Abstract
This section covers federal securities regulations. The topics include shortening the securities transaction settlement cycle, extending form 144 EDGAR filing hours, and share repurchase disclosure modernization.
This section covers federal securities regulations. The topics include shortening the securities transaction settlement cycle, extending form 144 EDGAR filing hours, and share repurchase disclosure modernization.
On February 15, 2023, the Securities and Exchange Commission (“SEC” or “Commission”) adopted final rules (the “Settlement Cycle Final Rules”) shortening the standard settlement cycle for broker-dealer transactions in securities from the current two business days after the trade date (“T+2”) to one business day thereafter (“T+1”). The Settlement Cycle Final Rules take into consideration comments to the SEC’s previously proposed rules (the “Settlement Cycle Proposed Rules”) issued February 9, 2022. The Settlement Cycle Final Rules are part of a series of rule proposals advanced by the Commission in the aftermath of the “meme stock” events in early 2021. The effective date for the Settlement Cycle Final Rules was May 5, 2023, and the compliance date is May 28, 2024.
The Settlement Cycle Final Rules impose new requirements for broker-dealers as discussed further below and will require central matching services providers (“CMSPs”) to take steps to facilitate straight-through processing and submit an annual report of such steps via the Electronic Data Gathering, Analysis and Retrieval system (“EDGAR”).
Under the Settlement Cycle Final Rules, the Commission amended Rule 15c6-1 under the Securities Exchange Act of 1934, as amended (the “Exchange Act”), shortening the standard settlement cycle for most broker-dealer transactions from T+2 to T+1. Under amended paragraph (a) of Rule 15c6-1, unless the parties expressly agree to a different settlement date at the time of the transaction, broker-dealers cannot effect or enter into a contract for the purchase or sale of a security (other than certain exempted securities identified in Rule 15c6-1) that provides for payment of funds and delivery of securities later than T+1.
The SEC stated that shortening the standard settlement cycle to T+1 would reduce market participants’ overall exposure to market risk by reducing the number and market value of unsettled trades in the U.S. clearance and settlement system, reduce the potential for systemic risk to transmit through the financial system by reducing the liquidity exposure of central counterparties, and allow investors to access the proceeds of their securities transactions sooner (i.e., cash for sellers and securities for buyers).
In the adopting release, the Commission acknowledged certain difficulties that may occur in relation to foreign exchange (“FX”) and cross-border transactions. For FX transactions, the Commission recognized that financing U.S. market transactions that settle on a T+1 basis with the proceeds of an FX transaction that settles on a T+2 basis may become more difficult and more costly. The Commission also considered that misalignment of settlement cycles may increase the number of fails in connection with cross-border transactions and thereby decrease U.S. market participants’ access to liquidity. However, the Commission does not believe that the misalignment of settlement cycles from a move to T+1 will increase the number of settlement fails connected with cross-border transactions, because market participants will have time to plan and prepare for the shift to T+1, to analyze whether any transaction presents a risk of settlement fail, and to adjust their business practices accordingly. The Commission stated that it intends to continue to work with regulators in other jurisdictions to ensure that the move to T+1 is successfully implemented, while limiting any adverse impact on market participants who engage in both U.S. and foreign transactions.
Paragraph (b) of Rule 15c6-1 has also been amended to exclude security-based swaps from the requirements under paragraph (a) of the rule. The Commission recognized that security-based swap contracts are “generally bilateral and executory in nature” and that such contracts, unlike other securities transactions, typically include terms that expressly specify the timing of contractual obligations. The Commission thus concluded that there is no need for any rule-based “default” contract term for security-based swaps and excluded such swaps from the requirements of paragraph (a) of Rule 15c6-1. To avoid confusion, the provision exempting security-based swaps became effective on May 5, 2023, rather than the compliance date of May 28, 2024.
Further, under amended paragraph (c) of Rule 15c6-1, the default settlement cycle for firm commitment offerings priced after 4:30 p.m. Eastern Time (“ET”) is shortened from four business days after the trade date (“T+4”) to T+2, unless the parties agree to a different settlement date at the time of the transaction. In the Settlement Cycle Proposed Rules, the Commission initially considered deleting this paragraph entirely and making T+1 settlement the default for firm commitment offerings. However, in the Settlement Cycle Final Rules, the Commission instead shortened the default settlement cycle from T+4 to T+2, considering that, in the event of unanticipated issues, a T+1 settlement cycle for these offerings would be insufficient time to prevent a failed settlement.
The SEC also adopted a new rule, Rule 15c6-2, under the Exchange Act (“Rule 15c6-2”). Under new Rule 15c6-2, for transactions in which a post-trade allocation, confirmation, or affirmation process is contemplated, broker-dealers and “other relevant parties” must either (1) enter a written agreement to complete such process as soon as technologically practicable and by the end of the trade date, or (2) establish, maintain, and enforce written policies and procedures reasonably designed to ensure completion of such process as soon as technologically practicable and no later than the end of the trade date.
To fulfill the stated objective to increase the rate of same-day affirmation for institutional transactions, the SEC considered that broker-dealers are best positioned to modify the conduct of other relevant parties with which the broker-dealers may participate in the allocation, confirmation, and affirmation process, and should bear the compliance burden under the Settlement Cycle Final Rules. Although the Settlement Cycle Proposed Rules contemplated requiring broker-dealers to enter into agreements with “customers,” the Settlement Cycle Final Rules require that broker-dealers enter into agreements with “relevant parties” instead, better reflecting the market dynamics existing among broker-dealers, their customers, and customers’ third-party intermediaries, such as custodians and investment advisers in the post-trade process.
The Settlement Cycle Final Rules include a second option that was not included in the Settlement Cycle Proposed Rules, where, instead of entering into such written agreements, a broker-dealer may choose to establish, maintain, and enforce written policies and procedures reasonably designed to ensure completion of the allocation, confirmation, or affirmation for the transaction, as soon as technologically practicable and no later than the end of the day on the trade date. For broker-dealers who choose this option, the policies and procedures must comply with the five requirements below:
The SEC also made a corresponding amendment to Rule 204-2(a)(7)(iii) under the Investment Advisers Act of 1940, requiring investment advisers to keep true, accurate, and current records of transactions in which a broker-dealer engages in such allocation, confirmation, or affirmation process.
“Straight-through processing” refers to processes that allow for automation of the entire trade process from trade execution through settlement without manual intervention. New Rule 17Ad-27 under the Exchange Act requires CMSPs to establish, implement, maintain, and enforce reasonably designed written policies and procedures that facilitate straight-through processing. Considering that a shorter T+1 settlement cycle may lead to expanded use of CMSPs, the SEC sought to enhance the efficiency of CMSP services through this new rule. In addition, CMSPs must submit an annual report via EDGAR that provides: (1) a summary of current policies and procedures reasonably designed to facilitate straight-through processing, (2) a qualitative description of its progress in facilitating straight-through processing during the twelve-month period covered by the report, (3) a quantitative presentation of data including specified metrics and organized in a specified manner, and (4) a qualitative description of the actions the CMSP intends to take to facilitate straight-through processing during the twelve-month period that follows the period covered by the report.
On February 21, 2023, the Commission adopted a final rule extending the filing deadline for Form 144 on EDGAR from 5:30 p.m. ET to 10:00 p.m. ET on Commission business days. This rule became effective on March 20, 2023.
Form 144 is used to report the sale of securities of issuers subject to the reporting requirements of section 13 or 15(d) of the Exchange Act. Under prior Rule 13(a)(2) of Regulation S-T, a Form 144 submitted no later than 5:30 p.m. ET was deemed filed on the same business day. If the Form 144 was submitted later than 5:30 p.m. ET, then it was deemed to be filed the next business day.
Under existing rules, the SEC deemed submissions of Forms 3, 4, or 5 or Schedule 14N at or before 10:00 p.m. ET to be filed on the same business day in order “to create a system that insiders can use relatively easily themselves” and because “extended filing hours would ease filers administrative burdens, without impairing prompt public availability of the field information.”
The Commission decided that the filing of Form 144 should be treated similarly to that of Forms 3, 4, and 5 and Schedule 14N, and as a result, a Form 144 that otherwise complies with applicable filing requirements that is submitted by direct transmission after 5:30 p.m. ET but no later than 10:00 p.m. ET is now deemed filed the same business day. The filing hours on a business day for Form 144 begin at 6:00 a.m. ET and extend until 10:00 p.m. ET.
On May 3, 2023, the SEC adopted, by a 3-to-2 vote, amendments (the “Share Repurchase Amendments”) to its then existing rules (the “Share Repurchase Original Rules”) regarding disclosures of purchases of an issuer’s equity securities by or on behalf of the issuer or an affiliated purchaser, commonly referred to as “buybacks.” The Share Repurchase Amendments sought to require quantitative and qualitative disclosure of buybacks on a day-by-day basis but, in a significant change from the SEC’s original proposal that would have required next business day reporting, this disclosure was to be required on either a quarterly or semi-annual basis, depending on the type of issuer. The Share Repurchase Amendments also sought to revise and expand the existing periodic disclosure requirements for buybacks. As discussed below, the Share Repurchase Amendments were vacated by the U.S. Court of Appeals for the Fifth Circuit (the “Fifth Circuit”).
The Share Repurchase Amendments would have applied to issuers that repurchase securities registered under section 12 of the Exchange Act, including smaller reporting companies, emerging growth companies, foreign private issuers (“FPIs”), and registered closed-end investment management companies that are exchange traded. The Share Repurchase Amendments would have required disclosure for all buybacks, without a materiality threshold.
An issuer may undertake repurchases through a number of methods, including through open market purchases, tender offers, privately negotiated repurchases, or accelerated share repurchase programs. SEC filings are not required to, and typically do not, disclose the specific days on which buybacks pursuant to an announced repurchase plan or program were executed. The Share Repurchase Amendments sought to revise and expand the buyback disclosures required by Item 703 of Regulation S-K, Item 16E of Form 20-F, and Item 14 of Form N-CSR by requiring additional information with respect to buybacks, including quantitative and qualitative details of daily trades. According to the adopting release, the SEC believed that the Share Repurchase Amendments would “provide investors with enhanced information to assess the purposes and effects of repurchases, including whether those repurchases may have been taken for reasons that may not increase an issuer’s value.”
