U.S. Attorney General Issues Memorandum Redirecting FCPA Enforcement Away From U.S. Businesses
In a memorandum dated Feb. 5, 2025, U.S. Attorney General Pamela Bondi has instituted a novel approach to enforcing the Foreign Sovereign Immunities Act (FCPA).
The FCPA prohibits paying or offering to pay money or anything of value to a foreign official for the purpose of obtaining or retaining business. The FCPA applies to U.S. persons, domestic concerns, and issuers of securities listed on a U.S. exchange or that are required to file S.E.C. reports, as well as to foreign persons and entities that engage in foreign corrupt activity that occurs, at least in part, in or through the United States (such as by using U.S. currency). The FCPA also prohibits issuers from falsifying books and records, and from circumventing or knowingly failing to implement internal controls.
Since its enactment in 1977, the FCPA has been the impetus for international efforts to root out corruption, and has served as the model for anti-corruption legislation in many countries. The Organization for Economic Cooperation and Development’s Anti-Bribery Convention of 1997, and the United Nations Convention Against Corruption of 2003, are progeny of the FCPA.
The Attorney General’s memorandum, titled Total Elimination of Cartels and Transnational Criminal Organizations, cites President Donald Trump’s Jan. 20, 2025 directive “to revise existing national security and counter-narcotics strategies to pursue total elimination of Cartels and Transnational Criminal Organizations (TCOs).”
The memorandum sets out various directives and initiatives that target Cartels and TCOs in furtherance of that goal. In one striking phrase, however, the memorandum appears to assure non-violent FCPA offenders that they need not be concerned about being prosecuted for violating the FCPA: “The Criminal Division’s Foreign Corrupt Practices Act Unit shall prioritize investigations related to foreign bribery that facilitates the criminal operations of Cartels and TCOs, and shift focus away from investigations and cases that do not involve such a connection. Examples of such cases include bribery of foreign officials to facilitate human smuggling and the trafficking of narcotics and firearms.” (Emphasis added.)
While the use of the FCPA against Cartels and TCOs is salutary, the Attorney General’s statement assuring other offenders that they are not likely to be criminally investigated or prosecuted is, at the very least, unconventional.
Regardless, no one should assume they may violate the FCPA with impunity. The statute of limitations for criminal prosecution under the FCPA is five years for corrupt payments, and six years for violation of the books and records and internal controls provisions. An FCPA violation in 2025 is therefore subject to criminal prosecution at least until 2030, by which time a different president, possibly one with different priorities, will be in the White House.
Moreover, the S.E.C., which is not part of the Department of Justice, has civil enforcement authority over FCPA violations by issuers, which (as of now) continues unabated. Any company or person subject to the FCPA would be well-advised to abide by it, thereby acting responsibly and maintaining a positive reputation for lawful conduct.
The FCPA can raise complex and challenging issues for U.S. companies that do business in foreign countries, and for foreign companies that do business in or through the United States.
SEC Extends Compliance Date for Short Sale Reporting Rule to 2026
On February 6, 2025, the SEC announced that it was providing a temporary exemption from compliance with Rule 13f-2 under the Securities Exchange Act of 1934 (the “Exchange Act”), which establishes a mandatory short reporting requirement for institutional investment managers. As a result, the first reporting deadline for reporting short position information on Form SHO confidentially with the SEC, covering the January 2026 reporting period, will be February 14, 2026. The extension follows concerns raised by market participants regarding operational and technical issues in developing the systems necessary to comply with the rule, as well as the SEC’s failure to release technical specifications for the reports until just before the winter holidays. This is a welcome respite for managers, provided one week in advance of the initial reporting deadline. In addition to the operational and technical issues noted by the SEC, we anticipate that the SEC will address the interpretive issues that managers and practitioners have identified when seeking to prepare their Form SHO filings, including providing additional clarity on the scope of equity securities subject to the reporting requirement.
As described in our previous Alert, Rule 13f-2 was originally adopted in October 2023 and requires certain institutional investment managers to report short sale data to the SEC on a confidential basis, which the agency would subsequently publish in aggregated form. The rule has faced legal challenges from industry groups, which argue that it exceeds the SEC’s authority under the Exchange Act. The lawsuit is in the Fifth Circuit U.S. Court of Appeals, which has already ruled against the SEC in the last year on challenges to other rules, although the agency has also prevailed in the circuit in recent years on cases involving its shareholder proposal rule and its modifications to Form N-PX. Oral arguments in the proceeding in this case on short sales reporting were heard in October 2024, but the court has not yet issued a ruling and so it remains ongoing.
Despite the change in Administration, it is likely that the SEC will continue to support the new short sale reporting rule and vigorously defend the agency’s position in court based on comments from the interim SEC Chairman. Indeed, if the rule is invalidated, the agency may well seek review in the Supreme Court, and might use its enforcement arm and other approaches more actively to address what the interim Chairman described last week, in announcing the compliance extension, as “abusive naked short selling as part of a manipulative scheme. . . .”
The SEC’s Exemptive Order can be found here.
SEC Cybersecurity Disclosure Trends: 2025 Update on Corporate Reporting Practices
Go-To Guide:
Since April 2024, 41 companies disclosed cybersecurity incidents via Form 8-K, with 26 filing under voluntary Item 8.01 and 15 under mandatory Item 1.05, which requires reporting if the incident had a material impact on the company.
Following the SEC’s May 2024 guidance clarifying that Item 1.05 is intended only for mandatory filings, companies appear to be increasingly filing voluntary non-material cybersecurity incidents under Form 8-K Item 8.01 rather than under Item 1.05.
Recent cybersecurity incident disclosures contain more detailed information about affected systems and compromised data, particularly in Item 1.05 filings, than the more general disclosures filed right after the rule became effective.
Some amended Form 8-K filings under both rules focus on operational recovery status and typically conclude no material impact occurred, even under Item 1.05 filings.
