should review their cybersecurity risk management and governance policies and procedures. As these new disclosures are likely to be a means of comparison for assessments of the quality of cybersecurity incident preparedness within and across industries, companies should review and, where necessary, enhance and update their existing practices and policies with a view to their public disclosure in future annual reports on Form 20-F. As companies consider the disclosure to include in their Form 20-F in response to the new disclosure requirements, they should determine which practices should now be documented to provide the appropriate compliance rigor and to demonstrate the formalization of these processes within their business. Companies should avoid reliance on boilerplate disclosure and should ensure that any disclosure accurately reflects the company’s existing policies, procedures and preparedness. If a company suffers a material cybersecurity incident, the SEC, investors and potential private securities litigants will carefully examine the company’s cybersecurity disclosures, and companies should therefore ensure they pay particular attention to disclosures as to their level of preparedness for cybersecurity incidents.

The final rules became effective on September 3, 2023, and FPIs must provide the required Form 20-F disclosures about risk management and governance beginning with Form 20-F for fiscal years ending on or after December 15, 2023. For FPIs with a calendar year end, this means that these periodic disclosures will be required for the first time in the Form 20-F for fiscal year 2023, to be filed by April 30, 2024.

As noted above, the new rules do not create a standalone trigger requiring FPIs to disclose cybersecurity incidents on a current basis on Form 6-K. However, even if FPIs are not required to report material cybersecurity incidents on Form 6-K as a result of a foreign disclosure (as noted above), some FPIs may nonetheless look to the incident reporting rules for domestic issuers for guidance on when it may be appropriate to disclose cybersecurity incidents voluntarily, including as a result of investor expectations or governance considerations.

The SEC did not amend Form 40-F to include cybersecurity disclosure requirements, which means that eligible Canadian FPIs using the multijurisdictional disclosure system (MJDS) to satisfy SEC registration and disclosure requirements will continue to comply with applicable Canadian disclosure requirements.

Read our related client publication, SEC Mandates New Cybersecurity Disclosures, for further detail on the cybersecurity disclosure rules.

Clawback Rules

On October 26, 2022, the SEC adopted final rules to implement Section 954 of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010. The rules required U.S. stock exchanges to establish listing standards requiring listed companies to adopt, disclose and enforce a compensation clawback policy for the recovery of erroneously awarded compensation. The listing standards of the New York Stock Exchange and Nasdaq Stock Market required listed companies to adopt a compliant clawback policy by December 1, 2023.

FPIs are now required to file a copy of their Dodd-Frank mandated clawback policy (but not any other clawback policies) as Exhibit 97 to Form 20-F, which should be labelled as Exhibit 97. FPIs should also be aware that Form 20-F now also includes new checkboxes indicating (i) whether the financial statements included in the filing reflect correction of any error to previously issued financial statements and (ii) whether any of those error corrections are restatements that required a recovery analysis under the company’s clawback policy.

For more information, please refer to our related client publication, SEC Clawback Rules Take Effect: What Companies Should Do Now, and our FPI guide to these rules.

Disclosure Focus Areas

Current Disclosure Considerations

Many companies are currently being impacted by, or may potentially be impacted in the future by, a number of developments, including:

  • inflation and the effects of an inflationary environment;
  • interest rates, including the impact on the cost of borrowing and any impacts on a company’s ability to raise finance or refinance existing indebtedness;
  • supply chain disruptions;
  • tight labor market conditions;
  • volatility in commodity markets and exchange rates;
  • other direct or indirect ongoing impacts of (i) the continuing Russia-Ukraine conflict, (ii) the Israel-Hamas conflict and (iii) emerging geopolitical conflicts, including rising tensions between China and Taiwan and the relationship between China and the United States;
  • sanctions, terrorism and human rights laws, regulations and regimes;
  • risks related to the 2024 U.S. presidential, congressional, state and local elections;
  • evolution and use of AI, including generative AI, including its impacts on a company’s business and the industry in which it operates;
  • effects stemming from long-term reliance on hybrid work arrangements; and
  • matters related to environmental, social and governance (ESG) developments, including climate-related challenges.

