Last week, the U.S. Securities and Exchange Commission released its proposed climate-related disclosure rule that, if ultimately approved, will stand as one of the most comprehensive and complex disclosure initiatives in decades. The SEC’s proposed rule would require registrants to disclose a tidal wave of information in annual reports and registration statements regarding, among other things, climate-related risks, governance and risk management information about board and management processes around climate-related risks, various climate-related expenditures in their financial statements, and certain greenhouse gas (GHG) emission information. As detailed below, the SEC’s proposal would result in a tectonic shift for how public companies assess, track, measure, and disclose climate-related risks, would likely necessitate significant changes to management and board processes and composition, and expose public companies to increased litigation and enforcement risk.
Brief History of the SEC’s Consideration of Climate-Related Disclosures
Although the agency’s recent focus on disclosure and governance issues related to climate and the environment may seem new, the SEC has commented on these issues dating back to the 1970s. For example, in 1971, the agency issued an interpretive release stating that registrants should consider disclosing the financial impact of compliance with environmental laws, provided such information was material, in their SEC filings. In 1975, it considered a variety of “environmental and social” disclosure matters, as well as its own authority and responsibilities to require disclosure under the federal securities laws.
But the SEC’s focus on these issues crystalized in the past 12 years. In 2010, the SEC issued interpretive guidance on disclosure rules that may have required a registrant to disclose climate-related risks, trends and impacts. The guidance highlighted that climate-related risks and trends—and a company’s policies for communicating such information to its management—may implicate long-standing reporting and disclosure controls and procedures requirements under the Securities Exchange Act of 1934 and Regulation S-K. As a result, under the current and long-standing disclosure regime, public companies typically need to deal with two categories of climate-related—and, more broadly, ESG-related—disclosure obligations: (1) principles-based disclosure assessed within the context of materiality; and (2) specific regulations—typically under Regulation S-K—that implicate various environmental disclosures (along with other social and governance requirements). In March 2021, then-acting SEC Chair Allison Herren Lee requested public input from investors, registrants and other market participants about climate-related disclosures. Thousands of commenters responded, which set the stage for the SEC’s 510-page rule proposal last week.
Publisher’s Note: The Texas Lawbook is hosting a CLE program (in-person and virtual) on Tuesday, April 5 covering key developments and enforcement trends at the Securities and Exchange Commission. SEC Regional Director David Peavler will be joined by an expert panel featuring Exxon Mobil Assistant General Counsel David Woodcock, former regional director of the FWRO; Vinson & Elkins partner Rebecca Fike, former senior counsel for enforcement at the SEC; Holland & Knight partner Jessica Magee, ex-associate director of enforcement at the SEC; and Ankura senior managing director Steven Richards. Registration is complimentary for premium subscribers and in-house counsel and $30 for general admission. Please email us if you are interested in attending.
Summary of the Proposed Rule
On March 21, 2022, the SEC proposed widespread disclosure obligations that, if approved, will have a seismic impact on not only reporting companies but also on many service providers and suppliers associated with these registrants. The SEC’s proposed rule would require registrants to disclose:
• “climate-related risks” that are “reasonably likely to have a material impact” on its business or consolidated financial statements—which may manifest over the short, medium and long term—in its registration statements and annual financial reports, along with the actual and potential impacts of such risks;
• certain governance and risk management information about the company’s board and management, including identifying members who are responsible for climate-related risk oversight, the processes for such oversight, and the manner in which a company’s management engages in climate-related target- and goal-making;
• certain GHG emissions metrics around what are commonly classified as Scope 1 (emissions from operations owned and controlled by registrant), Scope 2 (indirect GHG emissions from generation of purchased or acquired electricity, steam, heat or cooling) and, subject to certain limitations, Scope 3 (all indirect GHG emissions not otherwise included which occur in the upstream and downstream activities of a registrant’s “value chain”) emissions, with certain filers needing to include a third-party attestation report regarding its GHG emissions;
• certain financial statement metrics under Regulation S-X on a line-item basis concerning (a) the financial impact of “severe weather events and other natural conditions” and “transition activities,” (b) the aggregate amount of expenditures or capitalized costs associated with expenditures to mitigate the risks of “severe weather events and other natural conditions” and “transition activities” and (c) certain qualitative descriptions of financial estimates and assumptions impacted by climate-related risks;
• certain climate-related targets or goals, if the company has set them, along with timelines for meeting each target, the registrant’s plan for meeting its goals, data indicating progress made toward achieving the goals and certain information about carbon offsets or renewable energy certificates if used by the registrant; and
• processes for identifying and managing climate-related risks and opportunities and how those processes fit into the registrant’s greater risk management system.