Six months after the SEC’s Cybersecurity Incident Disclosure Rule (SEC Rule) came into force, an April 2024 GT Alert summarized disclosure trends. The GT Alert identified that the companies who filed a mandatory form 8-K disclosing a cybersecurity incident had erred on the side of caution, hedged on whether the materiality threshold had been met or outright stated that it had not, reported an incident early, and provided only high-level information about the incident.
The SEC’s Division of Corporation Finance (Corp Fin) issued clarifying guidance on May 21, 2024, noting that companies were filing materiality disclosures under new Item 1.05 for incidents that did not rise to the level of a material adverse event. In other words, companies possibly afraid of being second-guessed were opting to report under Item 1.05 even when they determined that the cybersecurity incident did not have a material adverse event. The SEC’s guidance clarified that new Item 1.05 was only appropriate for cybersecurity incidents that had a material effect on the company and suggested companies could avail themselves of voluntary disclosure under Item 8.01 instead.
As a potential result of the May guidance, companies are increasingly filing non-material cyber incident disclosures under Item 8.01 of Form 8-K, while material incidents continue to be reported under Item 1.05. Since April 2024, 41 companies have filed a form 8-K to disclose a new cybersecurity incident, but 26 did so under 8.01 and 15 did so under 1.05.1 Additionally, companies are providing more detailed disclosures about affected systems and data, but amended filings often lack clarity on when additional information was discovered and primarily confirm the resumption of operations with no material impact.
SEC Rule Disclosure Requirements
As a recap, the SEC Rule requires the following:
1.
Disclosure Requirement: Companies must disclose material incidents within four business days of determining their materiality by filing a Form 8-K under Item 1.05.
2.
Materiality Determination: The assessment of materiality must happen without unreasonable delay after discovering the incident. A cybersecurity incident is material if it has a “substantial likelihood that a reasonable shareholder would consider it important” in making an investment decision or would have “significantly altered the ‘total mix’ of information made available.” There is no bright-line test for assessing materiality. When assessing materiality, the SEC directed public companies to consider both quantitative and qualitative factors, including the immediate consequences and long-term implications for operations, customer relationships, financial performance, brand reputation, and the likelihood of litigation or regulatory action.
3.
Delay Exception: The only reason to delay disclosure is a written request from the U.S. Attorney General to protect national security or public safety.
4.
Form 8-K Content: The form must include:
–
discovery date and status (ongoing or not),
–
description of the incident’s nature and scope,
–
information about stolen or altered data,
–
potential impact on operations, including financial effects, and
–
remediation efforts or plans.
5.
Amended Form 8-K Filing: Once this information becomes known, the SEC’s Final Rule requires companies to amend a prior Form 8-K to disclose any information called for that was unavailable at the time of the initial Form 8-K filing. Amendments must be filed within four business days after the company, without unreasonable delay, determines such information or within four business days after such information becomes available.
Emerging Cybersecurity Incident Disclosure Trends
Looking at the disclosures companies have made up until today, there are five emerging trends:
1.
Disclosures of non-material incidents are increasingly filed under Item 8.01. The SEC’s guidance was effective in providing a roadmap for public companies to disclose incidents deemed initially immaterial under Item 8.01. Since then, more companies have started using Item 8.01 to disclose non-material cybersecurity incidents in their 8-K filings.
2.
Uptick in companies reporting material impact. Since April 2024, there has been an uptick in companies disclosing a material impact of their cyber incidents under Item 1.05. Six out of 15 companies specified the material impact on their financial condition or results of operations in their disclosures under Item 1.05, whereas prior to April 2024, there were none. However, there are still no cases where the company later (in the amended Form 8-K) confirms that there was in fact material impact. So far, the amended disclosures conclude that there is no material impact or that material impact is reasonably unlikely.
3.
More detail in the disclosures. Companies are starting to include more details in their 8-K filings than the first half of 2024. For instance, companies report about the affected systems, particularly the impacted data, such as whether it contains sensitive personal information. On the other hand, filings under Item 8.01 have been considerably shorter, generally providing a high-level overview of the incident, as they do not need to meet the content requirements for the material incident disclosure under Item 1.05.
4.
Amended disclosures do not include the date when additional information was identified. While an amended Form 8-K must be filed within four business days after additional information becomes available, companies do not indicate the date when they became aware of additional information on the incident. Hence, it cannot be determined whether companies have met the timing requirement.
5.
Amended disclosures often focus on the resumption of operations and confirm no material impact has been identified. Generally, companies use the amended Form 8-K under both Items 1.05 and 8.01 (i) to indicate that they have resumed their normal business activities and (ii) to confirm that the incident does not or is unlikely to have a material impact.
1 This number excludes amended filings.
SEC Launches Crypto Task Force Website to Bring Clarity to Crypto Regulation
The U.S. Securities and Exchange Commission (SEC) has launched a ‘Crypto Task Force’ page on its website, outlining the agency’s crypto regulatory agenda under the agency’s new leadership. This initiative follows the exit of former SEC Chair Gary Gensler under President Trump’s administration and signals a move away from the SEC’s previous enforcement-driven stance on cryptocurrency.
A New Approach to Crypto Regulation
The task force, led by Commissioner Hester Peirce, aims to address long-standing regulatory confusion that has plagued the crypto industry in recent memory. Under prior leadership, the SEC frequently pursued enforcement actions without providing clear guidelines, leaving crypto projects uncertain about compliance. Peirce has been a vocal critic of this approach, arguing that the SEC’s inconsistent treatment of crypto assets has stifled innovation and forced companies to operate in a legal gray area—or leave the U.S. altogether.
The task force’s primary initiatives will include:
Defining which crypto assets qualify as securities. The SEC aims to establish clear criteria to determine which digital assets fall under securities laws, a move intended to resolve the legal uncertainty that has led to numerous court battles.
Providing temporary relief for token issuers. The agency aims to create a framework to allow token projects to provide updated disclosures instead of facing immediate enforcement after issuance, offering issuers a clearer pathway to compliance.
Exploring the possibility of registered token offerings. The SEC is considering adjustments to existing fundraising frameworks, such as Regulation A and crowdfunding rules, to make it easier for crypto startups to raise capital while maintaining compliance.
