You are invited to join my June 13 (7:30 EDT) webcast on which I will read from, and discuss, poetry from my first book, Messing Around With Words. I am pretty excited about publishing the book, which I have written over many years. I do hope you can join me for a fun half hour or so, you can pose questions and I will try to explain what a business lawyer thinks he is doing writing poems. Here is the link to sign up.
The art for corporate cyber security is not to prevent people from breaking in; it is to prevent them from breaking out with what they came for.
Boards of directors should not obsess about the technology; they should think about the behavior of human beings.
The best way to protect corporate information is to think about access; as doing business will in the future involve substantial exposure to electronic storage of data, how should you think about cordoning information off so that the wrong people do not have access in the first place?
These were among the issues highlighted by an expert cyber panel at this Tuesday morning’s conference in Waltham sponsored by the New England Chapter of the National Association of Corporate Directors. Speakers included Matt Moynahan, CEO, Force Point (the second largest cyber security company in the world); Retired Coast Guard Rear Admiral Mary Landry (formerly a White House Advisor and now a Corporate Board Member); Special Agent David Farrell of the Counterintelligence Branch of the Boston Office of the FBI; and Tom Reagan with Marsh Financial (the New York Office where they advise and insure companies against cyber risk).
What should directors do? Mostly, they should think. Do not get buried in the details of a report from your IT Department; it does not matter how many emails have been reviewed and how many phishing efforts have been caught by electronic defenses. Bad people will get into your system. Have you thought about what you most want to protect, and have you thought about which people might have access to it, and have you asked company management to report on the steps they have taken to prevent insiders and outsiders from being able to reach and export this information?
A sobering takeaway: According to Moynahan, in spite of the billions spent on cyber security, hackers enjoy 95% success for breaking in, and 80% of data breaches are caused by one’s own employees either through malice or their credentials being stolen and utilized for entry.
I had the pleasure of moderating this panel discussion, and will be pleased to receive your comments on cyber security and the role of the board of directors.
There is pending litigation, just argued orally before the Delaware Chancery Court, wherein a stockholder is challenging the grant to Elon Musk of a compensation package arguable worth up to $55 Billion over ten years. The huge number is based on shares of stock issuable in the future on the condition that Tesla meets certain performance goals. The complaint was that the Board compensation committee was hopelessly enamored with Musk and that the stockholder vote approving the package was passed by a majority of shareholders present (not a majority of the total number of shares issued).
The narrow legal ground is whether this was such a cozy deal that the bottom-line result, approved in the manner that it was, nonetheless is subject to judicial revue under what is called the “entire fairness” test. The grant of compensation under Delaware law is not subject to specific statutory procedures requiring higher standards of adoption; the company argues that the entire fairness test cannot be made subject, as to compensation of the CEO, to the same standards applied under the legislature’s specific standards that the lawmakers made express only as to different actions (eg acquisitions and the like).
What IS the scope of board power in setting comp? IF there is no special standard for voting on that issue, as there is for acquisitions, and if there is no breach of the duty of loyalty (eg the people taking the vote are not the beneficiaries of that vote), all that seems left is a claim of corporate waste. That is a hard hill to climb in Delaware, whose regulatory scheme is premised on the freedom of directors to direct (thereby attracting as clients so many major corporations which choose to form themselves under Delaware state law). If the stockholders object, they can vote out the directors. If the rating agencies find the vote objectionable, they can negatively recommend re-election.
This case feels like the Chancery will decide and that it will get appealed up to the Delaware Supreme Court.
Some time this month of May, InHouse, a publication directed to in-house lawyers, will publish my article on diversity for corporate boards. It is accepted wisdom today that diverse boards are better boards in terms of process and resulting decision-making, although much of this data relates to gender-only diversity. And as my article points out, the history of surveys on the subject is spotted with contradictory conclusions.
Yesterday, one of my regular web-site sources reported that the US House Subcommittee on Diversity and Inclusion has held a hearing on the subject of examining economic benefits derived from strong board diversity programs. A major focus was on the financial services industry, long criticized for its deficiencies in this area. The undertaking was characterized as “bipartisan” which initially made me skeptical of the accuracy of the reportage, but putting my “aside,” well, aside, testimony based on a McKinsey study was submitted claiming that the top quartile for diversity teams were more likely to be above the national performance median and those teams in the lowest quartile were more likely to fall below the national performance median.
Testimony it seems was all affirmatively pro-diversity. Head of one Harvard policy program equated gender and racial diversity with novel solutions, greater integration and “higher collective intelligence.” One speaker noted changing demographics which shortly will make the majority of the US population into a minority. Recruiters emphasized that a robust program requires minorities on interview teams and candor about historical comp and promotion rates. Others mentioned growing customer and investor focus on corporate diversity.
