"SEC risk factors: A single wrong word could cost millions" by Meredith Leeson (American Bar Association Business Law Today)
American Bar Association Business Law Today
The Securities and Exchange Commission recently proposed to simplify crucial corporate disclosures regarding legal proceedings and risk factors by moving toward a more principles-based approach; yet, the SEC continues to pursue big-dollar enforcement actions that offer filers little clarity about what precisely constitutes accurate disclosure of their risk factors.
Weighing materiality and the potential for liability are traditionally hazy areas that have tripped up a number of companies, including most recently:
- Mylan NV, which agreed to pay $30 million because it calculated as “remote” rather than “reasonably possible” the likelihood that a government investigation would impose a substantial liability on the company
- Facebook, which in using of the word “may” rather than “have” in its risk-factor disclosures about customer data likely cost the company $100 million
- Altaba Inc. (formerly known as Yahoo!), which reached a $35 million settlement last year with the SEC for its tardy disclosure of a data breach