The SEC originally proposed share repurchase disclosure amendments on December 15, 2021. The SEC reopened the comment period for this rulemaking twice, once in order to allow more time following a technological error in the SEC’s internet comment form that potentially affected comments on a number of SEC proposals, and a second time in connection with an SEC staff report analyzing the potential economic effects of the new excise tax on buybacks contained in the Inflation Reduction Act of 2022.
The two major changes of the Share Repurchase Amendments were the requirement to include a narrative of the objectives and rationales for the buybacks and the requirement to disclose principal terms of all buyback transactions, for each day shares were repurchased. An issuer would have been required to disclose in its periodic reports the objectives or rationales for its buybacks and the process or criteria used to determine the repurchase amounts. It also required disclosing policies and procedures relating to purchases and sales of the issuer’s securities by its directors and officers during a repurchase program, including any restriction on such transactions.
The Share Repurchase Original Rules require footnote disclosure of the principal terms of all publicly announced repurchase plans or programs, the number of shares purchased other than through a publicly announced plan or program, and the nature of the transaction. The Share Repurchase Amendments continued to require this information, but in more detail and, in some cases, in the main text of the narrative discussion, instead of a footnote. The disclosures required by the Share Repurchase Amendments included the number of shares purchased, other than through a publicly announced program, and the nature of the transaction (e.g., whether the purchases were made in open market transactions, tender offers, in satisfaction of the issuer’s obligations upon exercise of outstanding put options issued by the issuer, or other transactions), and certain other disclosures for publicly announced repurchase programs.
Shortly after the SEC adopted the rule, the Chamber of Commerce of the United States of America, Longview Chamber of Commerce, and Texas Association of Business (collectively, the “Petitioners”) petitioned the Fifth Circuit to review the Share Repurchase Amendments. They argued, among other things, that requiring rationale disclosure and daily-data disclosure was too burdensome, and that the Share Repurchase Amendments were arbitrary and capricious. On October 31, 2023, the Fifth Circuit issued its decision concluding that the SEC acted arbitrarily and capriciously, in violation of the Administrative Procedure Act, when it failed to respond to the petitioners’ comments and failed to conduct a proper cost-benefit analysis. The Fifth Circuit remanded the matter and directed the SEC to “correct the defects” in its original rulemaking by November 30, 2023. Because the SEC failed to meet that deadline and was denied the opportunity to extend the period during which it could address changes to the rule, the Fifth Circuit vacated the rule on December 19, 2023.
On June 7, 2023, the SEC adopted final rules amending Regulation M (the “Reg M Final Rules”) to remove its references to credit ratings, replace these with alternative measures of creditworthiness, and impose related record-keeping obligations on broker-dealers. The SEC previously proposed amendments to Regulation M (the “Reg M Proposed Rules”) in March 2022. The Reg M Final Rules are largely similar to the Reg M Proposed Rules, with certain modifications made to address feedback received during the comment period. The Reg M Final Rules took effect on August 21, 2023.
Section 939A of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the “Dodd-Frank Act”) directed the SEC to review its rules that use credit ratings to assess the creditworthiness of a security, remove any reference to or requirement of reliance on credit ratings, and substitute such standard of creditworthiness as the SEC determines to be appropriate. The SEC proposed amendments in 2008 and 2011 to remove credit ratings references from Regulation M, but these proposals encountered significant industry pushback.
Regulation M. Regulation M is intended to limit activities of certain participants in a distribution that may have a manipulative effect on the market for the offered security. In connection with a distribution, Rule 101 of Regulation M prohibits a distribution participant (such as an underwriter, broker, or dealer) or an affiliated purchaser from, directly or indirectly, bidding for, purchasing, or attempting to induce any person to bid for or purchase a covered security (which includes the security that is the subject of the distribution (the “subject security”)), as well as any “reference security” into which the subject security may be converted or exchanged during the applicable restricted period. Rule 102 of Regulation M contains the same prohibitions as Rule 101 but is directed to issuers, selling securityholders, and their affiliated purchasers rather than distribution participants.
Exceptions in Rules 101 and 102 for Investment Grade Securities. The general prohibitions in Rules 101 and 102 of Regulation M do not apply to certain securities (excepted securities) and to certain activities (excepted activities). The historic excepted securities included nonconvertible debt securities, nonconvertible preferred securities, and asset-backed securities rated investment grade by at least one nationally recognized statistical rating organization. Historically, Rule 101(c)(2) provided an exception on which distribution participants could rely, while Rule 102(d)(2) provided an exception on which issuers and selling securityholders could rely (collectively, “Investment Grade Exceptions”). The SEC excepted investment grade securities from the application of these rules because such securities were “less likely to be subject to the type of manipulation that Regulation M seeks to address because they are largely fungible and trade primarily on the basis of yield and creditworthiness (traditionally measured by credit ratings), rather than the identity of the particular issuer.”
Under the Reg M Final Rules, the Investment Grade Exceptions in Rules 101 and 102 of Regulation M were removed and replaced by new exceptions that employ alternative standards of creditworthiness, depending on the type of security in the distribution. For nonconvertible debt securities and nonconvertible preferred securities (collectively, “Nonconvertible Securities”), the new standard is based on the issuer’s probability of default. For asset-backed securities, the new exceptions apply to asset-backed securities that are offered pursuant to an effective shelf registration statement filed on Form SF-3.
New Exceptions for Nonconvertible Securities: Rule 101(c)(2)(i) and Rule 102(d)(2)(i). New Rules 101(c)(2)(i) and 102(d)(2)(i) except Nonconvertible Securities of issuers for which the probability of default, estimated as of the sixth business day immediately preceding the determination of the offering price and over a twelve-calendar month horizon thereafter, is 0.055% or less, as determined and documented in writing by the lead manager of a distribution, using a “structural credit risk model,” as such term is defined in the newly amended Rule 100(b). The lead manager of a distribution (or a person acting in a similar capacity) must make a written determination of the issuer’s probability of default.
The SEC believes that probability of default, calculated based on structural credit risk models, is an appropriate substitute as a standard of creditworthiness. The SEC defined “structural credit risk model” in Rule 100(b) of Regulation M as “any commercially or publicly available model that calculates, based on an issuer’s balance sheet, the probability that the value of the issuer will fall below the threshold at which the issuer would fail to make scheduled debt payments, at or by the expiration of a defined period.”
The SEC notes that the use of structural credit risk models is practical and appropriately based on objective factors, because these models can independently verify the probability of issuer default based on market events and information on the issuer’s balance sheet. For purposes of running the structural credit risk model, the SEC noted that establishing a specified bright-line threshold and a pre-determined time horizon is practical and should provide clarity as to what is expected in the evaluation and documentation. For the SEC, a bright-line probability of default threshold of 0.055% and a pre-determined time horizon beginning six business days before pricing up to twelve months thereafter are model inputs that are uniform and predictable.
New Exceptions for Asset-Backed Securities: Rule 101(c)(2)(ii) and Rule 101(d)(2)(ii). The SEC replaced the historic exceptions in Rules 101 and 102 for investment grade asset-backed securities, with new exceptions in Rule 101(c)(2)(ii) and Rule 102(d)(2)(ii) for asset-backed securities offered pursuant to an effective shelf registration statement filed on Form SF-3. The SEC stated that such securities trade primarily on the basis of yield and creditworthiness and are, therefore, less susceptible to manipulation. According to the SEC, the transaction requirements included in Form SF-3 allow for shelf offerings of only those asset-backed securities that share the same qualities and characteristics as investment grade asset-backed securities. Similar to investment grade asset-backed securities, which are excepted under the current rules, the principal focus of investors in asset-backed securities registered on Form SF-3 is the structure of the class of securities and the nature of the assets pooled to serve as collateral for those securities, rather than the issuer’s identity. In particular, Form SF-3 eligibility is limited by the percentage of delinquent assets and, for certain lease-backed securitizations, by the portion of the pool attributable to the residual value. To be eligible to file on Form SF-3, delinquent assets cannot constitute 20 percent or more of the asset pool. The SEC stated that this eligibility limitation focuses on the ability of the collateral in the underlying asset pool to generate cash flow, rather than on the identity of the issuer and its ability to convert the assets into cash.
Form SF-3 also imposes transactional requirements regarding the structure of asset-backed securities being offered, including (1) a certification by the depositor’s CEO that the securitization structure provides a reasonable basis to conclude that the expected cash flows are sufficient to service payments or distributions in accordance with their terms, (2) a review of the asset-backed security’s pool of assets upon the occurrence of certain triggering events, including delinquencies, by a person unaffiliated with certain transaction parties, such as the sponsor, depositor, servicer, trustee, or any of their affiliates, and (3) a dispute resolution provision, contained in the underlying transaction documents, for any repurchase request. According to the SEC, these transactional safeguards imposed by Form SF-3 provide incentives for parties to consider carefully the quality and character of the assets included in the pool and, therefore, asset-backed securities registered on Form SF-3 should trade based on yield and creditworthiness, rather than based on the issuer’s identity. As a result, applying Form SF-3 requirements would result in an offering of asset-backed securities having similar characteristics as previously exempted investment grade asset-backed securities.
