Corporate & Securities Blog

On March 31, 2025, members of the U.S. House of Representatives Committee on Financial Services sent a letter to Mark Uyeda, Acting Chairman of the U.S. Securities and Exchange Commission. Seeking to “undo the damage from former Chairman Gary Gensler’s tenure,” the letter requests that the SEC withdraw fourteen final and proposed rules, including both the SEC’s Pay Versus Performance rules (adopted August 2022) and rules related to Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure (adopted July 2023).  The SEC may withdraw adopted rules pursuant to the Administrative Procedure Act, which generally involves a public notice and comment period. It will be interesting to see the response of incoming SEC Chairman Paul Atkins. Stay tuned.

On March 21, 2025, the Financial Crimes Enforcement Network (“FinCEN”) issued an interim final rule that significantly narrows the beneficial ownership information (“BOI”) reporting requirements under the Corporate Transparency Act (“CTA”).

On February 27, 2025, the Financial Crimes Enforcement Network (“FinCEN”) announced that it will not issue any fines or penalties or initiate any other enforcement action against companies that do not file or update beneficial ownership information (“BOI”) reports under the Corporate Transparency Act (“CTA”) by the newly-instated March 21, 2025 deadline.

On February 17, a federal judge in Texas lifted a preliminary injunction issued in Smith v. United States Department of the Treasury, removing the last legal hurdle to the enforcement of the Corporate Transparency Act (“CTA”). As a result, the CTA’s reporting obligations are back in effect—at least temporarily.

Last Friday, the United States Supreme Court lifted a nationwide injunction originally issued by the U.S. District Court for the Eastern District of Texas (and later upheld by the Fifth Circuit Court of Appeals) in Texas Top Cop Shop, Inc. v. McHenry. The Top Cop injunction had blocked enforcement of the Corporate Transparency Act (the “CTA”).

As we embark on the new year, it is time to consider what is next for the SEC—specifically, EDGAR Next. In September 2024, the Securities and Exchange Commission adopted amendments to Regulation S-T aimed at modernizing the agency’s Electronic Data Gathering, Analysis, and Retrieval (EDGAR) system. The new system—aptly named EDGAR Next—will feature improved access procedures and enhanced security measures, including two-factor authentication.

On December 11, 2024, the U.S. Court of Appeals for the Fifth Circuit struck down Nasdaq’s board diversity rules, which were designed to increase representation of women and minorities on corporate boards. Since 2023, the rules have required Nasdaq-listed companies to have at least one woman, minority, or LGBTQ+ member on their boards and to report director diversity information each year.

On October 22, 2024, the Securities and Exchange Commission charged four companies with making materially misleading disclosures about their cybersecurity risks. Each of the companies—Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd., and Mimecast Limited—agreed to pay hefty monetary penalties to settle the SEC’s charges.

The fines follow a lengthy investigation by the SEC into public companies affected by the 2020 SolarWinds breach, one of the most widespread cyberattacks to date. The attack, largely believed to have been carried out by ...