Companies should continue to discuss in their operating and financial review and prospects section (often referred to as the MD&A) and as part of risk factors how recent developments have materially impacted or may materially impact their business, operations and financial performance, including impacts on liquidity, capital resources, business outlook, strategies and goals. When preparing the 2023 Form 20-F, companies should also consider whether their forward-looking statement disclaimers and disclosure and business section need to be updated to refer to any additional important factors that could cause actual results to differ from the forward-looking statements made by the company. In addition, companies should continue to identify any material actions taken or planned to mitigate challenges and how these have impacted or may impact the company’s performance.

Companies should avoid describing currently prevailing conditions (i.e., materialized or materializing risks) as potential future risks and uncertainties. Therefore, in preparing the 2023 Form 20-F, companies should review existing risk disclosures, which may have been previously discussed in the hypothetical, and update such disclosures to address the factors that have already had a material impact on the company and, as appropriate, to increase the specificity of such risk disclosures.

Companies should also evaluate whether to delete references to risks that are no longer applicable, including whether COVID-19-related risks (as distinct from potential future pandemic risks) should be removed in view of the fact the World Health Organization declared on May 5, 2023, that COVID-19 no longer constituted a public health emergency of international concern.

Israel-Hamas Conflict

Companies that have direct or indirect business operations, interests, investments, assets or reliance on goods sourced in, or services provided from, Israel or the Middle East in general, or business relationships with companies that do, should evaluate including disclosure of any material direct or indirect impacts and risks related to the current conflict between Israel and Hamas. As of the date of this client publication, the SEC Division of Corporation Finance has not published a sample letter reflecting comments it may issue related to disclosure regarding this conflict, but the sample letter to companies regarding disclosures pertaining to the Russia-Ukraine conflict may provide guidance as to the types of disclosure that companies should consider if they could be materially impacted by this conflict.

Russia-Ukraine Conflict

As discussed in last year’s edition of this client publication, companies should continue to evaluate whether they have been or may be materially impacted by the direct and indirect effects of the continuing Russia-Ukraine conflict, including by the imposition of sanctions.

Over a year has now passed since Russia invaded Ukraine, and the U.S., the European Union and its member states, the United Kingdom and many others—including Japan, Australia, New Zealand, Taiwan and Canada—continue to exert pressure on Russia through expanding sanctions regimes. The sanctions related to the Russia-Ukraine conflict are multi-faceted and, at times, complex and far-reaching, with potential implications for any business operating in the global economy, even those businesses with no immediate or direct ties to Russia, Belarus or Ukraine. For more information, please refer to our related client publication, US, EU and UK Maintain Pressure Through Russia Sanctions.

Companies should review the SEC’s sample letter to companies regarding disclosures pertaining to Russia’s invasion of Ukraine and related supply chain issues that the SEC published on May 3, 2022. Even if a company does not have operations in Russia, Belarus or Ukraine, disclosures may be required on the indirect consequences of the conflict, including supply chain disruptions, volatility in the trading prices of commodities and heightened cybersecurity risks.

Climate-related Disclosures

As discussed in last year’s edition of this client publication, after much anticipation, on March 21, 2022, the SEC released its proposed climate-related disclosure framework which, if adopted, would represent a sweeping overhaul of the current, materiality-based climate change disclosure requirements and would substantially expand the reporting obligations for public companies. The proposed disclosures are modeled in part on the disclosure framework recommended by the Task Force on Climate-Related Financial Disclosures and would require companies to include significant climate-related disclosure in both the body of periodic reports and registration statements as well as in the notes to their financial statements. The proposed rules would apply to both domestic issuers and FPIs (other than MJDS filers). The SEC currently expects to adopt final rules by April 2024, as indicated by the Staff of the Division of Corporation Finance (the Staff) in the Fall 2023 Unified Agenda of Regulatory and Deregulatory Actions.

The SEC has delayed its final rulemaking on climate-related disclosure, including to consider extensive public comments—over 16,000 comments were received, a record-breaking number. One of the most controversial areas in the rule proposal is the requirement for companies to report Scope 3 emissions when such emissions are material or when the company has established a Scope 3 emissions reduction target, including concern being expressed as to the degree to which the underlying data and disclosure would be onerous to produce and may not be decision-useful to investors. Whether mandatory Scope 3 emissions disclosure requirements are included within the final rules will be of significant interest to market participants.

For more information on the proposed rules, please refer to our related client publication, SEC Proposes Sweeping New Climate-related Disclosure Framework.

In addition to this proposed rulemaking, the Staff has been focused on how companies comply with existing disclosure requirements, including the interpretative guidance published by the SEC on February 2, 2010, and the sample letter to companies regarding climate change disclosures published by the SEC on September 22, 2021.