Recordkeeping Obligations. The Reg M Final Rules amend Rule 17a-4(b) under the Exchange Act, the SEC’s broker-dealer record retention rule, to require broker-dealers that are distribution participants or affiliated purchasers to keep written records of the probability of default determination relied upon by such broker-dealers in a distribution. Rule 17a-4(b) requires broker-dealers to retain the written probability of default determination to support reliance on the exception for a period of not less than three years and, for the first two years, in an easily accessible place. A broker-dealer that was the lead manager in a distribution could satisfy the obligation by retaining the records regarding its determination. That is, if the lead manager calculated the probability of default on its own, it could satisfy the record-keeping requirement by maintaining documentation of the value of each variable used to calculate the probability of default, along with a record identifying the specific sources of such information for each variable. If the lead manager used a third-party vendor to determine the probability of default threshold, it could satisfy this record-keeping requirement by maintaining documentation of the assumptions used in the vendor model, as well as the output provided by the vendor supporting the probability of default determination. If the broker-dealer was not the lead manager in the distribution, it could satisfy the obligation by either obtaining from the lead manager a copy of such written probability of default determination or by retaining a written notice that the broker-dealer received such a written determination from the lead manager.
The SEC implemented certain modifications to the Reg M Proposed Rules after receiving and considering comments from the public. The following are some of the significant modifications made by the SEC to its original proposal when it implemented the Reg M Final Rules.
Adopting the New Exceptions for Rule 102. In the Reg M Proposed Rules, the SEC sought to eliminate altogether, without any replacement, the historic exceptions in Rule 102 for investment-grade Nonconvertible Securities and asset-backed securities. The SEC reasoned there were limited situations in which issuers or selling security holders rely on the Investment Grade Exception in Rule 102. Given this limited reliance, the SEC initially believed the exception in Rule 102(d)(2) should be removed without any replacement. In the Reg M Final Rules, however, the SEC acknowledged comments that eliminating the exception altogether for Nonconvertible Securities might impact issuer-affiliated broker-dealers not acting as “distribution participants”—and thus ineligible under Rule 101—which could “increase issuance costs or deter market participants from issuing such securities.” In the same vein, for Reg M Final Rule 102(d)(2)(ii), the SEC decided to use the same exception for asset-backed securities that are offered pursuant to an effective shelf registration statement filed on Form SF-3.
Six Business Days Before Pricing Date. The SEC adjusted the starting time when calculating the probability of default from the pricing day of the offering (under the Reg M Proposed Rules) to the sixth business day prior the pricing date (under the Reg M Final Rules). This change, according to the SEC, allows more time for the lead manager to account for any relevant market activities and for the distribution participants to know whether the exception is available, in advance of the pricing and the restricted period of the distribution. This change was prompted by earlier comments made by the Securities Industry and Financial Markets Association (“SIFMA”) to the effect that requiring the probability of default calculations be made as of the date of pricing is unworkable and could delay the pricing of an offering in the case of a re-opening of debt securities. SIFMA added it would be damaging to the issuer to launch a re-opening, subsequently determine there is no exception under the probability of default calculation, and then have to extend the pricing of the offering by at least one (or five) business days.
Lead Manager to Make Probability of Default Determination. The Reg M Proposed Rules provided that any distribution participant could make the probability of default calculation, whereas the Reg M Final Rules leave this to the lead manager (or equivalent person). According to the SEC, this change ensures consistency and reliability of estimates within any particular distribution and reduces the potential non-uniformity of the probability of default estimations.
On July 26, 2023, the SEC adopted final rules (the “Cybersecurity Final Rules”) aimed at standardizing and enhancing disclosure relating to cybersecurity incidents and risk management processes. The SEC proposed rules (the “Cybersecurity Proposed Rules”) on March 9, 2022. The Cybersecurity Final Rules reflect the considerable comments received on the Cybersecurity Proposed Rules, resulting in far narrower and more streamlined requirements, though still imposing significant new requirements on registrants. The Cybersecurity Final Rules took effect on September 5, 2023.
The SEC has focused on cybersecurity issues for some time, having provided staff guidance in 2011. In 2018, the SEC issued a report detailing its investigations of several public companies that were victims of cybersecurity-related incidents and also issued interpretive guidance requiring public companies to disclose material cybersecurity risks and incidents. Prior to the promulgation of the Cybersecurity Final Rules, registrants were already required to provide significant disclosures in their periodic reports and offering materials regarding cyber risks, incidents, and related investigations or litigation to the extent material. As discussed below, as a result of the Cybersecurity Final Rules, public companies are now required to report (1) material cybersecurity incidents and (2) cybersecurity risk management processes in a more standardized manner, subject to specific timelines, in order to provide greater comparability of disclosures.
The Cybersecurity Final Rules encompass incident disclosure and process disclosure.
Incident Disclosure. The Cybersecurity Final Rules establish a new Item 1.05 of Form 8-K, requiring registrants to disclose information about a cybersecurity incident within four business days after the registrant determines that it has experienced a “material” cybersecurity incident. The Cybersecurity Final Rules take into account many concerns raised by commenters. The SEC revised the Cybersecurity Proposed Rules in scope and provided a delay for disclosures that pose a substantial risk to national security or public safety, as discussed further below.
Scope of Incident Disclosure. The information required to be disclosed was narrowed from the initial proposal. The Cybersecurity Proposed Rules would have required a registrant to disclose certain detailed information about a material cybersecurity incident, if known at the time of filing. The SEC noted commenters’ concerns that the disclosure of certain details, as proposed, would exacerbate cybersecurity threats and lessen threat information-sharing within industries. The SEC streamlined Item 1.05 to focus primarily on disclosing the impact of the material cybersecurity incident, rather than details regarding the incident itself. The SEC noted that such streamlining would more precisely focus the disclosure on what the company views as the material impact of the incident, which may vary from incident to incident, describing “the material aspects of the nature, scope and timing of the incident, and the material impact or reasonably likely impact on the registrant, including its financial condition and results of operations.” The SEC also clarified that the reference to “financial condition and results of operations” in the Cybersecurity Final Rules is not the exclusive test of materiality. The adopting release affirms the view expressed in the proposing release that the materiality standard should be consistent with that expressed in classic cases, such as TSC Industries, Inc., Basic, Inc., and Matrixx Initiatives. Information is “material” if “there is a substantial likelihood that a reasonable shareholder would consider it important” in making an investment decision, or if it would have “significantly altered the ‘total mix’ of information made available.” Therefore, materiality may also be indicated by qualitative impacts, such as the possibility of litigation or regulatory investigations, reputational harm, impact on customer or vendor relationships, or a registrant’s competitiveness. In a further change from the Cybersecurity Proposed Rules, there is no requirement to disclose the remediation status of the cybersecurity incident, whether the incident is ongoing, and whether data were compromised.
Expanding upon the proposal, the SEC added Instruction 4 to Item 1.05 to clarify that a registrant need not disclose “specific or technical information about its planned response to the incident . . . in such detail as would impede the registrant’s response or remediation of the incident.”
Commenters questioned whether Item 1.05 would require disclosure of a cybersecurity incident occurring on a third-party system used by the registrant, instead of an incident directly affecting the registrant’s internal systems. The SEC stated its position that “whether an incident is material is not contingent on where the relevant electronic systems reside or who owns them.” Disclosure of the incident may be required by both, either, or neither the service provider and the customer, depending on the circumstances of the cybersecurity incident that occurs on a third-party system.
Timing of Incident Disclosure. Under the Cybersecurity Final Rules, the obligation to file under Item 1.05 of Form 8-K is triggered by the registrant’s determination that a cybersecurity incident is material. As discussed above, information is “material” if “there is a substantial likelihood that a reasonable shareholder would consider it important” in making an investment decision, or if it would have “significantly altered the ‘total mix’ of information made available.”
The registrant must file the Form 8-K within four business days after the materiality determination. As proposed, Instruction 1 to Item 1.05 would have required that determinations of materiality be made “as soon as reasonably practicable after discovery of the incident.” In the Cybersecurity Final Rules, the SEC revised Instruction 1 to state that the materiality determination must be made “without unreasonable delay.” The SEC indicated that the registrant’s determination of materiality would generally provide the registrant with the information required to fulfill its disclosure obligations under Item 1.05, and therefore opined that the four-business-day timeline is workable. Additionally, the SEC adopted its proposed amendment to General Instruction I.A.3.(b) of Form S-3, such that a late filing on Form 8-K regarding the new Item 1.05 would not cause the registrant to lose eligibility for Form S-3. Furthermore, while some commenters suggested that Item 1.05 could be furnished rather than filed, the SEC noted that treating Item 1.05 disclosures as filed would promote the accuracy and reliability of such disclosures.
In another change from the Cybersecurity Proposed Rules, the SEC adopted a delay provision in cases where disclosure of a cybersecurity incident would pose a substantial risk to national security or public safety. Pursuant to Item 1.05(c) of Form 8-K, a registrant may delay its filing if the U.S. Attorney General determines that the disclosure poses a substantial risk to national security or public safety and notifies the SEC of such determination in writing. The disclosure may be delayed by a time period specified by the Attorney General for up to thirty days, may be extended for an additional period of thirty days, and, in extraordinary circumstances, the Attorney General may further delay disclosure for a final additional period of up to sixty days. The SEC consulted with the U.S. Department of Justice (“DOJ”) to establish an interagency communication process to facilitate such determinations. The SEC stated its position that the Cybersecurity Final Rules balance security concerns against investors’ informational needs. On December 12, 2023, the DOJ issued further guidance outlining its approach to making determinations on requests for delays by registrants. The DOJ indicated that the primary question is not whether the incident itself poses a substantial risk to national security or public safety, but whether public disclosure of the incident threatens national security or public safety, and this occurs only in very limited circumstances. Such limited circumstances include an incident in which the illicit cyber activity involves a technique for which there is not yet a well-known mitigation, where the incident primarily impacts a system operated or maintained by a registrant that contains sensitive U.S. government information, or the registrant is conducting remediation efforts for any critical infrastructure or system and revealing that the registrant is aware of the incident would undermine the remediation efforts.