As detailed in the proposed rule, these obligations would be subject to different phase-in periods, depending on the type of disclosure and category of filer.
Key Takeaways
If approved, the proposed rule will result in an historic shift for public reporting companies. Although the full practical impact of the proposed rule remains to be seen, several consequences are immediately apparent. Given the SEC’s current composition and commissioners’ statements after the release, it is likely that the final version of the rule will be very similar to the current proposal. Accordingly, registrants should strongly consider preparing their organization and key stakeholders now for these changes. Below are some key takeaways from the current rule proposal.
Registrants should prepare to assess climate-related risks across their entire supply chain.
The crux of the proposal lies in the definition of “climate-related risks,” a term referenced more than 370 times in the proposed release. The proposed rule defines “climate-related risks” in a manner that will require companies to engage in materiality assessments for these risks across their entire supply chain. Under the proposed rule, “climate-related risks” are defined as “the actual or potential negative impacts of climate-related conditions and events on a registrant’s consolidated financial statements, business operations, or value chains, as a whole.” In turn, “value chain” is proposed to be defined as “the upstream and downstream activities related to a registrant’s operations.” The SEC specifically notes that this term “may include activities by a party other than the registrant” as it relates to the sourcing, processing, transportation, distribution, finishing and/or sale of its products.
The implications for these proposed definitions cannot be overstated. For example, for multinational corporations with supply chains around the world, the proposed rule necessitates materiality assessments for each vendor and supplier. Although disclosures are only required for climate-related risks that are “reasonably likely to have material impacts on its business or consolidated financial statements,” companies may well have to engage in materiality assessment up and down their entire “value chain” to determine whether such risks exist and are material for purposes of disclosure.
SEC proposes to make certain information per se material.
Historically, and still today, materiality has been the guiding principle for whether and what a company must disclose to its investors.
Under the proposed rule, however, registrants will be required to disclose certain climate-related information without regard for whether that information is material to a reasonable investor. For example, under proposed Item 1503(c), if the registrant has adopted a transition plan as part of its climate-related risk management strategy, the registrant must update its disclosure about the transition plan each fiscal year by describing the actions taken during the year to achieve the plan’s targets or goals, even if there have not been material developments under the plan. As proposed, it appears that the SEC is categorizing certain information—such as the progress under certain transition plans or lack thereof—as per sematerial. We expect commenters to unpack this issue during the comment process.
The SEC continues to expand governance-related disclosures.
The SEC followed the same approach it took with its recent proposed cybersecurity rule for public companies and continues its proposed expansion of governance-related disclosure requirements. Indeed, proposed Item 1501 of Regulation S-K will likely influence public companies to adapt their climate-related risk board governance and management so that they will be viewed favorably in light of the specific disclosure requirements. Similar to what Commissioner Hester Peirce noted in her opposition to the SEC’s recent cybersecurity rule proposal, public companies will now have to devote increased time and financial resources to climate-related risk management, governance and oversight to—if nothing else—avoid appearing as if they do not take climate-related risks as seriously as other companies. Additionally, this will result in public companies competing for the limited supply of climate-related experts who also qualify to serve as board members and public company executives. Moreover, as detailed further below, such detailed disclosure about company processes for assessing climate-related risks exposes registrants to Monday morning quarterbacking by private litigants and the SEC if and when a climate-related disaster impacts a company’s operations.
PSLRA safe harbors are limited.