The SEC issued a number of comment letters focused on climate-related disclosure matters during 2022 and 2023, and these comments have frequently required multiple rounds of correspondence with SEC examiners. In preparing the 2023 Form 20-F, companies should consider how their own disclosures (particularly risk factors, MD&A, business and legal proceedings disclosures) may be informed by the following themes and trends that can be identified in SEC comment letters:

  • Companies should consider whether the information included in their corporate social responsibility report, sustainability report or ESG report (an ESG Report) should be included in their Form 20-F. Companies could take the view that not all information in an ESG Report is material to investors. The content of an ESG Report is intended for an audience that is broader than investors in the company’s securities and includes employees, customers, suppliers, non-governmental organizations and governments who may use ESG Reports for different purposes. Companies taking this view should be prepared to support the conclusion that the effects of climate-related matters, including the related costs and expenses, are not material, as the SEC may ask companies to quantify such effects, costs and expenses and provide detailed explanation of the materiality analysis.
  • Companies should focus on whether climate-related disclosures are required in respect of (i) the impact of pending or existing climate change-related legislation, regulations and international accords, (ii) the indirect consequences of regulation or business trends (such as transition risks relating to low/net zero carbon emissions) and (iii) the physical impacts of climate change.
  • Companies should disclose whether they have experienced or may experience a material increase in capital expenditures or operating costs associated with climate-related matters, including costs and expenditures incurred to mitigate the physical effects of climate change or incurred in connection with any plans they may have to reduce emissions or their reliance on carbon-based energy. Companies should consider whether any such increased costs or expenditures may represent a known material trend or uncertainty that should be disclosed as such.

As further discussed in our related client publication, as companies prepare for reporting under a potential climate-related disclosure framework, companies should continue the process of building the necessary internal controls and disclosures controls necessary for any climate-related disclosures. Early engagement with this topic is central to being ready for climate-related reporting as contemplated by the proposed climate disclosure rule, including to ensure that the underlying climate-related data captured by a company is reliable and is capable of being subject to any assurance requirements to which companies may become subject.

In addition, in 2023 new climate-related laws were introduced in the state of California, including (i) the Climate Corporate Data Accountability Act, and the Climate-Related Financial Risk Act, which are limited to legal entities incorporated in the United States, but may be applicable to United States subsidiaries of FPIs, and (ii) the Voluntary Carbon Market Disclosures Act (the VCMDA), which is not limited to companies incorporated in the United States. The VCMDA, which became effective on January 1, 2024, is intended to address “greenwashing” by requiring detailed disclosures of the methodology for tracking and verifying claims relating to climate performance or goals made within the state of California by entities operating within the state of California, as well as disclosure regarding voluntary carbon offsets purchased, used, marketed or sold within the state of California in respect of any company that makes any such claims.

Non-GAAP Financial Measures

The use of financial measures that do not conform either to U.S. GAAP or IFRS (together referred to as non GAAP financial measures) continues to be a focus area for the SEC in its review of Form 20-F annual reports and other disclosures by FPIs (particularly in relation to the presentation of GAAP/IFRS measures with “equal or greater prominence”). As discussed in last year’s edition of this client publication, on December 13, 2022, the SEC updated Questions 100.01, 100.04 to 100.06, and 102.10(a), (b) and (c) of its Non-GAAP Financial Measures Compliance & Disclosure Interpretations (C&DIs).

Companies should review their use of non-GAAP financial measures, particularly in light of the updated C&DIs, including the points described in last year’s edition of this client publication. As relevant, companies should also review any comment letters from the Staff received by peer group companies in their industry to identify any industry-specific trends to address in their own disclosure.

Crypto Assets

As discussed in last year’s edition of this client publication, on December 8, 2022, the SEC published a sample letter to companies regarding recent developments in crypto asset markets (which term is used to also include cryptocurrencies and other digital assets). The letter highlighted the type of comments the Staff may issue in relation to a company’s evaluation of their exposure to, or the potential impact of, recent bankruptcies and financial distress among crypto asset market participants that caused widespread disruption in those markets. For example, companies should provide disclosure of any significant crypto asset market developments that are material to understanding or assessing such company’s business, financial condition and results of operations, or its share price since its last reporting period, including any material impact from the price volatility of crypto assets. Companies should consider both direct and indirect effects of recent crypto market events, including (i) a company’s exposure to counterparties and other market participants, (ii) risks related to a company’s liquidity and ability to obtain financing and (iii) risks related to legal proceedings, investigations or regulatory impacts in the crypto asset markets.