Developing guidelines for crypto custody, lending, and staking programs. Clear regulations will help issuers and institutional investors navigate the legal complexities of holding, staking and managing crypto assets.
Creating transparent criteria for crypto ETFs. The task force plans to dispel uncertainty around the approval process for crypto-backed ETFs by providing specific requirements for approval.
To encourage industry participation, the public can now submit feedback through the task force’s website, which will be post to the SEC’s website unless marked as confidential. Developers, investors, and other stakeholders can request meetings and contribute ideas to help shape the regulatory framework. The SEC also clarified that this platform is not for whistleblower complaints, which must still go through formal channels.
Balancing Regulation and Innovation
A key challenge for the task force will be balancing investor protection with industry growth. While the SEC aims to provide legal clarity, it has also made clear that it will not be giving crypto projects a free pass. Commissioner Peirce highlighted this balancing act: “We want a destination where builders can experiment without fear, but where fraudsters have no place to hide.”
To prevent regulatory overreach, the task force plans to work closely with Congress, the FDIC, the CFTC, and international regulators to ensure that crypto laws are consistent and do not overlap unnecessarily. With many crypto projects operating internationally, one possible solution Commissioner Peirce addressed is the creation of cross-border regulatory sandboxes, to allow crypto projects to test their models in a controlled environment without immediate legal repercussions. Should the Crypto Task Force execute on its promises, this would make the United States the first nation to provide a holistic framework for the oversight of the cryptocurrency industry.
After years of uncertainty, the SEC is finally taking steps toward a practical, industry-informed approach to crypto regulation. While there is still a long way to go, crypto oversight under the SEC now seems to have a clear direction—one that aims to strike a balance between innovation and compliance.
Listen to this post
Global Equity Plan Reporting Obligations for Calendar-Year 2025: Part One
Global equity plans are complex, and administration requires collaboration between various departments, including legal, human resources, payroll, and tax. Plan administrators (and their teams) should be aware of their reporting obligations with respect to international equity awards. Many reports can be submitted by the local entity’s payroll team; however, certain countries require separate standalone submissions.
In Depth
The following reference chart summarizes selected reporting requirements for equity plans with international grantees. This reference – part one of two – highlights year-end reports (i.e., reporting obligations for prior calendar-year 2024 activity) with deadlines through June 30, 2025. It also includes certain quarterly filings. This resource does not include initial registration/exemption applications, reports due upon equity grants, or other standard payroll/tax reports. Additionally, reporting obligations may differ if certain exemptions apply, if the company implements a recharge agreement, or if the local entity is involved with administration of the plan.
Country
Report Type
Award Types
Report Description
Frequency
Due Date
Philippines
Securities
All Equity Awards
Applies only to plans that have obtained a registration exemption from the Philippines Securities and Exchange Commission
Annually
January 10, 2025, for prior calendar year activity
Thailand
Securities
Options
Report option grants and exercises to the Thailand Securities and Exchange Commission
Annually
January 15, 2025, for prior calendar-year activity
China
Exchange Control
All Equity Awards
For State Administration of Foreign Exchange (SAFE)-registered plans, report plan activity via statutory form to the applicable SAFE office
Quarterly1
January 6, 2025, for prior calendar-quarter activity
Vietnam
Exchange Control
All Equity Awards
Report aggregate share value to the State Bank of Vietnam
Monthly2
January 12, 2025, for prior month activity
Saudi Arabia
Securities
All Equity Awards
Report plan activity via online portal or email inbox to Capital Markets Authority
Quarterly
As soon as administratively feasible following the end of Q4 2024 data
Malaysia
Tax
All Equity Awards
For each entity in Malaysia, report option exercises/RSU vesting via Form BT (Appendix C) to the Inland Revenue Board
Annually
February 28, 2025, for prior calendar-year activity
France
Tax
Tax-Qualified Options
Tax-Qualified Restricted Stock Units
For tax-qualified options that are exercised or restricted stock units that vest, distribute statement describing grant activity to employees. A copy must also be provided to the applicable tax office.
Annually
March 1, 2025, for prior calendar-year activity
Singapore
Tax
All Equity Awards
Distribute statement describing tax gains activity to employees via Form IR8A (Appendix A)
Annually
March 1, 2025, for prior calendar-year activity
Ireland
Tax
Option Awards
Report option-related activity via Form RSS1
Annually
March 31, 2025, for prior calendar-year activity
Tax
All Equity Awards, Excluding Options
Report all other equity-related activity via Form ESA
Annually
Japan
Tax
All Equity Awards
For Japanese affiliates that are 50%+ owned by a non-Japanese company or a Japanese branch of a non-Japanese company, report plan activity
Annually
March 31, 2025, for prior calendar-year activity
China
Exchange Control
All Equity Awards
For SAFE-registered plans, report plan activity via statutory form
Quarterly
April 3, 2025, for prior calendar-quarter activity
Singapore
Tax
All Equity Awards Eligible for Qualified Employee Equity-Based Remuneration Scheme
Submit application form for tax deferral eligibility to Comptroller of Income Tax
Annually
April 15, 2025, for prior calendar-year activity
Israel
Tax
All Equity Awards
Report plan activity via Israel Tax Authority online platform
Annually3
April 30, 2025, for prior calendar-year activity
SEC Issues Updated “Names Rule” FAQ
On January 8, 2025, the Securities and Exchange Commission’s (SEC) Division of Investment Management (Division) issued responses to certain frequently asked questions (FAQ) to the SEC’s 2023 adoption of amendments (Amendments) to Rule 35d-1 (Names Rule) under the Investment Company Act of 1940, as amended (Investment Company Act). The SEC’s Names Rule, originally adopted in 2001, requires a regulated investment fund to adopt a policy to invest at least 80 percent of the fund’s net assets (plus borrowings for investment purposes) in the types of investments or in investments in the particular industries, countries or geographic regions, suggested by such fund’s name (an 80 percent Investment Policy). The Amendments expanded the applicability of the 80 percent Investment Policy as described in our prior client advisory: SEC Adopts Amendments to ‘Names Rule’ Impacting Regulated Investment Funds.