If it is true that by 2045 the majority cohort of the US population (Caucasians) will become a minority, will there be affirmative action programs for this now-minority cohort? Will the minority still be in control so that the majority still needs protections or at least programs to establish appropriate mix of directors? I am not aware of any other major modern country that has “flipped” demographically, as will the United States. We are moving into new territory here, although sadly it is fostering negative societal reactions in some quarters.
Just had to share the latest on the cannabis revolution. As you no doubt know, cannabis as a business has taken off, particularly in places like Boston; seminars, articles, legal issues, the works. Now, someone in our firm’s cannabis practice group has called my attention to an issued US patent which claims a method of producing honey from bees who are fed cannabis oil. The resultant honey is wholly natural, and is not infused as to comes out with the desired composition.
While I cannot tell if this product could be labeled as “organic” it is surely an interesting product and perhaps a bell-weather; I wonder for example if it works on cows or chickens; chicken eggs? The possibilities could be endless.
Btw, our cannabis practice group works across the country and is very busy in formation, finance, banking issues, mergers, regulatory matters and the like. We are doing deals working from Boston, New York, our four offices in California, and elsewhere. Who would have imagined…. (I always avoid plugs for my law firm but I think this development is absolutely fascinating so I am breaking my own rule.)
In December, 2018, I posted an article about proposed Federal legislation to define coin offerings the SEC would NOT treat as securities offerings. That bill died but has just been re-introduced in modified form, and purports to define tokens which will not be SEC-regulated. The Token Taxonomy Act, with some bipartisan support, seeks to provide clarity for blockchain-based start-ups issuing coins.
Although blessedly the newly-proposed statute fixes a mandatory national standard (pre-empting possibly inconsistent State regulation), some commentators claim the new law is too simplistic. The appealingly simple part is that the law would exempt digital tokens the histories of which are recorded on a distributed, digital ledger (can you say “blockchain”?) and do not represent a financial interest in any particular business entity. The fear is that the dividing line suggested cannot be sharp enough; if the original payment goes into, say, Company X, and Company X uses the money to finance itself and then affords the Company X product at a discount, is that not like a security (investor pays money, company builds itself on the money, company gives something of economic value to investor such as the product itself, or a discount on the product, or access to the product).
A recent SEC decision suggest such a model will not be SEC-regulated if the tokens cannot be sold to create a currency, but the SEC insists on a case-by-case approach and to date has not commented on the proposed law (filed April 9).
Question: I send a down payment to a company to purchase the company’s widget (let’s say it is a really big, expensive widget). The company takes my deposit, records it as a down payment, goes out and buys a new widget-maker machine, hires an engineer and and a laborer, builds my widget and ships it to me. How different is that from a digital token that works the same way? Why would it matter if my purchase order were sold to another buyer, even for a profit, the transaction being added to a blockchain–or not?
Ever notice how technology is stressing our legal system in search of good analogies where there is no clear precedent? I keep reminding people that THE seminal case in the definition of a security is a seventy-two year old Supreme decision about an orange orchard. I fear that it is likely a stretch to say that the law today is asked to compare an apple with an orange– but is that true if, say, I capitalized the “Apple”?
Last year, public corporations suffered more than 225 “activist attacks” and more than 160 board seats were won by activists in proxy contests. But, it seems, this is an incomplete picture; much activity is going on “under the radar.”
According to an expert panel convened this week by National Association of Corporate Directors – New England, many activist approaches are now low key. This is particularly true with larger targets, where activists can accumulate a substantial block of stock, and thus have leverage, without being required to file a Form 13D (based on percentage ownership) with the SEC. The new activism often is not designed to create a public conflict, at least initially.
What then does the expert panel suggest to boards:
First, do not react emotionally. A tactic of activists is to obtain an emotional reaction; the activists are only interested in the money.
Second, be fully prepared before you are approached. Have your legal and public relations team primed, and identify a board member who might be able to be communicate with the activists. Ask counsel to review your charter and bylaws.
Third, understand your own business plan. Are there weaknesses in it? Address them. Activists are well prepared, and not necessarily wrong.
Fourth, when executives leave your company, build into their severance agreement a “standstill” which prevents them from assisting an activist attack; activists tend to obtain some of their best information from former senior employees.
Lastly, reach out to the advisory agencies upon which institutional investors often rely (ISS and Glass Lewis), find out what they are thinking and explain your business strategy.