Human Capital Management

Human capital management has continued to be a focus since the SEC adopted, on August 26, 2020, amendments to Regulation S-K to modernize certain specific disclosure requirements applicable to public companies regarding human capital management. These requirements adopted a principles-based approach, giving companies discretion to determine what information is material and relevant for disclosure based on the circumstances of their business. Except for some amendments that apply to risk factor disclosures which do apply to FPIs, the amendments made to Items 101 and 103 of Regulation S-K do not apply to FPIs filing annual reports on Form 20-F. For further information on the human capital management amendments, see our related client publication, SEC Approves Final Amendments Modernizing Disclosure Requirements of Regulation S-K.

The SEC has indicated April 2024 as the expected date to propose new human capital management disclosure rules in its Fall 2023 Unified Agenda of Regulatory and Deregulatory Actions. It remains to be seen whether any proposed rules would apply to FPIs. Companies should nonetheless remain mindful of human capital management as a focus area and should be prepared to develop their disclosure over the course of the next couple years in response to regulatory changes and investor expectations.

The SEC Investor Advisory Committee (the IAC) approved, in a meeting held on September 21, 2023, recommendations given to the SEC to expand required human capital management disclosures, including to:

  • strengthen current item 101(c) under Regulation S-K on human capital disclosure, by requiring disclosure on: (i) the number of people employed by the company, broken down by whether those people are full-time, part-time or contingent workers, (ii) the turnover rate or comparable workforce stability metrics, (iii) the total cost of the companies’ workforce, broken down into major components of compensation, and (iv) workforce demographic data sufficient to allow investors to understand the company’s efforts to access and develop new sources of talent, and to evaluate the effectiveness of these efforts; and
  • contemplate narrative disclosures in the MD&A of how the company’s labor practices, compensation incentives, and staffing fit within the broader company’s strategy.

The SEC must still consider whether to incorporate these IAC recommendations into its anticipated human capital management rule proposal, and whether or not any amendments would be made to FPI disclosure requirements.

AI-related Disclosure

In line with the increasing use of artificial intelligence tools by firms in different industries, the SEC is expected to increase its surveillance on the quality of AI-related disclosure made by companies. The SEC’s growing attention to AI is demonstrated the new set of rules applicable to broker-dealers and investment advisers proposed by the SEC in July 2023 which aim to mitigate conflicts of interest associated with their use of predictive data analytics and similar technologies. As indicated by the Staff in the Fall 2023 Unified Agenda of Regulatory and Deregulatory Actions, these proposed rules are in the final stages. Likewise, in December 2023, SEC’s Chair Gary Gensler in The Messenger’s AI Summit held in Washington, D.C., reportedly advised against the practice of overstating the use of AI tools and technology and urged companies to provide full and accurate disclosures on the subject in accordance with the existent applicable regulations. Finally, it is worth mentioning that Chair Gensler devoted a significant part of his remarks before the Financial Stability Oversight Council for the 2023 Annual Report to the effects that AI could have on financial stability and the challenges related to its use. Therefore, companies should carefully consider disclosures on their use of AI tools and technologies, including appropriate disclosure of risks and challenges applicable to the integration of AI tools into their business operations.

Recent Trends in SEC Comment Letters

The SEC issued more comment letters on annual reports on Form 20-F in 2023 than in recent prior years. In 2023, the SEC issued comment letters in respect of Forms 20-F filed by 147 companies, in contrast to 101 companies in 2022, 51 companies in 2021, 81 companies in 2020 and 78 companies in 2019.

In 2023, out of 147 companies that received comments on their Form 20-F annual report, comments on 58 companies (or 39%) were limited to the disclosures required by Item 16I of Form 20-F (i.e., disclosure regarding foreign jurisdictions that prevent Public Company Accounting Oversight Board (PCAOB) inspections) and comments on 54 companies (or 37%) were limited to the company’s financial statements and related disclosures and, therefore, did not cover a review of the full Form 20-F.

