Deal Diary

The world has changed a lot since our 2020 report. A global pandemic; a reckoning on race, inequality and social justice; a climate crisis; an economic shock; and increased political polarization have created challenging dynamics for companies and boards globally. The role of the board in managing risk and charting the course ahead is more critical today than ever before. This report delves into these wide-ranging and interlocking issues and offers insight on how directors and management must proactively embrace their stewardship roles in this brave new world.

Cybersecurity and Privacy

Despite cries from corporations and privacy advocates across America for a unified federal privacy law, the nation’s toughest privacy law—the California Consumer Privacy Act (CCPA)—went into effect on January 1, 2020. The CCPA will likely usher in a new era of data governance and data privacy, with data becoming a currency that is regulated more closely by both states and the federal government. At the same time, cyber breach activity continues to escalate, so cybersecurity and data privacy should be considered a significant risk area for companies.

Election and Impeachment

The presidential race will garner much of the attention during the 2020 election cycle, but there is fierce competition elsewhere, too. Republicans and Democrats are fighting for both U.S. House of Representatives and U.S. Senate seats in the 116th U.S. Congress, with the Republican Party trying to regain House majority. Meanwhile, impeachment proceedings against President Donald Trump are shaping up to be a potential game changer for certain members of the Senate who are running for president. They’ll lose valuable time on the campaign trail while serving as jurors for the duration of the impeachment trial.

Akin Gump has issued an alert summarizing pending amendments before the California State Legislature to the California Consumer Privacy Act (CCPA).

Please click here to read the full alert.

As part of its transparency and outreach initiative to its stakeholders, the Public Company Accounting Oversight Board (PCAOB, or “Board”) continues to issue staff briefs to better inform the public about how the Board is conducting its work. Most recently, the PCAOB issued a 2019 Staff Inspections Brief for Audit Committees, which reflects the Board’s “ongoing dialogue” with audit committees for companies whose audits are within the PCAOB’s jurisdiction. This staff brief is intended as a supplement to the Board’s 2019 Inspections Outlook issued in December 2018. While this is not the first time PCAOB inspectors have spoken to audit committee chairs as part of their inspection process the Board is previewing with specificity some of the questions audit committees can expect from PCAOB staff.

Akin Gump litigation partner Michelle Reed and counsel Matthew Lloyd have published an article in Westlaw Securities Enforcement & Litigation Daily. The article notes that the increase in the number of federal securities class actions can be explained, in part, on the “apparent shift of merger and acquisitions suits from Delaware state court to federal court.” There is also another explanation, which they attribute to claims “filed in response to adverse company events such as a data security breach, sexual harassment allegations, a catastrophic explosion, allegations that a drug or product has side effects or caused injury, or a regulatory investigation or enforcement action.”

With threats of nation-states infiltrating supply chains and landmark laws being passed, cybersecurity and privacy are critical aspects of director oversight. Recent court decisions and speeches from the SEC have made it clear that directors are not able to delegate cybersecurity oversight: directors each have the responsibility to personally understand cybersecurity risk and ask appropriate questions. Directors must focus on internal controls to guard against cyber-threats (including accounting, cybersecurity and insider trading) and expand diligence of thirdparty suppliers. Integrating both privacy and security by design will be critical to minimizing ongoing risk of cybersecurity breaches and state and federal enforcement.