The procedure for a registrant to request a disclosure delay is as follows: (1) once the cybersecurity incident is known, the registrant should, directly or through another U.S. government agency, immediately contact the Federal Bureau of Investigation (“FBI”), (2) the registrant should concisely describe the facts forming the basis of its belief that disclosure required under Item 1.05 may pose a substantial risk to national security or public safety, (3) the registrant should make its request as soon as possible, because the Attorney General must invoke the provision permitting a delay in disclosing the incident within four business days of the determination by the registrant that the cybersecurity incident occurred, and (4) the registrant should inform the FBI if, during the delay period, there is any change in previously provided information or new information arises that is potentially relevant to the risks to national security or public safety due to public disclosure.
The delay provision, as adopted, is not equivalent to the “law enforcement delays” provided in many state laws that otherwise require notification of a data breach. Such provisions allow companies, at the request of law enforcement, to delay providing required notifications to regulators or individuals to facilitate ongoing investigations. Although the Cybersecurity Final Rules do not prevent any law enforcement agency from requesting the Attorney General to determine that disclosure should be delayed, the SEC stated its belief that designating a single agency as the SEC’s point of contact was critical to ensuring that the Cybersecurity Final Rules are administrable. The SEC considered potential conflicts with other federal laws and regulations and identified a conflicting disclosure obligation with the notification rule of the Federal Communications Commission (“FCC”) regarding breaches of customary proprietary network information (“CPNI”). The FCC’s rule for notification in the event of breaches of CPNI requires covered entities to notify the United States Secret Service (“USSS”) and the FBI no later than seven business days after reasonable determination of a CPNI breach, and further directs the entities to refrain from notifying customers or disclosing the breach publicly until seven business days have passed following the notification to the USSS and FBI. To accommodate registrants that are subject to this rule and that may face conflicting disclosure timelines, the SEC added paragraph (d) to Item 1.05, which permits such registrants to delay filing a Form 8-K for up to the seven business days following notification to the USSS and FBI in accord with the FCC rule, with written notification to the SEC.
Updating Incident Disclosure. Under the Cybersecurity Proposed Rules, Item 106(d) of Regulation S-K would have required disclosure of “any material changes, additions or updates” to information required to be disclosed pursuant to Item 1.05 of Form 8-K in the registrant’s quarterly report filed on Form 10-Q or annual report filed on Form 10-K. Proposed Item 106(d)(1) also would have required registrants to disclose information that was not available at the time of the initial Form 8-K filing in their subsequent periodic filings.
Instead of adopting Item 106(d)(1) as proposed, the SEC added Instruction 2 to Item 1.05 of Form 8-K, directing a registrant (1) to identify any information that is not determined or unavailable at the time of the required filing, and (2) file an amendment to its initial Form 8-K, containing such information. An amendment must be filed within four business days after the registrant, without unreasonable delay, determines the missing information, or within four business days after such information becomes available. The SEC considered that this change would, among other things, allow investors to more quickly identify updates regarding previously disclosed cybersecurity incidents. The SEC also noted that registrants have an obligation to correct prior disclosure or to update disclosure that becomes materially inaccurate.
Moreover, the SEC did not adopt proposed Item 106(d)(2), which would have required disclosure when a series of cybersecurity incidents that are immaterial individually become material in the aggregate. The SEC received comments that the aggregation requirement was vague and difficult to apply. However, a similar aggregation concept was adopted in the Cybersecurity Final Rules in the definition of “cybersecurity incident,” which includes “a series of related unauthorized occurrences.” This concept is intended to capture a series of smaller but continuous cyberattacks that become quantitatively or qualitatively material collectively or related attacks from multiple actors exploiting the same vulnerability.
Process Disclosure. The Cybersecurity Final Rules require disclosures regarding (1) the registrant’s processes, if any, for identifying and managing cybersecurity risks, (2) the role of the board of directors in overseeing cybersecurity risks, and (3) management’s role in managing cybersecurity-related risks and implementing the company’s cybersecurity policies and procedures.
Compared to the Cybersecurity Proposed Rules, the Cybersecurity Final Rules narrow the disclosures required under Item 106(b)(1) of Regulation S-K. While Item 106(b)(1) as proposed would have required more detailed disclosure, the Cybersecurity Final Rules require only a description of “the registrant’s processes, if any, for assessing, identifying and managing material risks from cybersecurity threats in sufficient detail for a reasonable investor to understand those processes.” These processes should be described in the registrant’s annual report.
The SEC stated its belief that the revised formulation avoids detail beyond what is material to investors. The enumerated disclosure elements of Item 106(b) were pared down in response to concerns regarding the level of detail required by the Cybersecurity Proposed Rules. As adopted, Item 106(b) provides that registrants should consider disclosing:
The SEC streamlined Item 106(c)(1) of Regulation S-K to require less granular disclosure. Item 106(c)(1) requires that a registrant describe:
Unlike the Cybersecurity Proposed Rules, Item 106(c)(1) under the Cybersecurity Final Rules do not require the registrant to disclose the frequency of the board’s discussions on cybersecurity risk, and whether and how the board considers cybersecurity risks as part of its business strategy, risk management, and financial oversight.
The SEC also modified Item 106(c)(2) to add a materiality qualifier, requiring a registrant to describe management’s role in assessing and managing the registrant’s material risks from cybersecurity threats. Under the Cybersecurity Final Rules, Item 106(c)(2) provides that registrants should address, as applicable, the following non-exclusive topics as part of a description of management’s role in assessing and managing the registrant’s material risks from cybersecurity threats:
In the Cybersecurity Final Rules, in response to substantial concerns raised in comment letters, the SEC did not adopt the proposed amendment to Item 407 of Regulation S-K, which would have required a registrant to disclose whether any board member has cybersecurity expertise and, if so, the nature of such expertise.
Foreign Private Issuers. The SEC adopted the amendments to Form 20-F and Form 6-K as proposed, which would generally affect most FPIs. FPIs must timely furnish on Form 6-K, in a manner consistent with the general purpose and use of that form, information on material cybersecurity incidents that they disclose or otherwise publicize in a foreign jurisdiction, to any stock exchange, or to security holders. Similarly, cybersecurity incidents now trigger a disclosure obligation on Form 6-K, if the FPI determines that it is material. Form 20-F is amended by adding Item 16K to require the same type of disclosure discussed above for domestic registrants in Item 106 of Regulation S-K, which includes the board’s oversight of risks from cybersecurity threats and management’s role in assessing and managing cybersecurity threats.
The SEC affirmed its stance in the Cybersecurity Proposed Rules that there was no need to provide prescriptive cybersecurity disclosure requirements by filers on Form 40-F because the multijurisdictional disclosure system (“MJDS”) generally permits eligible Canadian FPIs to use Canadian disclosure standards and documents to satisfy the SEC’s registration and disclosure requirements. The SEC noted that such filers are already subject to the Canadian Securities Administrators’ 2017 guidance on the disclosure of cybersecurity risks and incidents, and thus would not need to require an MJDS issuer filing an annual report on Form 40-F to comply with the SEC’s specific proposed cybersecurity-related disclosure requirements in the same manner as filers of Form 10-K or Form 20-F.
Asset-Backed Issuers. The SEC exempted issuers of asset-backed securities that do not have any officers or directors from the Cybersecurity Final Rules. The SEC expressed agreement with a commenter that the Cybersecurity Final Rules would not result in meaningful disclosure by asset-backed issuers, which are typically special purpose vehicles that engage in the limited activity of receiving, purchasing, transferring, or selling assets to an issuing entity and would therefore not own or use information systems. The SEC indicated that it may consider specific cybersecurity disclosure rules applicable to asset-backed securities at a later date.
Smaller Reporting Companies. The SEC did not provide an exemption from Item 106 of Regulation S-K for smaller reporting companies nor did it delay their compliance therewith. The SEC stated its belief that the streamlined requirements of the Cybersecurity Final Rules, compared to the Cybersecurity Proposed Rules, would reduce some of the costs associated with the proposal for all registrants, including smaller reporting companies. The SEC also said that information regarding a registrant’s existing cybersecurity strategy, risk management, and governance is factual, and therefore would be readily available to assess for purposes of preparing disclosure. The SEC stated that, given the significant cybersecurity risks faced by smaller reporting companies, and the outsized impacts that cybersecurity incidents may have, investors in smaller reporting companies require timely disclosure on material cybersecurity incidents and the material aspects of a smaller reporting company’s cybersecurity risk management and governance. The SEC, however, provided smaller reporting companies with an additional 180 days beyond that afforded to other companies to comply with Item 1.05 of Form 8-K.
Commission Authority. The SEC responded to certain comments, identifying and supporting its authority to regulate cybersecurity. Certain commenters argued that the SEC did not have authority to regulate cybersecurity disclosure. The SEC disagreed, however, citing that the authority granted by the Securities Act of 1933, as amended (“Securities Act”), and the Exchange Act are intentionally broad and empower the SEC to carry out its fundamental congressional objectives.
Structured Data Requirements. The SEC adopted the rule as proposed that all forms and disclosures described above be tagged in Inline XBRL in order to facilitate comparison and analysis of the data being disclosed.
On October 10, 2023, the SEC issued changes to Schedules 13D and 13G on which beneficial owners report their holdings and related information (the “Beneficial Ownership Amendments”). The Beneficial Ownership Amendments are intended to modernize the rules governing beneficial ownership reporting and generally shorten the period for initial and amended filings, clarify requirements for derivative securities and criteria for determining when persons are acting as a group, and require that certain information be provided in a structured, machine-readable data format.
Sections 13(d) and 13(g) of the Exchange Act, along with Regulation 13D-G, require an investor who beneficially owns more than 5 percent of a covered class of equity securities to publicly file either a Schedule 13D or a Schedule 13G. The deadlines for filing the initial Schedule 13D and Schedule 13G had not been updated since 1968 and 1977, respectively.
On February 10, 2022, the SEC proposed certain amendments to make information available to the public in a more timely manner, to deem holders of certain cash-settled derivative securities to be beneficial owners of the reference equity securities, and to clarify the disclosure requirements regarding derivative securities. In response, a significant number of public comments pointed to increased administrative burdens and costs associated with the proposed changes, while other comments emphasized that the proposed changes reflected the technological advances and developments in the financial markets. This comment period closed on April 11, 2022.