In the 2022 fiscal year reporting season, in line with recent years, the most frequently occurring comments on annual reports on Form 20-F related to:

  • non-GAAP financial measures,
  • MD&A (comments relating to results of operations and liquidity being the most prevalent),
  • business combinations,
  • segment reporting and
  • revenue recognition.

In addition, the SEC continued to issue comments on climate-related disclosures on Form 10-K annual reports for domestic issuers and registration statements. In 2023, the SEC started to issue a handful of climate-related comments on annual reports on Form 20-F, which were limited to companies with heightened climate disclosure considerations (including a Chinese oil and gas company and a globally diversified mining and specialty metals company). Many of these were focused on information with respect to climate change-related risks and opportunities required to be disclosed in the description of business, legal proceedings, risk factors and management’s discussion and analysis of financial condition and results of operations, and the Staff also asked certain companies to describe the consideration they gave as to providing the same type of climate-related disclosure in their Form 20-F or Form 10-K as was provided in their ESG Report.

Reminders for FPIs

EDGAR Filing of “Glossy” Annual Reports and Form 144

As discussed in last year’s edition of this client publication, on June 2, 2022, the SEC adopted amendments to its rules governing the electronic filing and submission of documents.

  • “Glossy” Annual Reports: Effective January 11, 2023, Item 10J of Form 20-F requires FPIs to satisfy their Form 6-K obligation to furnish any “glossy” annual report by submitting the report electronically in PDF form on the SEC’s Electronic Data Gathering, Analysis and Retrieval system (EDGAR) in accordance with the EDGAR Filer Manual, no later than the date on which the annual report is first sent to shareholders.
  • Form 144: When an affiliate of a company sells securities in the U.S. public markets in reliance on Rule 144, the affiliate is required to file Form 144 with the SEC. Since April 13, 2023, Form 144 filings relating to sales of securities of an SEC reporting company must be filed electronically on EDGAR. Unlike their counterparts of U.S. domestic issuers, directors and officers of FPIs are not subject to filing obligations under Section 16 of the Securities and Exchange Act (the Exchange Act) and, therefore, may not already have EDGAR filing codes. Therefore, directors, officers and other affiliates seeking to sell securities in reliance on Rule 144 should obtain EDGAR filing codes from the SEC in sufficient time to permit timely electronic filing of any required Forms 144. As a result of an amendment to Regulation S-T, the filing deadline for Form 144 has been extended from 5:30 p.m. (Eastern time) to 10 p.m. (Eastern time) for a Form 144 to be deemed filed the day it was submitted.

Nasdaq Board Diversity Disclosure Requirements

On August 6, 2021, the SEC approved the Nasdaq Stock Market’s proposal to amend its listing rules in order to advance greater board diversity through the combination of a “comply or explain” board diversity requirement to have a specified number of diverse directors and requirements to disclose additional board diversity statistics using a standardized matrix template. In contrast to many other Nasdaq corporate governance rules, the new board diversity requirements also apply to Nasdaq-listed FPIs. Nasdaq has published a board diversity matrix template and illustrative examples.

Nasdaq-listed companies can choose whether to include the board diversity matrix in their Form 20-F (starting with the 2023 Form 20-F) or whether to include the board diversity matrix on their website (with the company being required to provide Nasdaq with the link to such website disclosure either via email or through the Nasdaq Listing Center).

On December 14, 2022, the SEC issued a notice of an immediately effective change to extend and simplify the deadlines for Nasdaq-listed companies to comply with the “comply or explain” board diversity requirement and the annual deadline to provide board diversity matrix disclosures. For more information on the Nasdaq requirements and the updated compliance deadlines please refer to last year’s edition of this client publication.

The SEC’s approval of Nasdaq’s board diversity requirements is currently being challenged before the U.S. Court of Appeals for the Fifth Circuit, (Alliance for Fair Board Recruitment v. SEC, 5th U.S. Circuit Court of Appeals, No. 21-60626). On October 18, 2023, the Fifth Circuit denied the petition challenging Nasdaq’s board diversity requirements, but on October 25, 2023, petitioners filed a petition requesting a review en banc by all 16 of the Fifth Circuit judges. As we await the outcome of this petition, certain Nasdaq listed companies should continue to comply with the Nasdaq requirements in accordance with the deadlines referred to above.