The primary updates contained in the FAQ provide clarification regarding:
When and whether shareholder approval is needed in the event a regulated investment fund seeks to revise a pre-existing 80 percent Investment Policy or adopt a new one;
How the Names Rule applies to single-state tax-exempt funds and whether funds with the term “municipal” in their name are treated like tax-exempt funds under the Names Rule; and
Specific commonly used terms in regulated investment fund names that suggest a fund specializes in investments with particular characteristics.
These three areas are summarized in further detail below.
What circumstances require a fund to obtain shareholder approval before adopting or revising a fundamental 80 percent investment policy?
The Names Rule, as amended, requires a fund to provide 60 days’ prior notice to shareholders if there is any change to its 80 percent Investment Policy. However, if the 80 percent Investment Policy is a fundamental policy of the fund, explicit shareholder approval is required to revise such policy. Prior to the FAQ, the Names Rule and the Amendments were silent with respect to the circumstances in which shareholder approval would be required to adopt a new fundamental 80 percent Investment Policy and the types of revisions to a pre-existing fundamental 80 percent Investment Policy that would require shareholder approval.
The FAQ clarifies that shareholder approval is only required before adopting a new fundamental 80 percent Investment Policy if the new policy deviates from any of the fund’s other existing fundamental policies. Similarly, in the event a fund wishes to revise an existing fundamental 80 percent Investment Policy, shareholder approval is only necessary if the revisions to the existing policy represent a deviation from that original policy or any of the fund’s other existing fundamental policies.
To provide additional context as to what would constitute a deviation, the Division included a clarifying hypothetical where a fund with a fundamental 80 percent Investment Policy concerning equity investments which sought to revise the policy by adding reference to “growth” equity investments, would not be required to obtain prior shareholder approval to do so. This is because, in the Division’s view, while the revision references a specific type of instrument with particular characteristics, “growth” equity investments still fall under the broader category of equity investments expressed in the original policy, and thus would not be considered a deviation from it. Nevertheless, the Division emphasized that funds must also consider obligations beyond the Investment Company Act, such as state law or governing documents, that may require shareholder approval to adopt or revise a fundamental 80 percent Investment Policy.
Tax exempt funds
The FAQ also provides guidance on the Names Rule’s application to single-state tax-exempt funds. It notes that in instances in which a fund’s name suggests its distributions are exempt from both federal and state income tax (e.g., the Maryland Tax-Exempt Fund), such fund must either have a fundamental investment policy in place which provides for (i) the income from at least 80 percent of the value of the fund’s assets to be exempt from both federal income tax and the income tax of the state referenced in the fund’s name, or (ii) at least 80 percent of the distributed income from the assets that the fund invests in to be exempt from both federal income tax and the income tax of the state referenced in the fund’s name. Additionally, the FAQ clarifies that a security of an issuer located outside the state referenced in the single-state tax-exempt fund’s name may be included in the fund’s “80 percent investment basket” as long as the security pays interest that is exempt from both federal income tax and the tax of the state referenced in the fund’s name, and the fund reports in its prospectus that it may invest in tax-exempt securities of issuers located outside of the state referenced in the fund’s name.
The FAQ also confirms that funds with the term “municipal” or “municipal bond” in their names will be treated like tax-exempt funds under the Names Rule and will be expected to comply with Section (a)(3) of the Names Rule because the inclusion of such terms in a fund’s name indicates the fund’s distributions are exempt from income tax.
Specific terms commonly used in fund names
Lastly, the FAQ highlights several key terms commonly used in fund names and provides further insight as to the Names Rule’s application with respect to these terms.
Specifically, the FAQ clarifies the Division’s interpretation of the following terms:
“High-Yield” – The FAQ bifurcates funds that use the term “high-yield” in their name into two separate categories. The first applies to fund names which simply include the term “high-yield,” and the second applies to fund names which include the term “high-yield” in tandem with the terms “municipal” or “tax-exempt.” In the first case, the Division notes that the industry standard for the term “high-yield” generally denotes corporate bonds with lower credit ratings. Accordingly, in this case the Division interprets “high-yield” as referencing an investment with “particular characteristics,” meaning that funds with names employing such a term would be required to adopt an 80 percent Investment Policy specifically for corporate bonds with lower credit ratings. In the second case, the FAQ states that a fund would be required to adopt an 80 percent Investment Policy to invest in “municipal” or “tax-exempt” securities. However, due to the historical trend of funds that use the term “high-yield” in conjunction with “municipal” or “tax-exempt” in their names not always investing at least 80 percent of their assets in bonds that meet the funds’ high-yield rating criteria, the Division would permit a fund in this category to invest less than 80 percent of the value of its assets in bonds that meet the fund’s “high-yield” rating criteria. Additionally, the FAQ specifies that all funds using “high-yield” in their names, regardless of category, must still comply with the prohibition on materially deceptive or misleading names under Section 35(d) of the Investment Company Act.
“Tax-Sensitive” – The FAQ clarifies that funds with names that use the term “tax-sensitive” or some variation thereof (e.g., “tax-efficient,” “tax-advantaged,” “tax-managed” and “tax aware”) are not subject to an 80 percent Investment Policy with respect to such term because the Division interprets the term as describing the fund’s overall investment objectives rather than the particular characteristics of the investments composing the fund’s portfolio.
“Income” – The FAQ states that the use of the term “income” alone in a fund name does not require the fund to adopt an 80 percent Investment Policy, as the use of such term only indicates that a fund seeks to achieve current income as a portfolio-wide result. However, the adopting release for the Amendments indicates that if a term in a fund’s name could be reasonably understood to reference either a fund’s investments or a portfolio-wide result, such a fund would be required to adopt an 80 percent Investment Policy. Accordingly, the exact criteria are still unclear for when an 80 percent Investment Policy is required for a fund that has “income” in its name. The FAQ further explains that “income” used in the context of the term “fixed-income securities” would trigger the 80 percent Investment Policy requirement, as the Division would interpret the usage of such term in a fund name as sufficiently descriptive of an investment’s particular characteristics. While this provides some insight into the Division’s interpretation of the use of “income” in a fund’s name, the FAQ does not further elaborate on when the use of “income” would allude to fixed income securities.