The SEC then reopened the comment period on April 28, 2023, after the Division of Economic and Risk Analysis released a memorandum providing supplemental data and analysis on the economic effects of the proposed rule. The memorandum provided, among other things, additional background and baseline data for Schedules 13D and 13G, potential effects on activism, and analysis of potential harms to certain selling shareholders under the then-existing filing deadline.
The Beneficial Ownership Amendments became effective February 5, 2024. Compliance with the revised filing dates for Schedule 13G will be required starting on September 30, 2024. Compliance with the structured data requirement for Schedules 13D and 13G will be required beginning on December 18, 2024.
Inasmuch as the Beneficial Ownership Amendments do not go as far as some of those initially proposed, there are significant changes to the deadlines for initial and amended filings on Schedules 13D and 13G. While the Beneficial Ownership Amendments to Schedule 13D apply to most beneficial owners of more than 5 percent of a covered class of equity securities, filers of Schedule 13G fall into three categories: (1) Qualified Institutional Investors (“QIIs”), (2) persons holding beneficial ownership of more than 5 percent of a covered class, but who have not made an acquisition of beneficial ownership subject to section 13(d) (“Exempt Investors”), and (3) beneficial owners of more than 5 percent but less than 20 percent of a covered class who certify under Item 10 of Schedule 13G that the subject securities were not acquired and are not held for the purpose or effect of changing or influencing the control of the issuer of such securities and were not acquired in connection with or as a participant in any transaction having such purpose or effect (“Passive Investors”).
Initial Filing Deadline. Prior to the Beneficial Ownership Amendments, investors who acquired beneficial ownership of more than 5 percent of a covered class of equity securities (or who lost eligibility to file on Schedule 13G) had ten days to file on Schedule 13D (“Previous Schedule 13D”). Under the Beneficial Ownership Amendments, such investors have five business days to file on Schedule 13D (“Amended Schedule 13D”).
Prior to the Beneficial Ownership Amendments, QIIs and Exempt Investors had forty-five days after the calendar year-end to initially file a Schedule 13G when their ownership exceeded 5 percent; QIIs had ten days to initially file after the month-end in which their beneficial ownership exceeded 10 percent; and Passive Investors had to initially file within ten days of acquiring more than 5 percent beneficial ownership (each, a “Previous Schedule 13G”). Under the Beneficial Ownership Amendments, QIIs and Exempt Investors have forty-five days after the calendar quarter-end to initially file when their ownership exceeds 5 percent; QIIs must initially file within five business after the month-end in which their beneficial ownership exceeds 10 percent; and Passive Investors must initially file within five business days after acquiring beneficial ownership of more than 5 percent of the covered class of equity securities (each, an “Amended Schedule 13G”).
Amendment Triggering Event. Under both the Previous Schedule 13D and the Amended Schedule 13D, an amendment triggering event is defined as a material change in the facts set forth in the previously filed Schedule 13D.
Under the Previous Schedule 13G, an amendment triggering event was defined as any change in the facts set forth in the previously filed Schedule 13G, whereas under the Amended Schedule 13G, the change must be material. For the QIIs and Passive Investors, the amendment triggering event remains as when they exceed 10 percent beneficial ownership, or a 5 percent increase or decrease in beneficial ownership.
Amendment Filing Deadline. Under the Previous Schedule 13D, the filing deadline for an amendment was “promptly” after the triggering event and, under the Amended Schedule 13D, the deadline is within two business days after the triggering event.
For all Schedule 13G filers, the filing deadline for an amendment shifts from forty-five days after calendar year-end in which any change occurred to forty-five days after calendar quarter-end in which a material change occurred. For QIIs, the filing deadline for an amendment decreases to five business days from ten days, after the month-end in which beneficial ownership exceeds 10 percent or there is a 5 percent increase or decrease in beneficial ownership. For Passive Investors, the filing deadline for an amendment dropped from “promptly” to two business days, after exceeding 10 percent beneficial ownership or a 5 percent increase or decrease in beneficial ownership.
Filing Cut-Off Time. The filing cutoff time for all Schedules 13D and 13G moved from 5:30 p.m. ET to 10:00 p.m. ET.
Cash-Settled Derivatives. The SEC provided guidance in the adopting release on the applicability of pre-existing beneficial ownership rules to cash-settled derivatives and to associated group formation in lieu of adopting the amendments originally proposed. The proposed amendments would have provided that, among other things, a holder of a cash-settled derivative security, other than a security-based swap, is deemed the beneficial owner of the reference equity securities if the derivative is held with the purpose or effect of changing or influencing the control of the issuer of the reference securities, or in connection with or as a participant in any transaction having such purpose or effect. Considering the views expressed by commenters, the SEC determined that its existing guidance on the applicability of Rule 13d-3 to cash-settled derivative securities, which resembles its previous guidance regarding security-based swaps, would provide sufficient clarity. While noting that determinations regarding beneficial ownership ultimately depend on the relevant facts and circumstances, the SEC set out an analytical framework consisting of three elements that correspond to Rule 13d-3(a), (b), and (d)(1).
Under Rule 13d-3(a), a holder of a cash-settled derivative security is deemed a beneficial owner of the reference security to the extent the cash-settled derivative security provides the holder, directly or indirectly, with exclusive or shared voting or investment power over the reference security, through a contractual term of the security or otherwise.
Under Rule 13d-3(b), if the cash-settled derivative security is acquired with the purpose or effect of divesting the holder of beneficial ownership of the reference security or preventing the vesting of beneficial ownership as part of a plan or scheme to evade the reporting requirements, the holder would be deemed a beneficial owner. Because the guidance does not elaborate on what constitutes the prevention of vesting or the meaning of a “plan or scheme to evade,” it is questionable whether it provides added clarity in cases in which a cash-settled derivative position is unwound and replaced by a physical position after the Schedule 13D threshold is crossed, even if the physical position is acquired independently of the derivative and its unwinding.
Finally, under Rule 13d-3(d)(1), the holder of the cash-settled derivative would have beneficial ownership if it has the right to acquire beneficial ownership (as defined in Rule 13d-3(a)) of the reference security within sixty days, or if the holder acquires the right to acquire such beneficial ownership with the purpose or effect of changing or influencing the control of the issuer of the reference security, or in connection with or as a participant in any transaction having such purpose or effect, regardless of when the right is exercisable. The SEC observed that Rule 13d-3(d)(1) would apply regardless of the origin of the right to acquire the reference security, including if such right originates from “an understanding in connection with that derivative security.”
With regard to the disclosure of derivatives positions on Schedule 13D, the Beneficial Ownership Amendments amend Rule 13d-101 to expressly state that derivative contracts, arrangements, understandings, and relationships with respect to an issuer’s securities, including cash-settled security-based swaps and other derivatives which are settled exclusively in cash, must be disclosed under Item 6 of Schedule 13D. The amendment struck the language “including but not limited to” from that preceding the itemization of instruments or arrangements covered by Item 6 to remove “any implication that additional interests may need to be disclosed.”
Acting as a Group. Under the beneficial ownership reporting framework, reporting may be required when two or more persons act as a “group” for purposes of acquiring, holding, or disposing of securities of an issuer. Under Rule 13d-5(b)(1) under the Exchange Act, two or more persons who agree to act together for purposes of acquiring, holding, voting, or disposing of issuer securities are treated as a “group.” The proposed amendments would have revised Rule 13d-5(b)(1) to remove the reference to an agreement and required that, when two or more persons act as a group under section 13(d)(3) of the Exchange Act, the group would be deemed to have acquired beneficial ownership of all of the equity securities of a covered class beneficially owned by each of the group’s members as of the date on which the group was formed. The SEC did not codify the definition of a “group” as proposed, but it did clarify that the relevant statutes (sections 13(d)(3) and 13(g)(3) of the Exchange Act) do not require an express agreement for persons to be a “group.” Instead, the determination of a “group” remains a facts-and-circumstances determination.
Along with its guidance, the SEC provided a few examples of what would or would not constitute a “group.” For example, the SEC advised that the following actions would not result in the formation of a “group”: discussions among shareholders without committing to a course of action, jointly engaging with management without attempting to convince the board to change existing board membership, and jointly submitting a nonbinding shareholder proposal. On the other hand, if a beneficial owner of a substantial block of a covered class would be filing a Schedule 13D and intentionally communicated to other market participants that such a filing would be made with the purpose of causing the other market participants to make purchases of the same class of securities and one of those market participants made a purchase as a direct result of that communication, then the actions of the beneficial owner and any such market participants would likely result in the formation of a group.
Structured Data Filing. The Beneficial Ownership Amendments require all disclosures in Schedules 13D and 13G (other than exhibits) to be filed using a structured, machine-readable XML-based language, similar to other XML-based EDGAR filings. Reporting persons will be able to submit filings directly to EDGAR in 13D/G-specific XML or use a web-based reporting application developed by the SEC that will generate the Schedule in 13D/G-specific XML.
On October 13, 2023, the SEC issued a release adopting final rules aimed at increasing the transparency and efficiency of the securities lending market (the “Securities Loans Reporting Final Rules”). The SEC originally proposed this rule on December 8, 2021. The Securities Loans Reporting Final Rules reflect considerable comments received during the comment period, resulting in far more tailored requirements, while still requiring a level of disclosure necessary to achieve the Commission’s intended goals.
The SEC has the authority to increase transparency in financial markets and a mandate to promulgate rules to increase the transparency of information available to brokers, dealers, and investors. This regulation is designed to carry out that mandate with respect to the securities lending market. The SEC sought to achieve its objective by requiring certain persons to report information about securities loans to a registered national securities association (“RNSA”). This information includes both confidential and non-confidential information so as to enhance the oversight and enforcement functions of the RNSAs. Similarly, the SEC requires that an RNSA make certain information that it receives publicly available, alongside daily information pertaining to the aggregate transaction activity and distribution of loan rates for each reportable security. The Securities Loans Reporting Final Rules became effective on January 2, 2024. However, the SEC adopted an implementation period to provide industry participants with sufficient time to comply with the new requirements.