Modernization of Beneficial Ownership Disclosure

On October 10, 2023, the SEC adopted amendments to the rules governing the reporting of beneficial ownership of securities under Sections 13(d) and 13(g) of the Exchange Act, which require any person or group of persons who, directly or indirectly, acquire or hold beneficial ownership of more than 5% of a covered class of equity securities of an issuer to publicly report their beneficial ownership on a Schedule 13D or 13G. The amendments, which were initially proposed on February 10, 2022, shorten the deadlines by which Schedules 13D and 13G must be filed. While the SEC decided not to adopt proposed rules regarding disclosure of cash-settled derivatives and group formation, it issued guidance on these topics in the form of questions and answers in the adopting release. In addition, the amendments mandate that Schedules 13D and 13G be filed in a machine-readable structured data format similar to the one used for Section 16 filings on Form 4.

Compliance with the final rule, including the shortened Schedule 13D filing deadlines, will be required beginning on February 5, 2024, subject to two exceptions: (i) compliance with the revised Schedule 13G filing deadlines will be required beginning September 30, 2024, and (ii) compliance with the machine-readable structured data format requirements will be required beginning December 18, 2024.

Read our related client publication for further detail, SEC Accelerates Schedule 13D/G Filing Deadlines and Issues Guidance on Derivatives and Group Formation.

Changes in Nasdaq Code of Conduct Waiver Requirements

On August 21, 2023, Nasdaq filed a rule change with the SEC to modify the requirements related to waiver of the code of conduct in Listing Rules 5610 and IM-5610. The amendments became operative on September 20, 2023, and require, among other things, FPIs to disclose within four business days any waivers of its code of conduct for directors or executive officers on its website, in a Form 6-K or by distributing a press release. Prior to such amendments, FPIs were not subject to a specific deadline for disclosing such waivers. The amendments are different from the rules applicable to FPIs listed on the NYSE who can continue to follow home country practice.

Disclosure Regarding Foreign Jurisdictions That Prevent Inspections

As discussed in last year’s edition of this client publication, the Holding Foreign Companies Accountable Act of 2020 (HFCAA) limits access to the U.S. capital markets for public companies that are audited by registered public accounting firms that are not subject to inspection by the PCAOB. Among other provisions of the HFCAA, companies that file annual reports with financial statements audited by an auditor that did not permit PCAOB inspection will be required to include the disclosures specified in Item 16I of Form 20-F.

On December 15, 2022, the PCAOB announced that it had determined that it has secured complete access to inspect and investigate registered public accounting firms headquartered in mainland China and Hong Kong. The PCAOB is required to make this determination at least annually and can make a further determination at any point. Therefore, unless and until the PCAOB determines that it is no longer able to completely inspect or investigate any registered public accounting firms headquartered in mainland China or Hong Kong because of a position taken by one or more authorities in such jurisdictions, the annual report disclosures referred to above are not required.

The SEC is required to prohibit trading on any U.S. national securities exchange and in the over-the-account market if the PCAOB is unable to inspect an SEC reporting company’s auditor for two consecutive years (Congress reduced this period from three years to two years in the 2022 omnibus spending legislation). Therefore, the PCAOB’s 2022 determination “resets the clock” on the two-year period.

China-related Disclosures

On July 17, 2023, the SEC published a sample letter to companies regarding China-specific disclosures, which is focused on the following areas of disclosure:

  • Disclosure Obligations Under the HFCAA: Companies identified as Commission-Identified Issuers (CIIs) under the HFCAA must comply with the submission and disclosure requirements under the HFCAA and the SEC rules for each year in which they are identified. For CIIs that are FPIs, the required disclosures include, among other matters, the percentage of shares owned by foreign government entities, whether government entities in the foreign jurisdiction have a controlling financial interest with respect to the issuer, identification of all Chinese Communist Party (CCP) officials who are on the board of the issuer or the operating entity for the issuer and whether the issuer’s articles of incorporation (or any equivalent organizing document) contain any “charter” of the CCP.
  • Disclosure About Material Risks Related to the Role of the Government of China in the Operations of China-based Companies: The SEC is seeking disclosures about any material impacts that intervention or control by China in the operations of these companies has or may have on their business or the value of their securities.
  • Disclosures Related to Material Impacts of Certain Statutes: Companies should evaluate their disclosures with a view towards providing investors with tailored disclosure about the material impacts of the provisions of certain statutes on their business, including the Uyghur Forced Labor Prevention Act, which, among other matters, prohibits the import of goods from the Xinjiang Uyghur Autonomous Region of China.