“Money Market” – With respect to generic money market funds with names indicating that they invest in money market instruments (e.g., the “XYZ Money Market Fund”), the FAQ provides that such funds would not need to adopt an 80 percent Investment Policy to generally invest in money market instruments because adherence to Rule 2a-7 under the Investment Company Act already requires money market funds to invest solely in such instruments. However, the FAQ further clarifies that a fund using the term “money market” in its name would be required to adopt an 80 percent Investment Policy, so long as such fund name refers to specific money market instruments rather than simply using the generic term “money market.” To highlight this distinction, the FAQ includes the example of a fund with the name “XYZ US Treasury Money Market Fund” being required to adopt an 80 percent Investment Policy with respect to US Treasury securities.
Conclusion
As the December 11, 2025 Names Rule compliance date approaches, this FAQ should provide helpful guidance with respect to the Division’s interpretation of the usage of certain terms in fund names and the requirements that stem from usage of such terms. It is also important to note that these FAQs modify, supersede, or withdraw portions of FAQs released in 2001 in conjunction with the adoption of the Names Rule, and are inclusive of the Division’s reviews of no-action letters concerning adherence to the Names Rule. The Division released a useful chart highlighting the portions of the 2001 FAQs that have been modified, withdrawn or superseded, which can be found here. While these FAQs are helpful, uncertainty still remains regarding the timing of implementation of the Amendments in light of a recently issued Presidential executive order to delay the effectiveness of federal regulations that have not yet been enacted.
The SEC’s entire 2025 Names Rule FAQ is available here.
SEC’s Crypto Journey Continues
In a wide-ranging public statement entitled “The Journey Begins,” SEC Commissioner Hester Peirce previewed next steps for the SEC’s Crypto Task Force. As chair of the Crypto Task Force, Commissioner Peirce’s statement lays out a broad agenda for the SEC’s approach to cryptocurrency over the next four years.
The statement begins by criticizing the SEC’s past approach to crypto, noting:
it took us a long time to get into this mess, and it is going to take us some time to get out of it. The Commission has engaged with the crypto industry in one form or another for more than a decade. The first bitcoin exchange-traded product application hit our doorstep in 2013, and the Commission brought a fraud case that had a tangential crypto element that same year. In 2017, we issued the DAO Section 21(a) report, which reflected the first application of the Howey test in this context. Since then, there have been many enforcement actions, a number of no-action letters, some exemptive relief, endless talk about crypto in speeches and statements, lots of meetings with crypto entrepreneurs, many inter-agency and international crypto working groups, discussion of certain aspects of crypto in rulemaking proposals, consideration of crypto-related issues in reviews of registration statements and other filings, and approval of numerous SRO proposed rule changes to list crypto exchange-traded products.
Commissioner Peirce also sought to manage expectations about the timing and complexity of future SEC action:
Throughout this time, the Commission’s handling of crypto has been marked by legal imprecision and commercial impracticality. Consequently, many cases remain in litigation, many rules remain in the proposal stage, and many market participants remain in limbo. Determining how best to disentangle all these strands, including ongoing litigation, will take time. It will involve work across the whole agency and cooperation with other regulators. Please be patient. The Task Force wants to get to a good place, but we need to do so in an orderly, practical, and legally defensible way.
The statement hits libertarian notes, proclaiming, “In this country, people generally have a right to make decisions for themselves, but the counterpart to that wonderful American liberty is the equally wonderful American expectation that people must decide for themselves, not look to Mama Government to tell them what to do or not to do, nor to bail them out when they do something that turns out badly.” But Commissioner Peirce also warned that “SEC rules will not let you do whatever you want, whenever you want, however you want,” and that the SEC will not “tolerate liars, cheaters, and scammers.”
The heart of the statement lays out a 10-point, nonexclusive agenda for the SEC Crypto Task Force:
providing greater specificity as to which crypto assets are securities;
identifying areas both within and outside the SEC’s jurisdiction;
considering temporary regulatory relief for prior coin or token offerings;
modifying future paths for registering securities token offerings;
updating policies for special purpose broker-dealers transacting in crypto;
improving crypto custody options for investment advisers;
providing clarity around crypto lending and staking programs;
revisiting SEC policies regarding crypto exchange-traded products;
engaging with clearing agencies and transfer agents transacting in crypto; and
considering a cross-border sandbox for limited experimentation.
Commissioner Peirce’s statement concludes with instructions on how to engage with the Crypto Task Force, both in writing and in person.
Dropbox Discloses Plan to Move to Nevada
Home Means Nevada
While it remains to be seen, 2025 may go down in history as the year of Dexit. A few weeks ago, I wrote that several companies that had filed proxy materials proposing to reincorporate from Delaware to Nevada. Last Friday, Dropbox, Inc. filed a preliminary information statement with the Securities and Exchange Commission disclosing stockholder approval by written consent of a reincorporation of the company from Delaware to Nevada. In explaining the move, Dropbox took aim at, among other things, the litigation environment in Delaware:
As described above, the Company is in a transformational period. The evaluation committee and our board of directors determined that it is important for the Company to be able to operate with agility during this period of business transformation and that it would be competitively advantageous for the Company to have a predictable, statute-focused legal environment during a time of rapid business change. The evaluation committee and our board of directors considered Nevada’s statute-focused approach to corporate law and other merits of Nevada law and determined that Nevada’s approach to corporate law is likely to foster more predictability than Delaware’s approach. Among other things, the Nevada statutes codify the fiduciary duties of directors and officers, which decreases reliance on judicial interpretation and promotes stability and certainty for corporate decision-making. The evaluation committee and our board of directors also considered the increasingly litigious environment in Delaware, which has engendered less meritorious and costly litigation and has the potential to cause unnecessary distraction to the Company’s directors and management team and potential delay in the Company’s response to the evolving business environment. The evaluation committee and our board of directors believe that a more predictable legal environment will better permit the Company to respond to emerging business trends and conditions as needed.