As referenced above, the Securities Loans Reporting Final Rules became effective on January 2, 2024. RNSAs must have proposed their own implementation rules within four months of the effective date, May 2, 2024, and those rules must be made effective no later than twelve months thereafter. Covered persons must report the necessary data elements starting on the reporting date, January 2, 2026, defined as the first business day twenty-four months after the effective date. RNSAs must publicly report necessary data elements within ninety calendar days of the reporting date, or before April 2, 2026.
Who Must Report. The Securities Loans Reporting Final Rules require that covered persons provide securities loan information concerning reportable securities to an RNSA, in the format and manner required by the association, within time periods specified by the regulation. Any “covered person” that agrees to a “covered securities loan” must comply with the rule. “Covered person” is defined to mean: (1) any person that agrees to a covered securities loan on behalf of a lender, (2) any person that agrees to a covered securities loan as a lender when an intermediary is not used, unless the borrower is a broker-dealer borrowing fully paid or excess margin securities, or (3) a broker or dealer when borrowing fully paid or excess margin securities. Notably, the rule excludes clearing agencies that provide only the functions of a central counterparty in such transactions. A clearing agency is therefore not required to report to an RNSA for a covered securities loan when it acts only in the capacity of (or engages only in activities as) a central counterparty or a central securities depository in connection with a covered securities loan. A “covered securities loan” is a transaction in which any person, on behalf of itself or one or more other persons, lends a “reportable security” to another person. A “reportable security” is defined as any class of an issuer’s securities that must be reported to the consolidated audit trail, FINRA’s Trade Reporting Compliance Engine, or the MSRB’s Real-Time Transaction Reporting System. As a result, pursuant to the new rule, information about the lending of any security that would otherwise be reported to an RNSA must be reported by either the lending party or its intermediary to an RNSA.
What Must Be Reported and When. The rule specifies three types of data elements to be reported by lending parties and their intermediaries to RNSAs. The first type of data element includes the material terms of the covered securities loan as follows:
This data must be reported to an RNSA by the end of the day on which the covered securities loan is effected.
The second type of data element concerns modifications to a covered securities loan. This information includes the date and time of such modifications, the specific modification and data element being modified, and the unique identifier assigned to the original covered security by the RNSA. If the modification is to a covered securities loan that was not required to be reported when agreed to or last modified, all data elements must be reported as if the covered securities loan had just been effected, and must be reported as of the date of modification. These data must be reported to an RNSA by the end of the day on which the covered securities loan is modified if the modification occurs after other information about the covered securities loan was already been provided to an RNSA and results in a change to that information.
The final type of data element concerns confidential information in connection with a covered securities loan. Such data includes, but is not limited to, the legal names of the parties to the loan, whether the security loaned to a broker-dealer’s customer is loaned from the broker-dealer’s inventory, and whether the loan will be used to close out a failure to deliver. RNSAs must keep such data confidential. However, the rule also requires that RNSAs make this data available to the SEC or other persons that the SEC may designate by order upon a demonstrated regulatory need. This final type of data must be provided to an RNSA by the end of the day on which a covered securities loan is effected.
RNSA Requirements. RNSAs must administer the collection of data and make certain information publicly available within the broadly defined time limits referenced in the rule. As to the administration of the data collection process, RNSAs must implement rules regarding the format and manner of information collection and make that public.
Not later than the morning of the business day after the covered securities loan is effected, an RNSA must make the following information publicly available: (1) the unique identifier assigned to a covered securities loan by the RNSA and a security identifier, (2) the data elements, except for loan amount, and (3) information pertaining to the aggregate transaction activity and the distribution of rates among loans and lenders for each reportable security and related unique identifier. On the twentieth business day after a covered securities loan is effected, an RNSA is required to make the loan amount publicly available.
RNSAs must also make any reported modifications to the data elements publicly available not later than the morning of the business day after the covered securities loan is modified. On the twentieth business day after a covered securities loan is modified, an RNSA must make any modifications to the loan amount publicly available.
Finally, RNSAs must retain data and maintain their availability for certain periods. An RNSA must maintain the data elements for covered securities loans on its website or similar means of electronic distribution, without use restrictions, for a period of at least five years.
On December 12, 2023, the Alternative Investment Management Association, the National Association of Private Fund Managers, and Managed Funds Association challenged the Securities Loans Reporting Final Rules along with another final rule from the SEC on short sale disclosures (the “Short Position Reporting Rules”), arguing that the SEC did not properly consider the interconnectedness of the two rules and that the two contradicted each other. While the Short Position Reporting Rules call for delayed, aggregate public disclosures, the Securities Loans Reporting Final Rules require daily public disclosure of information about individual transactions that pertain to loans of securities in a manner that effectively serves as a proxy for short-sale activity and ostensibly contradicts the Short Position Reporting Rules. The petitioners contend that the substantial costs of complying with both rules outweigh any purported benefits. Both rules remain effective during the ongoing litigation.
On November 27, 2023, the SEC adopted Securities Act Rule 192 (“Rule 192”), which prohibits certain conflicts of interest in securitization transactions. Rule 192 prohibits a “securitization participant” with respect to an asset-backed security (“ABS”) from directly or indirectly engaging in any “conflicted transaction” during the applicable prohibition period. Rule 192 became effective on February 5, 2024. Compliance with Rule 192 is required with respect to any asset-backed securitization if the first closing of the sale occurs on or after June 9, 2025.
Rule 192 implements the prohibition against conflicts set forth under Section 27B (“Section 27B”) of the Securities Act. Rule 192 was adopted ten months after being proposed (“Proposed Rule 192”). The SEC received over nine hundred comment letters on Proposed Rule 192, and indicated that it considered all of the comments it received, including those submitted after the deadline of March 27, 2023. Many commenters urged the SEC to circulate an entirely new proposal that reflected foundational criticisms, instead of adopting the rule essentially as proposed.
As noted above, Rule 192 became effective on February 5, 2024. Under Rule 192, the period of time during which securitization participants are prohibited from entering into a conflicted transaction:
The end date for the prohibition period comes directly from Section 27B and is reasonably clear on its face. The beginning date for the prohibition period, on the other hand, is not directly specified by Section 27B. Proposed Rule 192 identified the beginning date of the prohibition period as the date on which a person “has taken substantial steps” to reach an agreement to become a securitization participant. Proposed Rule 192 did not, however, define “substantial steps” and instead indicated that the determination as to whether “substantial steps” were taken would be a “facts and circumstances” analysis of the securitization participant’s actions. At the request of market participants, the SEC removed the “substantial steps” trigger. Thus, Rule 192 requires an “agreement” by which one becomes a securitization participant. Rule 192, however, does not define “agreement” and the adopting release diminishes certainty regarding its meaning:
For purposes of Rule 192, “agreement” refers to an agreement in principle (including oral agreements and facts and circumstances constituting an agreement) as to the material terms of the arrangement by which such person will become a securitization participant. An executed written agreement, such as an engagement letter, is not required; whether there has been an agreement to become a securitization participant will depend on the facts and circumstances of the securitization transaction and the parties involved.
Rule 192 provides that a securitization participant shall not, during the prohibition period, directly or indirectly engage in any transaction that would involve or result in a “material conflict of interest” between the securitization participant and an investor in an asset-backed securitization. Under Rule 192, a transaction would result in a material conflict of interest between a securitization participant and an investor in an asset-backed securitization if that transaction is a “conflicted transaction.” The “prohibition period” means the period commencing on the date on which a person has reached an agreement that such person will become a securitization participant with respect to an ABS and ending on the date that is one year after the date of the first closing of the sale of such ABS.
Definition of “Conflicted Transaction.” Rule 192 defines “conflicted transaction” as any of the following transactions with respect to which there is a substantial likelihood that a reasonable investor would consider the transaction important to the investor’s investment decision, including a decision whether to retain the ABS:
Catchall Provision. The definition of “conflicted transaction” in Rule 192 is the same as that set forth in Proposed Rule 192, except with respect to clause (iii) (“catchall provision”), which captures all transactions that are, in economic substance, a direct bet against the relevant ABS, but specifies that “merely entering into an agreement to serve as a securitization participant with respect to an ABS and engaging in a purchase or sale of the ABS as an underwriter, placement agent, or initial purchase for such ABS is not itself a conflicted transaction.”
According to the adopting release, the “substantial economic equivalence” standard is intended to address the concern of market participants that the catchall provision captures “direct bets” against the ABS, as opposed to merely correlated trades. The adopting release provides some elaboration on this issue:
We disagree with commenters who said that the scope of Rule 192(a)(3)(iii) should be limited to transactions that are entered into with respect to the relevant ABS or the asset pool supporting or referenced by such ABS. Such an approach would be underinclusive. For example, it would allow a securitization participant to enter into a short with respect to a pool of assets with characteristics that replicate the idiosyncratic credit performance of the asset pool supporting the relevant ABS. We do not believe that it would be appropriate to exclude such transactions as securitizations participants would still have an opportunity to bet against the performance of their ABS by being allowed to enter into such transactions. Whether a short transaction entered into with respect to a similar pool of assets is a conflicted transaction under the final rule will be a facts and circumstances determination. If such a short position with respect to a similar pool of assets would be substantially the economic equivalent of a short sale of the relevant ABS itself or a CDS or credit derivative pursuant to which the securitization participant would be entitled to receive payments upon the occurrence of specified credit events in respect of the relevant ABS, then it would be a conflicted transaction. However, this standard is designed to not capture transactions entered into by a securitization participant with respect to an asset pool that has characteristics that are sufficiently distinct from the idiosyncratic credit risk of the asset pool that supports or is referenced by the relevant ABS. Such transactions do not give rise to the investor protection concerns that Section 27B is designed to address.