Removal of Proposal to Expand Section 16 Reporting Obligations to FPIs

As discussed in our related publication, Senate Proposes to Extend Section 16 Requirements to Foreign Private Issuers, on July 27, 2023, the U.S. Senate passed the National Defense Authorization Act for Fiscal Year 2024 (the NDAA), which, if enacted, would subject insiders (i.e., directors, executive officers and greater than 10% shareholders) of FPIs to the requirements of Section 16 of the Exchange Act, with respect to their ownership and transactions in the securities of the relevant FPI. Section 6081 of the NDAA would amend Section 16(a)(1) to include FPIs as subject to Section 16 and nullify Rule 3a12-3, which currently exempts securities of FPIs from Section 16. However, on December 7, 2023, the proposal to extend Section 16 reporting obligations to FPIs was removed from the legislative text in conference. It remains to be seen whether there may be attempts to reintroduce this proposal in any future omnibus legislation in 2024 or beyond.

XBRL Disclosure

The SEC has been expanding the types of disclosures required to be made using eXtensible Business Reporting Language (XBRL) and inline XBRL, including the following disclosures:

  • Clawback: FPIs must tag the new compensation recovery disclosure in Form 20-F described above under “New Mandatory Disclosure Requirements in Effect for the 2023 Form 20-F—Clawback Rules” using inline XBRL beginning with the 2023 Form 20-F. Inline XBRL tagging is required for any specific data points included within the compensation recovery disclosures and block text tagging of compensation recovery disclosure is also required.
  • Cybersecurity: FPIs must tag Form 20-F disclosures about cybersecurity risk management and governance as described above under “New Mandatory Disclosure Requirements in Effect for the 2023 Form 20-F—Cybersecurity” using inline XBRL beginning on the Form 20-F for the year ending December 31, 2024, to be filed in 2025, which is one year after initial compliance with the related disclosure requirement.
  • Insider Trading Policies: FPIs must tag the newly-required disclosures discussed below under “Future Disclosure Requirements—Insider Trading Policies” regarding insider trading policies beginning on the Form 20-F for the year ending December 31, 2024, to be filed in 2025, which is the same timeline as they will be required to report the new disclosures.

On September 7, 2023, the SEC published a sample letter to companies regarding their XBRL disclosures. This letter, which highlights the SEC’s willingness to issue comment letters if disclosure is not properly tagged, contains examples of requirements that companies should consider as they prepare their XBRL and Inline XBRL disclosures, such as the need of companies to consistently present the number of shares of common stock outstanding between its cover page and its balance sheet.

EDGAR Next

On September 13, 2023, the SEC proposed amendments to Rules 10 and 11 of Regulation S-T and Form ID concerning access to and management of accounts on EDGAR that are related to potential technical changes to EDGAR, referred to by the SEC as EDGAR Next. The SEC indicates that it “is seeking to enhance the security of EDGAR, improve the ability of filers to securely manage and maintain access to their EDGAR accounts, facilitate the responsible management of filer credentials and simplify procedures for accessing EDGAR.” EDGAR Next would require filers to authorize designated individuals as account administrators and would require individuals acting on behalf of filers to obtain individual account credentials. On September 13, 2023, the SEC Chair Gary Gensler issued a Statement on EDGAR noting that such amendments, if approved, would “enhance EDGAR’s security and further improve filers’ access to the EDGAR system.” The comment period for submission of comments on the proposed amendments ended on November 21, 2023. For more information, see the SEC’s website on EDGAR Next.

SEC Filing Fees

As announced by the SEC on August 25, 2023, with effect from October 1, 2023, the fees that public companies and other issuers pay to register their securities with the SEC increased from $110.20 per million U.S. dollars to $147.60 per million U.S. dollars.

SEC Enforcement Action

During the fiscal year 2023, according to the press release published by the SEC on November 14, 2023, the SEC filed 784 total enforcement actions, which represented a 3% increase over fiscal year 2022 (including 501 original or “stand-alone” enforcement actions).