The SEC repeatedly emphasized—nearly 80 times in the release—the applicability of forward-looking statement safe harbors under the Private Securities Litigation Reform Act. Although the PSLRA safe harbor could apply in certain instances, the SEC spent far less time acknowledging that these safe harbors are limited in key instances. First, the PSLRA safe harbor does not apply to information in registration statements, where public companies will need to disclose this information. Second, the SEC acknowledged that the safe harbor does not limit the SEC’s ability to bring enforcement actions against registrants for misleading or inaccurate disclosures or other failures under the federal securities laws. Third, the agency only included one proposed, specific exemption—for Scope 3 GHG emissions—from possibly being deemed a fraudulent statement under the antifraud provisions of the Securities Act of 1933 or the Securities Exchange Act of 1934. Even then, the exemption is subject to a carve-out, namely that parties can pierce this proposed exemption if they can establish that “such statement was made or reaffirmed without a reasonable basis or was disclosed other than in good faith.” Accordingly, although the SEC can credibly point to forward-looking safe harbors, they are not ironclad and don’t fully insulate public companies from possible SEC enforcement actions or other private litigation.
More potential avenues for SEC enforcement.
Although fraud-related enforcement actions by the SEC are what first comes to mind when considering the potential liability associated with these new disclosure requirements, fraud is not the only arrow in the SEC’s quiver. Indeed, the SEC has utilized “controls” provisions of the federal securities laws in enforcement actions over the years. For example, the SEC charged First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. Additionally, the SEC frequently utilizes the “reporting provisions” under Section 13 of the Exchange Act for non-scienter violations. The SEC’s Division of Enforcement could rely on both of these provisions as a basis for charging companies in connection with disclosures required by the proposed rule.
It is unclear if the SEC’s Division of Enforcement will be judicious in its enforcement approach. By analogy, under the prior administration, as public companies dealt with the evolving world of cybersecurity risks and disclosures, the Division of Enforcement rarely utilized enforcement actions against public companies. In the SEC’s only enforcement action against a public company for cybersecurity disclosures prior to last year, then Division of Enforcement Co-Director Steve Peikin noted in a press release that “[w]e do not second-guess good faith exercises of judgment about cyber-incident disclosure. But we have also cautioned that a company’s response to such an event could be so lacking that an enforcement action would be warranted.” Although we hope the Division of Enforcement will be similarly circumspect on how it utilizes its enforcement powers in this space, the agency’s current approach to enforcement generally, and its continued use of non-scienter and controls-based provisions for enforcement actions, suggests rocky seas for public companies on the enforcement front after final rule adoption and implementation.
Legal Challenges Ahead?
Although the comment process must play out and the SEC will need to formally adopt a rule, we expect the rule to be subject to several legal challenges. For example, we expect to see petitioners utilize the playbook in Business Roundtable v. SEC and argue the SEC (1) failed to adequately consider the rule’s effect upon efficiency, competition and capital formation as required by Section 3 of the Exchange Act, and (2) neglected its statutory obligation to assess the economic consequences of the Exchange Act rule on public companies. Additionally, as Commissioner Peirce raised in her opposition statement to the proposed rule, we expect petitioners to draw from the Supreme Court’s opinion in Utility Air Regulatory Group v. E.P.A. to argue the SEC has gone beyond its statutory authority to regulate “a significant portion of the American economy. …”
In closing, even without a final climate-related disclosure rule in place, public companies will need to move now to prepare for the impending storm.
Scott Mascianica is a partner at Holland & Knight in Dallas and editor of the firm’s SECond Opinion’s Blog. He is a former assistant regional director for enforcement at the SEC and ex-special assistant U.S. attorney for the U.S. Attorney’s Office for the District of Colorado.
Catherine Rowsey is a partner at Holland & Knight in Dallas. She focuses her practice on complex commercial litigation and arbitration matters, government investigations and enforcement actions, and corporate governance and internal investigations.
Jessica Magee is a partner at Holland & Knight in Dallas and editor of the firm’s SECond Opinion’s Blog. She is a former associate director of enforcement at the SEC and has significant experience with investigations and litigation involving alleged accounting or disclosure fraud, offering fraud, insider trading, alleged wrongdoing in connection with initial coin offerings and cryptocurrencies, failure to register, investment adviser and broker dealer duties and conduct.