The Super Catchall (Anti-Circumvention) Provision. Proposed Rule 192 included a broad anti-circumvention provision. Under that provision, any transaction that “circumvent[ed]” the prohibition against material conflicts of interest would have been deemed to violate the rule. The SEC eliminated the anti-circumvention provision and replaced it with an anti-evasion provision that applies only with respect to the exceptions. Such an approach is more consistent with other securities regulations. The SEC noted that:
We are persuaded that an anti-circumvention provision could have the potential to be both overinclusive and vague in this particular circumstance given the other elements of the rule, and that an anti-evasion standard that focuses on the actions of the securitization participants as part of [a] scheme to evade the rule’s prohibition would be more appropriate. We are also persuaded by the suggestion of certain commenters that the anti-evasion provision should only apply to a securitization participant’s claimed compliance with one of the exceptions to the rule.
The anti-evasion provision in Rule 192 provides that:
If a securitization participant engages in a transaction or a series of related transactions that, although in technical compliance with [the exceptions for risk mitigating hedging activities, liquidity commitments, and bona fide market-making activities], is part of a plan or scheme to evade the prohibition in paragraph (a)(1) of this section, that transaction or series of related transactions will be deemed to violate paragraph (a)(1) of this section.
The Reasonable Investor Standard. Section 27B directed the SEC to adopt a rule prohibiting transactions that would involve or result in any “material” conflict of interest between a securitization participant and an investor. Consistent with its approach in Proposed Rule 192, the SEC implemented this directive by incorporating the following standard of materiality into the definition of “conflicted transaction” in Rule 192—“there is a substantial likelihood that a reasonable investor would consider the transaction important to the investor’s investment decision, including a decision whether to retain the [ABS].”
As the SEC acknowledged in the proposing release, this standard is based on the disclosure standard set forth by the Supreme Court in Basic Inc. v. Levinson. However, as the American Bar Association (“ABA”) pointed out in its comment letter, the “reasonable investor” standard for materiality is not well suited for this rule because it is a standard for what must be disclosed to investors and “not a standard that is appropriate for use in sorting transactions into permissible and impermissible categories.” Market participants urged the SEC to adopt a “materially adverse to the interests of investors” standard like that used in the Volcker Rule. In developing compliance programs, securitization participants will need to contend with how to apply this standard, which is generally applied to disclosure, to a rule that sets forth a strict prohibition. Securitization participants will also face a new challenge in applying the reasonable investor standard to an investor’s decision to retain a security.
Asset-Backed Securities Covered. Under Rule 192, the term “asset-backed security” includes (1) an “asset-backed security [as defined under] section 3(a)(79) of the . . . Exchange Act,” (2) a “synthetic asset-backed security,” as well as (3) a “hybrid cash and synthetic asset-backed security.” Rule 192 does not provide separate definitions for “synthetic asset-backed security” or “hybrid cash and synthetic asset-backed security.” The SEC declined to define those terms, stating:
Given the variation of suggested definitions provided by commenters, we do not believe that adopting any one of these definitions, or a combination thereof, would appropriately capture the scope of the various features of existing synthetic ABS and possible future structures or designs of synthetic ABS; however, commenters’ suggestions are consistent with the characteristics that we have previously identified as features of synthetic ABS.
Although it did not formally define those terms, the SEC agreed that guidance would be beneficial. Thus, in the preamble of the adopting release, the SEC stated that:
[W]hile a synthetic ABS may be structured or designed in a variety of ways, we generally view a synthetic asset-backed security as a fixed income or other security issued by a special purpose entity that allows the holder of the security to receive payments that depend primarily on the performance of a reference self-liquidating financial asset or a reference pool of self-liquidating financial assets. . . . [W]hether a transaction is a ‘synthetic ABS’ subject to Rule 192 will depend on the nature of the transaction’s structure and characteristics of the underlying or referenced assets.
The preamble of the adopting release makes clear that “a corporate debt obligation is not a synthetic ABS for purposes of Rule 192.” Similarly, “a security-based swap is also not a synthetic ABS for purposes of Rule 192 because it is a financial contract between two counterparties without the issuance of a security from a special purpose entity.” Throughout the preamble of the adopting release, the SEC specified that a synthetic ABS is a “security issued by a special-purpose vehicle,” which at least provides some clarity in the type of structure that falls under Rule 192.
Rule 192 applies to transactions involving any “securitization participant.” The term “securitization participant” is defined to mean:
Affiliates and Subsidiaries. When proposing its definition of “securitization participant,” the SEC included any “affiliate” and “subsidiary” thereof, but its final rule narrowed such regulated parties by adding subsections (A) and (B). The SEC added those subsections to address the concerns of commenters about applying the prohibition to all affiliates and subsidiaries of each underwriter, placement agent, initial purchaser, and sponsor, no matter how remotely related, distinct in operation, or uninvolved in the ABS transaction, and without regard to the use of information barriers or other indicia of separateness. According to the adopting release, the new provision “is consistent with the commenter suggestions, as noted above, that affiliates or subsidiaries should only be subject to the prohibition if they have direct involvement in, or access to information about, the relevant ABS or are otherwise acting in coordination with the named securitization participant.”
Acting in Coordination. The “acting in coordination” prong in clause (ii)(A) appears responsive to comments from SIFMA, the Structured Finance Association (“SFA”), and Loan Syndications and Trading Association suggesting an approach analogous to Rule 105 of Regulation M. Rule 105 prohibits short sales during the restricted period prior to a secondary offering but excludes from such prohibition short sales conducted by separate accounts “if decisions regarding securities transactions for each account are made separately and without coordination of trading or cooperation among or between accounts.”
Access to Information. The adopting release does not give any guidance on the meaning of “access to information” in subsection (ii)(B) regarding information that is publicly available or otherwise widely available to investors, prior to first closing of the sale of the relevant ABS. For example, preliminary prospectuses and, when applicable, asset-level data are required to be filed with the SEC and are published on EDGAR at least three business days before the first sale in the offering. If mere access to such publicly available information causes an affiliate or subsidiary to be a securitization participant under Rule 192, the carve-out in the final rule would be meaningless. Notwithstanding its apparent breadth, the “access to information” prong in subsection (ii)(B) appears motivated primarily by concerns about an affiliate’s or subsidiary’s use of information about the ABS transaction to influence the assets included in the ABS transaction. The adopting release states that:
If, for example, a securitization participant employs an information barrier, and the barrier fails, whether the affiliate or subsidiary is a securitization participant under Rule 192 will depend on the facts and circumstances. On one hand, if the failure was accidental, was quickly remedied upon discovery, and the affiliate did not use the information to influence the assets included in the ABS, then the affiliate would likely not be a securitization participant under Rule 192. On the other hand, even if the failure was accidental, but the access to information led to the affiliate using the information to influence the assets included in the ABS, then that affiliate would likely be a securitization participant for purposes of Rule 192.
The provision above indicates that mere access to information about the ABS does not automatically cause an affiliate or subsidiary to become a securitization participant. Where an affiliate or subsidiary receives nonpublic information as the result of an information-barrier failure, what the affiliate or subsidiary does with the information is the key consideration. Thus, an affiliate’s or subsidiary’s use of information about the ABS to influence the composition of the pool assets converts an unregulated affiliate or subsidiary into a regulated securitization participant. Moreover, it would be quite incongruous with this guidance if an affiliate or subsidiary automatically becomes a securitization participant simply because it has access to public information about the ABS via EDGAR filings, rating agency presale reports, and the like. Presumably, if obtaining nonpublic information due to a firewall failure does not make an affiliate or subsidiary a securitization participant unless it uses that information to influence the pool composition, then simply having internet access or a subscription to industry publications should not cause it to become a securitization participant unless it uses the information to influence pool composition.
Indicia of Separateness. The SEC noted that “[w]hether an affiliate or subsidiary acts in coordination with a securitization participant or had access to, or received, information about an ABS or its underlying asset pool or referenced asset pool prior to the closing date will depend on the facts and circumstances of a particular transaction.” The SEC provided an illustrative list of such facts and circumstances that strongly resembles its guidance as to indicia of separateness under Rule 105 of Regulation M. “[A]n affiliate or subsidiary may not be a ‘securitization participant’ if the named securitization participant, for example:
Definition of “Sponsor.” Under Rule 192, an ABS transaction “sponsor” is a “securitization participant.” Rule 192 defines “sponsor” to mean:
This definition of “sponsor” is significantly narrower than the definition set forth in Proposed Rule 192. As explained below, the “directing sponsor” prong has been removed entirely and the “contractual rights sponsor” prong has been clarified to exclude investors who are simply exercising their contractual rights as holders of a long position in the ABS, such as consent rights over initiating foreclosure proceedings with respect to the securitized assets, the right to replace the special servicer of the ABS, or the right to direct or cause the direction of an optional redemption of the ABS.
Regulation AB-based Sponsors. The SEC referred to the “sponsors” defined by subsection (i) as “Regulation AB-based sponsors,” as the definition was derived from the definition of “sponsor” in Regulation AB. As the definition of “sponsor” in Regulation AB is the ordinary meaning of that term in the context of securitization, it was generally supported by commenters. The definitional language regarding Regulation AB–based sponsors is unchanged from Proposed Rule 192.