Certain themes in these SEC enforcement actions are relevant to the preparation of the 2023 Form 20-F as the SEC will likely keep focusing on such themes in 2024, including the following:

  • Cybersecurity
    • The SEC announced on March 9, 2023, that Blackbaud Inc. agreed to pay $3 million to settle charges for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers.
    • The SEC announced on October 30, 2023, charges against Austin, Texas-based software company SolarWinds Corporation and its chief information security officer for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.
  • Human Capital
    • The SEC announced on February 3, 2023, that Activision Blizzard Inc. agreed to pay $35 million to settle charges that it failed to maintain disclosure controls and procedures relating to employee complaints of workplace misconduct and violation of a whistleblower protection rule.
  • Other ESG-related Cases
    • The SEC announced on March 28, 2023, that Vale S.A agreed to pay $56 million to settle charges brought on April 28, 2022, stemming from the company’s allegedly false and misleading disclosures about the safety of its dams prior to the January 2019 collapse of the Brumadinho dam that killed 270 people.
    • The SEC announced on September 25, 2023, that it charged a subsidiary of Deutsche Bank AG in two separate enforcement actions, one addressing its failure to develop a mutual fund anti-money laundering program and the other concerning misstatements regarding its ESG investment process.
  • Non-GAAP Financial Measures
    • The SEC announced on March 14, 2023, that it charged DXC Technology Company with making misleading disclosures about its non-GAAP financial performance in multiple reporting periods from 2018 until early 2020.
    • The SEC announced on September 29, 2023, that it charged Newell Brands Inc. and its former chief executive officer with misleading investors about Newell’s core sales growth, a non-GAAP financial measure the company used to explain its underlying sales trends.
  • Related Party Transactions
    • The SEC announced on September 18, 2023, that it charged Lyft Inc. for failing to disclose a company board director’s role in a shareholder’s sale of approximately $424 million worth of private shares of Lyft’s share prior to the company’s initial public offering.

SEC’s 2024 Rulemaking Agenda

On December 6, 2023, SEC Chair Gary Gensler issued a Statement on the Fall 2023 Regulatory Agenda noting that the Office of Information and Regulatory Affairs had released the Fall 2023 Unified Agenda of Regulatory and Deregulatory Actions. This Unified Agenda is published twice a year and includes regulations that government agencies and departments are working on, including anticipated release dates. Submissions by agencies and departments to the Unified Agenda and indicated timetables are not binding, and departments and agencies can issue rules that are not listed on the Unified Agenda.

The Unified Agenda indicates that the Division of Corporate Finance is considering recommending the SEC:

  • adopt certain rules with an expected timetable of April 2024, including disclosure of climate-related risks and opportunities (as discussed above under “Disclosure Focus Areas—Climate-related Disclosures” and in our related client publication, SEC Proposes Sweeping New Climate-related Disclosure Framework);
  • propose certain new rules with an expected timetable of April 2024, including new human capital management disclosure rules (as discussed above under “Disclosure Focus Areas—Human Capital Management”); and
  • propose rule amendments to enhance registrant disclosures about the diversity of board members and nominees with an expected timetable of October 2024.

Future Disclosure Requirements

In addition to the potential rulemakings during 2024, whilst the following rules are not in force for the 2023 Form 20-F reporting season for FPIs with a calendar year end, companies should note that the following rules will be relevant in the future.

Resource Extraction Payments

Resource extraction companies (including FPIs) will be required to disclose on an annual basis any payments made to the U.S. federal government or foreign governments for the commercial development of oil, natural gas or minerals. Companies will be required to furnish to the SEC the required disclosure annually on Form SD. For companies with a calendar year end, the first Form SD is due by September 30, 2024, with respect to the 2023 fiscal year, as previously discussed in our related client publication, SEC Adopts Payment Disclosure Rules for Resource Extraction Companies.

Insider Trading Policies

On December 14, 2022, the SEC adopted final rules amending the requirements relating to Rule 10b5-1 plans and certain other rules relating to securities transactions by insiders. In conjunction with these amendments, all FPIs (other than MJDS filers) will be required to disclose under Item 16J of Form 20-F whether they have adopted insider trading policies (and if not, why not), and companies will be required to file their insider trading policies as an exhibit to Form 20-F (which should be labelled as a separate Exhibit 11 filing to any code of ethics filed pursuant to Item 16B of Form 20-F). The final rules became effective on February 27, 2023. For FPIs with a calendar year end, these requirements will apply with effect from the Form 20-F for the year ending December 31, 2024, that is filed in 2025. Companies may want to take the opportunity to review and refresh their insider trading policies prior to public disclosure.

For more information, please refer to our related client publication, SEC Changes Requirements for Rule 10b5-1 Plans.