Humor of the day: when a director’s company is approached by an activist, the director is advised to get a dog. “Why?” the director asks.
“Because by the time this is over, your management will hate you, your employees will hate you, you will spend so much time on this that your family will hate you. At least, when you finally come home exhausted, there ought to be somebody who will give you a friendly welcome.”
Is the SEC softening its reaction to coin offerings?
The literature and the legal hsitory relating to coin offerings defies summarization, let alone in a brief blog post, but the SEC this week issued a no-action letter which permitted a company to effect a coin offering without the usual objection, injunction or fine. The reason is an update of orange groves to jet planes.
What is a security? That is the only thing the SEC can regulate. Per the US Supreme Court in a decision that has stood since 1946, it is an investment in a common enterprise while expecting profit from the efforts of others; that ancient case involved purchasers of orange groves, to be managed by the seller who would do all the work and send back the profits to the “owners” of the land and trees.
Along comes Turn-Key Jet Inc., a charter service. They convinced the SEC that, under recent SEC Guidance, they should not be required to registered their coin issuance since it was clear that the coins, regardless of their suspicious character and evil potential upon initial sale, would be used only to buy air charter services.
Analytically, this slope could be slippery. You could for example use coins to wholly finance a start-up business, allow use of coins for only the product or service offered by that business, and use the coin to obtain that product or service at a reduced price. How is that different from investing thru coin offerings in a company to jump-start it, then earning money, and then spending it on a product from a third party? Your return is economic value based on the success of the company in which you invested but which was run by others.
Yes it is different of course, but how different? This is not a new debate. I had a case involving time shares in a motel in the middle of nowhere to be used as a hunting lodge. No coins involved (this was perhaps 35 years ago), but the debate was the same: you give me money and I set up a business with it and I give you a sweetheart deal on the rent (or product — or trip on a jet?).
But the evolution of coins with non-speculative elements into something free of SEC interference is a practical development in the marketplace, and the SEC seems now receptive to applying some logic for the benefit of the marketplace. The issue may ultimately turn on the express litmus test of whether there is any de facto trading element to the coins.That is an implicit alteration of the Supreme Court test, however.
Would that be a shocking development from a technical lawyering standpoint? Depends on your view of whether words that are clear must be read in a policy context. After all, the statutory definition of a security specifically includes “note” (in the Securities Act it is in fact the very first definition, before the word “stock”), but the mortgage note you sign on your house is not a security.
Just to flag that I am moderating a great panel on what directors and management should be doing about cyber security; this is under the auspices of the National Assn of Corporate Directors–New England, and full information is at https://newengland.nacdonline.org/Events/Detail/index.cfm?ItemNumber=65171.
Our panel is pretty powerful: CEO of a major solutions company, former presidential adviser/public director, FBI agent, insurer of cyber risk. Please consider joining the conversation for breakfast on May 14.
At this morning’s breakfast presentation in Boston, Federal Reserve Bank of Boston’s President & CEO Eric Rosengren painted a cautiously optimistic US economic picture for the short-term, while identifying known risks which might derail his thinking.
Speaking under the auspices of the National Association of Corporate Directors – New England, Rosengren predicted 2019 economic growth of 2%, 2% of inflation and a reasonably strong domestic economy. He noted substantive risks which should be considered, including trade with China, Brexit and weakness in European banks and foreign markets. He also noted that while the stock market has recovered from the fourth quarter of 2018, the debt market and particularly the ten year treasury has not recovered, showing institutional concern and hedging of risk against an economic downturn.
On the positive side, there is no overheating of the economy, inflation rate is within expectation, and economic growth (while down from 3% last year) is reasonable. A tight employment market also is a positive.
In New England, our education and tech sectors are robust, but an aging local population and public policy against retaining foreign graduate students could be a drag on the regional economy.
Asked about whether continued growth in the current Federal deficit was sustainable, Rosengren advised that you cannot continue to accelerate national debt without advancing productivity, in the face of rising social costs, particularly if those expenditures are not reinvested in the infrastructure (which in turn could drive future growth).
Finally, a reporter from Bloomberg gamely tried for a scoop in asking whether he foresaw a further boost in the Federal discount rate during the balance of the year. Rosengren obviously but deftly avoided an answer, noting that his view of appropriate policy is to be “patient” to see whether growth continues as anticipated and whether some of the risks he had noted actually arose. He did state that if the economy continued on its current pace, further fiscal tightening might be on the table.
Absent from his presentation and subsequent questions from the audience: any mention of wealth disparity in the United States and its possible relationship to fiscal policy.