In other news, Mike Isaac and Eli Tan at The New York Times wrote:
Meta [Platforms, Inc.], the owner of Facebook, Instagram and WhatsApp, is considering changing where it is incorporated from Delaware to another state, two people with knowledge of the matter said.
Perhaps not coincidentally, Andrew Houston is the Chief Executive Officer and Chairman of Dropbox and a member of the Board of Directors of Meta.
Report Concludes SEC’s Whistleblower Program is a Resounding Success and Essential to Investor Protection
Success of the SEC Whistleblower Program
Benjamin Schiffrin, Director of Securities Policy at Better Markets, published a report titled The SEC’s Whistleblower Program Is Key to Protecting the Economy and Main Street Americans’ Wallets, which concludes that the SEC whistleblower program “has benefited investors by allowing the SEC to pursue enforcement actions resulting in more than $6 billion in monetary sanctions” and identify misconduct that the SEC might not otherwise uncover.
The report identifies additional indications of the success of the SEC whistleblower program:
Whistleblower disclosures result in the return of funds to harmed investors.
In FY 2024, the SEC received approximately 24,980 whistleblower submissions, and whistleblowers have filed over 100,000 disclosures since the inception of the program.
Taxpayers benefit from this critical enforcement tool without having to pay awards from appropriated funds. The awards are paid from the monetary sanctions that the SEC recovers from fraudsters.
Whistleblower confidentiality is a cornerstone of the SEC whistleblower program. Permitting whistleblowers to report anonymously through counsel protects whistleblowers from retaliation and “protects the ensuing investigation by preventing a company from learning that the SEC knows about the misconduct and possibly destroying evidence.”
SEC Whistleblower Program Key to Investor Protection
The report finds that the SEC is already underfunded and lacks the resources necessary to monitor the increasingly complex capital markets and “protect investors from potential misconduct at 33,000 regulated entities, 8,300 reporting companies, and 56,000 private funds.” If Congress forces the SEC to downsize the Division of Enforcement, the SEC would need more help in holding fraudsters accountable and therefore whistleblowers will continue to play a vital role in assisting the government in identifying and prosecuting misconduct. The violations that whistleblowers report to the SEC primarily concern manipulation, offering fraud, corporate disclosures, and crypto fraud.
Suggestions to Improve the SEC Whistleblower Program
Better Markets makes two suggestions to improve the SEC whistleblower program:
Do a Better Job of Communicating with Whistleblowers: “Many whistleblowers receive confirmation that the SEC received their tip and then never hear from the agency again. This makes it difficult for whistleblowers to know how to proceed . . . Communicating with whistleblowers is especially important because it can take years for the SEC to receive a tip, investigate, bring an action, obtain sanctions, and issue an award.”
Provide More Information to Enable the SEC to Understand the Benefits of the Whistleblower Program: “[T]he whistleblower program would benefit from the public’s greater understanding of the assistance that whistleblowers provide . . . and the value to the public of the whistleblower having identified the relevant misconduct.”
Preparing for EDGAR Next: Considerations for Existing and Prospective SEC Filers
Highlights
The SEC has adopted amendments aimed at modernizing and enhancing the security of its EDGAR system
Compliance with the amendments will require existing EDGAR filers to complete a one-time enrollment process, while new applicants for EDGAR access will benefit from automatic enrollment
Existing filers will have from March 24, 2025, through Dec. 19, 2025, to complete EDGAR Next enrollment
The Securities and Exchange Commission (SEC) adopted a series of rule and form amendments on Sept. 27, 2024, concerning access to and management of accounts on its Electronic Data Gathering, Analysis, and Retrieval system (EDGAR). The amendments – designed to enhance the security of EDGAR, improve the ability of filers to manage their EDGAR accounts, and modernize connections to EDGAR – are collectively referred to as EDGAR Next.
EDGAR Next will change how electronic filers and their representatives interface with EDGAR. Currently, the SEC assigns each electronic filer a set of access codes. Any individual in possession of a filer’s access codes may access the filer’s EDGAR account, view and make changes to the information maintained therein, and transmit filings and correspondence to the SEC on the filer’s behalf. EDGAR Next will retire the majority of these codes and require that filers authorize specific individuals to perform these functions. Individuals seeking to access a filer’s account will be required complete a multifactor authentication of their identity.
To permit a streamlined application process for new and prospective electronic filers, the SEC has adopted an amended version of Form ID, the successful submission of which will enroll the applicant automatically in EDGAR Next.
Effective and Compliance Dates
These are important dates to keep in mind.
March 24, 2025: The EDGAR Next Filer Management dashboard goes live, allowing existing filers to begin enrollment in EDGAR Next. New filers become required to apply for EDGAR access on the amended version of Form ID. Successful new applicants are automatically enrolled in EDGAR Next. Legacy filing processes remain available to enrolled and unenrolled filers through Sept. 12, 2025.
Sept. 15, 2025: The initial EDGAR Next enrollment window ends and compliance with EDGAR Next security protocols becomes required of all filers. Existing filers who have not enrolled in EDGAR Next by this time are not able to take actions in EDGAR other than enroll. Enrollment continues to be permitted for a three-month grace period.
Dec. 19, 2025: The grace period for EDGAR Next enrollment ends. Existing filers who have not enrolled become required to reapply for EDGAR access on an amended Form ID.
EDGAR Next Roles and Permissions
EDGAR Next requires each electronic filer to authorize and maintain at least two individuals (or one, in the case of a filer that is an individual or single-member company) as account administrators. Account administrators manage the filer’s EDGAR account, make submissions on behalf of the filer, serve as points of contact for SEC staff, and authorize and de-authorize other account administrators, users, delegated entities and technical administrators.