Contractual Rights Sponsors. The SEC referred to the “sponsors” defined by subsection (ii) as “contractual rights sponsors.” In finalizing Rule 192, the SEC implemented only slight “modifications” from Proposed Rule 192. The adopting release acknowledged concerns expressed in comment letters about investors being deemed sponsors simply by acting in accordance with contractual rights under the transaction documents. As the adopting release correctly noted, “it is often the case that long investors purchasing the most senior or the most subordinated tranche of the relevant ABS negotiate for certain rights that are exercisable over the life of the securitization.” In response to these comments, Rule 192 excludes any person who acts solely pursuant to such person’s contractual rights as holder of a long position in the ABS. The adopting release makes clear that “Rule 192 is not designed to discourage ABS investors from exercising contractual rights as a holder of a long position in the ABS.” As the adopting release explains:
A person’s contractual rights as a holder of a long position in the ABS could include, for example, consent rights over major decisions such as initiating foreclosure proceedings with respect to assets underlying the ABS, the right to replace the special servicer of the ABS, or the right to direct or cause the direction of an optional redemption of outstanding interests in the ABS. Rule 192 is not designed to impair an ABS investor’s ability to negotiate for such contractual rights as a holder of a long position in the ABS. Nor is it designed to discourage investors from exercising such rights as a holder of a long position in the ABS. Therefore, we are adopting paragraph (ii) of the definition of “sponsor” to exclude from the definition of Contractual Rights Sponsor any person who acts solely pursuant to such person’s contractual rights as a holder of a long position in the ABS.
The adopting release makes clear that “a portfolio selection agent for a collateralized debt obligation . . . transaction with a contractual right to direct or cause the direction of the composition of the pool assets” would be considered a sponsor. Similarly, “a collateral manager for a collateralized loan obligation (‘CLO’) with the contractual right to direct or cause the direction of asset purchases or sales on behalf of the CLO” would be considered a sponsor.
Directing Sponsors. In a significant narrowing of the definition of “sponsor,” Rule 192 eliminated the “directing sponsor” prong that was in Proposed Rule 192. As proposed, that prong included “any person . . . that directs or causes the direction of the structure, design, or assembly of an asset-backed security or the composition of the pool of assets underlying the asset-backed security.” The SEC noted that the removal of that definitional prong would mitigate concerns about the number and types of entities that would be considered sponsors.
Service Provider Exclusion. Rule 192 contains an exclusion for entities that perform only “ongoing administration” services. These services refer to “the types of activities typically performed by servicers, trustees, custodians, paying agents, calculation agents, and other contractual service providers pursuant to their contractual obligations in a securitization transaction over the life of the ABS; it does not refer to active portfolio management or other such activity that would be subject to the ‘sponsor’ definition.”
Rule 192 contains the three exceptions as prescribed by Section 27B: (1) risk-mitigating hedging activities, (2) liquidity commitments, and (3) bona fide market-making activities.
Risk-Mitigating Hedging Activities. The exception for risk-mitigating hedging activities provides that a securitization participant’s risk-mitigating hedging activities are permitted “in connection with and related to individual or aggregated positions, contracts, or other holdings of the securitization participant, including those arising out of its securitization activities, such as the origination or acquisition of assets that it securitizes.” Rule 192 makes several important changes from the proposal regarding the exception for risk-mitigating hedging activities.
First, Proposed Rule 192 provided that the “initial distribution of an asset-backed security is not risk-mitigating hedging activity,” but the finalized rule did not include that limitation. The SEC explained that “[t]his change is intended to allow for the initial issuance of a synthetic ABS that the relevant securitization participant enters into and maintains as a hedge.”
Second, Proposed Rule 192 would have excluded the “[r]isk-mitigating hedging activities of a securitization participant” only if those activities “ar[o]s[e] out of its securitization activities.” The finalized rule eliminated the “arising out of ” requirement, specifying that the excepted activities may includ[e] those arising out of its securitization activities. The adopting release explains that the addition of the phrase “including those” is “responsive to the concerns of certain commentators that stated that the risk-mitigating hedging activities exception should not be limited to the hedging of exposures arising out of a securitization participant’s securitization activities.”
Third, Proposed Rule 192 would have subjected the risk-mitigating hedging activity to “ongoing calibration . . . to ensure that the hedging activity . . . does not . . . create an opportunity to benefit from a conflicted transaction.” The finalized rule eased the ongoing-calibration requirement, specifying that it must “not . . . create an opportunity to materially benefit from a conflicted transaction.” The SEC explained that the addition of the word “materially” addressed the concern that securitization participants may not immediately recalibrate their hedging positions and would “not unduly disrupt normal course hedging activities that do not present material conflicts of interest with ABS investors.”
These changes were designed, in part, to facilitate banks’ use of the risk-mitigating hedging exception in connection with credit risk transfer (“CRT”) transactions and other synthetic securitizations conducted for hedging purposes.
Liquidity Commitments. Rule 192 provides that “[p]urchases or sales of the asset-backed security made pursuant to, and consistent with, commitments of the securitization participant to provide liquidity for the asset-backed security” are not prohibited transactions.
Bona Fide Market-Making Activities. Rule 192 contains an exception for a securitization participant’s bona fide market-making activities. As requested by commenters, the SEC added a “if required” qualifier to the condition that the securitization participant is licensed or registered to engage in market-making activity.
Commenters objected to proposed language that “the initial distribution of an asset-backed security is not bona fide market-making activity,” but the SEC retained that language in its final rule. The SEC reasoned that, “in cases where the securitization participant enters into a conflicted transaction as a component of the initial distribution of the synthetic ABS, we do not believe that it would be appropriate to allow that conflicted transaction to be eligible for the bona fide market-making activities exception.”
Requested Exception for Pre-Securitization Activities. Commenters asked the SEC to make clear that transactions with respect to underlying assets that conclude on or before the date such assets are included in a securitization (e.g., pre-securitization hedging transactions, financing transactions, and transfers) are not “conflicted transactions.” Somewhat surprisingly, the SEC did not accept this argument. The SEC does “not believe that it would be appropriate to allow a securitization participant to bet against the performance of an asset pool while, for example, after reaching an agreement to become a securitization participant, simultaneously marketing an ABS to investors that references or is collateralized by that same asset pool even if the relevant bet is closed out prior to the issuance of the ABS.” If a transaction is closed out before the ABS is issued, it is unclear how such a transaction could constitute a “conflicted transaction,” which includes:
“(i) a short sale of the relevant asset-backed security; (ii) the purchase of a credit default swap or other credit derivative pursuant to which the securitization participant would be entitled to receive payments upon the occurrence of specified credit events in respect of the relevant asset-backed security; or (iii) . . . a transaction that is substantially the economic equivalent of a transaction described in . . . (i) or . . . (ii).”
When Proposed Rule 192 was issued, market participants were greatly concerned about the possibility that CRT transactions might be prohibited by the rule. Specifically, “[s]ome CRT transactions are structured as synthetic securitizations that utilize [a special purpose entity (‘SPE’)] as the protection seller and provide that:
“Central to the design and intent of [such a transaction] . . . is that, if the reference assets perform poorly, the bank may be entitled to credit protection payments under the swap or financial guarantee issued by the SPE, and, as a result, the investors in the CLNs may incur a loss.” Citing that feature, the preamble to Proposed Rule 192 suggested that such CRTs might be per se conflicted transactions. Moreover, even though CRT transactions are important tools used by banks to hedge their credit risks, the risk-mitigating hedging activities exception in Proposed Rule 192 was not sufficiently flexible to allow CRTs to qualify for that exception. Comment letters from SIFMA, SFA, the International Association of Credit Portfolio Managers, and the ABA, among others, urged the SEC to make clear in the final rule that bank CRTs involving SPEs are not “conflicted transactions.” Fortunately, the SEC responded favorably to these comments.
As noted above, under Rule 192, the initial issuance of a synthetic ABS will now be eligible for the risk-mitigating hedging activities exception. The adopting release makes clear that “[t]his change is intended to allow for the initial issuance of a synthetic ABS that the relevant securitization participant enters into and maintains as a hedge.”
It is important to note, however, that a bank must meet the various conditions to the use of the exception for risk-mitigating hedging activities. Most notably, banks must consider whether the ongoing-calibration condition—which is designed to prevent the opportunity to materially benefit from the hedge beyond risk reduction—is consistent with the applicable bank regulatory capital rules and related law pertaining to risk mitigation through synthetic securitization. In addition, banks will need to establish, implement, maintain, and enforce the internal compliance program required as a condition to the risk-mitigating hedging exception.
It is also important to note that the issuance of a new synthetic ABS where a securitization participant is a buyer of credit protection and that does not otherwise qualify for the risk-mitigating hedging exception may be prohibited by Rule 192. The adopting release states that:
[T]he relevant material conflict of interest in the context of the issuance of a new synthetic ABS arises when the securitization participant engages in a transaction (such as CDS contract(s) with the synthetic ABS issuer) where cash paid by investors to acquire the newly created synthetic ABS will fund the relevant contract(s) and be available to make a payment to the securitization participant upon the occurrence of an adverse event with respect to the assets included in the reference pool. In economic substance, if the reference pool for the synthetic ABS performs adversely, then the securitization participant benefits at the expense of the investors in the synthetic ABS. Pursuant to the final rule, this arrangement will result in a conflicted transaction with respect to the investors in the synthetic ABS because it is substantially the economic equivalent of a bet against such ABS itself.
In the adopting release, the SEC stated that:
Consistent with [the] territorial approach [that it historically has applied], which is based on Supreme Court precedent . . . , the Commission understands the relevant domestic conduct that triggers the application of Section 27(B)(a)’s prohibition to be the sale in the United States of ABS. If there are ABS sales in the United States to investors, the prohibition of Section 27B(a)—as implemented through the provisions of Rule 192—applies.
Rule 192 contains a safe harbor for foreign transactions. To qualify for the safe harbor, “(1) the asset-backed security . . . [must] not be issued by a U.S. person (as defined in 17 CFR 230.902(k)); and (2) the offer and sale of the asset-backed security . . . [must be] in compliance with 17 CFR 230.901 through 905 (Regulation S).”
Securitization participants would be well advised to begin taking affirmative steps to ensure that they are ready to comply with Rule 192. These steps could include, among other things, reviewing Rule 192 with counsel; identifying the universe of potential entities that could be securitization participants; identifying the potential types of transactions across the securitization participant’s landscape that could be conflicted transactions; identifying the applicable exceptions to Rule 192 (e.g., hedging, liquidity, and market making); preparing compliance policies across the institution, including the enforcement of those policies; and establishing an internal process to review and approve transactions.