A filer may empower up to 20 account administrators. All account administrators are co-equal, possessing the same authority and responsibility to manage the filer’s EDGAR account. Actions that are required to be performed by account administrators can be performed by any account administrator individually and do not require joint action.
Filers – through their account administrators – optionally may authorize:
Users: Individuals permitted to view basic information about the filer and transmit filings on behalf of the filer, but lacking administrative privileges to make changes to the filer’s account.
Delegated Entities: Entities, authorized representatives of which are permitted to view basic information about the filer and transmit filings on behalf of the filer but lack administrative privileges to make changes to the filer’s account. A delegated entity must possess an EDGAR account. A delegated entity’s account administrators are considered delegated account administrators in respect of a delegating filer’s EDGAR account; delegated account administrators may authorize delegated users in respect of a delegating filer’s EDGAR account.
Technical Administrators: Individuals permissioned to manage the technical aspects of a filer’s connection to EDGAR application programming interfaces (APIs), including the issuance, sharing and deactivation of API tokens. Connection to EDGAR APIs is optional, however, filers electing to connect to APIs must authorize and maintain at least two technical administrators.
It is expected that many filers will leverage API connections maintained by filing agents; such filers will not be required to maintain their own technical administrators. Filers should contact their filing agents for information regarding whether and how such agents anticipate leveraging API connections.
Accessing EDGAR and the EDGAR Next Dashboard
All account administrators, users, and technical administrators will be required to complete a multifactor authentication when accessing the EDGAR Filing and OnlineForms websites, as well as when interacting with the EDGAR Next Filer Management Dashboard. The individual account credentials used for this purpose must be obtained through login.gov, the U.S. General Services Administration’s secure sign-in service.
Once a year (at the quarter end of their choosing), filers will reconfirm their account administrators, users, delegated entities and technical administrators through a check-the-box election on the EDGAR Next Filer Management dashboard. Account administrators separately may authorize or de-authorize account administrators, users, delegated entities and technical administrators at any point throughout the year.
Enrolling in EDGAR Next
Existing filers that maintain current EDGAR access codes will enroll in EDGAR Next through the EDGAR Next Filer Management dashboard. Existing filers will not be required to submit an amended Form ID application or present supplemental documentation to SEC staff; they need only provide the names and contact information of their initial account administrators. Filers must provide the email address associated with each initial account administrator’s login.gov account.
Bulk enrollment of existing EDGAR accounts will be permitted to further streamline the enrollment process. The EDGAR Business Office anticipates that the majority of enrollment requests will be processed in minutes.
Prospective filers seeking to obtain EDGAR access for the first time, as well as existing filers that have lost access to EDGAR or failed to enroll in EDGAR Next by Dec. 19, 2025, will be required to submit an amended Form ID application. The amended Form ID includes a section allowing applicants to identify account administrators. If an applicant wishes to appoint an account administrator not employed by the applicant, the applicant must present a notarized power of attorney indicating that the prospective account administrator is duly authorized to manage the applicant’s EDGAR account. The EDGAR Business Office anticipates that amended Form ID applications will be processed on the same timetable as current Form ID applications.
Account Management and Filing Considerations for Entities
The SEC recommends that all filing entities, including single-member entities, authorize at least two account administrators. Filing entities are permitted, but not required, to designate employees as account administrators.
Currently, many entities liaise with law firms and third-party filing agents to transmit filings and correspondence to the SEC. EDGAR Next will continue to permit this. Law firms and filing agents will offer varying service models. Two anticipated common models are:
Full-Service Model: Some law firms and filing agents will offer end-to-end service, preparing and transmitting filings and correspondence to the SEC on behalf of clients. Firms and agents offering full-service models will generally act as delegated entities in respect of client EDGAR accounts; some may permit their representatives to act as account administrators or users of client accounts.
Self-Service Model: Some law firms and filing agents will offer more limited, self-service models. Firms and agents offering self-service models may provide clients with access to filing software and/or otherwise support clients in preparing and transmitting filings and correspondence via EDGAR, but generally will not require that clients delegate to them.
Account Management and Filing Considerations for Individuals
The SEC recommends that all individual filers authorize at least two account administrators. Individual filers are permitted, but not required, to act as their own account administrators.
Currently, many individual filers authorize trusted third parties (such as law firms, filing agents or related registrants) to access their EDGAR accounts and make SEC filings on their behalf. EDGAR Next will continue to permit this. A non-exhaustive list of options for individual account management are:
Self-Administration: Some individual filers will act as their own account administrators, authorizing trusted third parties as users and delegating to law firms, filing agents or registrants, empowering such users and delegated entities to make filings on their behalf while retaining personal control over the maintenance of their EDGAR account.
Close Administration: Some individual filers will authorize a close group of trusted third parties to act as account administrators, permitting such account administrators to maintain their EDGAR account and authorize users and delegated entities to make filings on their behalf.
Decentralized Administration: Some individual filers will authorize a larger group of account administrators. For example, a Section 16 insider who sits on the board of several public companies may authorize one or more account administrators at each company, permitting each account administrator to authorize users and delegate to preferred filing agents.
Preparing for What’s “Next”
To get a jump on preparing for enrollment in EDGAR Next, existing filers should:
Locate and validate their current EDGAR access codes (i.e., CCC, password and passphrase)
Identify the individual responsible for enrolling them in EDGAR Next
Determine the individuals and entities that will act as account administrators, users, delegated entities and technical administrators (if applicable)
Ensure that all desired account administrators, users, and technical administrators maintain login.gov credentials
Connect with law firms and filing agents (as applicable) regarding their service offerings
Takeaways
EDGAR Next offers a more secure, modernized connection to EDGAR, and its Filer Management dashboard provides a more intuitive, user-friendly interface for interaction with EDGAR. Filers should plan to devote time and attention to preparing for, enrolling in and becoming comfortable navigating the new system.
Nasdaq Diversity Rules Struck Down
On December 11, 2024, in a 9–8 decision, the US Court of Appeals for the Fifth Circuit struck down the Nasdaq Stock Market’s board diversity rules, holding that the Securities and Exchange Commission (SEC or Commission) exceeded its statutory authority when it approved them. As a result of the ruling, Nasdaq-listed companies no longer need to comply with Nasdaq’s board diversity requirements.
Adopted in 2022, the board diversity rules required Nasdaq-listed companies to disclose board diversity data in a standardized board diversity matrix. The rules required that Nasdaq-listed companies either (i) had to have at least one female director and at least one director who self-identified as an underrepresented minority or LGBTQ+, or (ii) had to explain why they did not have the requisite number of diverse directors on the board. The rules required companies to disclose director diversity information in the board diversity matrix annually in the company’s proxy statement or on the company’s website.
In its opinion, the court discussed the process by which self-regulatory organizations (SROs), like Nasdaq, may change their rules. Like all other SROs, Nasdaq must submit its proposed rule changes to the SEC for approval, and the SEC must approve a proposal only if it finds that the proposed rule is consistent with the requirements of the Securities Exchange Act of 1934. In order for the rule to be consistent with the requirements of the Exchange Act, it must be “related to the purposes of the Exchange Act.” The court stated that “Congress passed the original Exchange Act primarily to protect investors and the American economy from speculative, manipulative, and fraudulent practices.” While the court noted that “there are other, ancillary purposes” for the Exchange Act, “disclosure of any and all information about listed companies is not among them.” The court concluded that the SEC’s actions implicated the major questions doctrine and that, absent a clear congressional directive, the agency lacked the statutory authority to authorize the rule. The major questions doctrine is based “on the principle that administrative agencies have no independent constitutional provenance.” Rather, they “possess only the authority that Congress has provided.” The court noted that “disclosure is not an end in itself but rather serves other purposes.” Further, the court stated that a “disclosure rule is related to the purposes of the Exchange Act only if it is related to the elimination of fraud, speculation, or some other Exchange Act-related harm.” By vacating the rules, the court concluded that the Nasdaq diversity rules were not related to the purposes of the Exchange Act.
In the immediate aftermath of the court’s decision, Nasdaq indicated that it did not intend to appeal the court’s decision, while the SEC said it was “reviewing the decision and will determine next steps as appropriate.” However, on January 16, 2025, Nasdaq filed a proposal with the SEC seeking to remove the board diversity provisions from the Nasdaq rules to reflect “a Federal court’s vacatur of the Commission’s order of August 6, 2021, approving rules related to Board diversity disclosures.” Nasdaq requested that the Commission waive the operative delay to allow the proposed rule change to become effective on February 4, 2025.” On January 24, 2025, the SEC declared the proposal to be immediately effective. These actions by Nasdaq and the SEC make it clear that diversity rules are no longer in effect. Therefore, companies are no longer required to comply with the rules and may choose to remove their Nasdaq-specific board diversity matrices from their websites and proxy statements.
While disclosure under Nasdaq’s diversity rules is no longer required, companies may still have compelling reasons for including board composition and diversity disclosure in their proxy statements in view of the policies of proxy advisory firms and institutional investors. Depending on a company’s investor base, these policies may be a reason, among others, for continuing to publicly disclose certain aspects of board diversity and seek diverse board members.
SEC and CFTC Extend Compliance Date for Form PF Amendments
On January 29, 2025, the Securities and Exchange Commission (“SEC”) and Commodity Futures Trading Commission (together, the “Agencies”) jointly announced that the compliance date for the new Form PF would be extended by three months, from March 12, 2025 to June 12, 2025.[1]
Filers whose fiscal quarter ended on December 31 will now have an extra three months to comply with the amendments to Form PF. The amendments increase the amount of information advisers to all private funds must report, though advisers to hedge funds are particularly affected due to requirements to report exposure to specific counterparties, investments, countries, currencies, industries and central clearing counterparties, among others.
The new compliance date for Form PF is June 12, absent further delays. After the compliance date, the first filings required on the new form will be:
For Large Hedge Fund Advisers (Quarterly Filers): the filing covering Q2 2025, due on August 29, 2025.[2]
For other Advisers (Annual Filers): the filing covering the full year 2025, due on April 30, 2026.
As a result of the amendments, filers that have a due date for a filing before the new compliance date will be permitted to use the old version of the form for that filing. In particular, most annual filers will be able to use the old form for their filing covering 2024, which is due 120 days after fiscal year end.[3] Most quarterly filers will be able to use the old form for their filing covering Q4 2024.
The Agencies stated that the extension is designed to mitigate some of the technological and administrative challenges associated with the amendments, and to provide more time for filers to adjust their internal systems for the new requirements. The Agencies have not yet published an XML schema for filers to use to prepare test filings, which may be related.[4] The delay is not as long as the delay requested by the industry (September 12, 2025), which the Agencies stated balanced the needs of filers against those of the Agencies and the Financial Stability Oversight Council in receiving the additional information. Because there are currently only three Commissioners on the SEC, the action required the consent of all three;[5] it is unclear whether this indicates that the SEC will be more willing to accommodate reasonable extension requests in the future.
_______________
[1] The compliance date was extended, meaning filers are not required to use the new form until the first filing due after June 12. Because the rule will still go into effecton March 12, filers will be permitted to use the new form if they would like. The SEC has historically taken the position that if a filer avails itself of any aspect of an effective rule with a delayed compliance date, it must fully comply with the new rule.
[2] Large Liquidity Fund Advisers, a separate category of quarterly filers from Large Hedge Fund Advisers, must make their quarterly filing within 15 days of quarter end.
[3] For filers with a fiscal year ending on December 31, which the SEC estimates includes approximately 99.6% of advisers. Depending on the date their fiscal year ends, other filers will need to begin filing on the new form at different times.
[4] The Agencies have previously stated that they intend to publish the schema in early February 2025.
[5] Any single Commissioner is currently able to prevent any action by the SEC simply by not showing up at a meeting, preventing the SEC from achieving a quorum.