Courtesy of CEB, we are bringing you selected legal developments in areas of California business law that are covered by CEB’s publications. This month’s feature is from the February 2023 update to Financing and Protecting California Businesses. References are to the book’s section numbers. The most significant legal developments since the last update include developments in such important topic areas as arbitration, federal and state securities law, loan financing, cybersecurity, tax matters, and board diversity requirements.
February 2023 Update
The California Supreme Court in Iskanian v CLS Transp. Los Angeles, LLC (2014) 59 C4th 348, held that a waiver of the employee’s representative claims under the Labor Code Private Attorneys General Act of 2004 (PAGA) (Lab C §§2698–2699.6) was not valid because it lay outside the ambit of the Federal Arbitration Act (FAA) (9 USC §§1–16). 59 C4th at 386. However, in Viking River Cruises, Inc. v Moriana (2022) ___ US ___, 142 S Ct 1906, the U.S. Supreme Court reviewed Iskanian, holding that the FAA preempts Iskanian insofar as the holding precludes division of PAGA actions into individual and nonindividual claims through an agreement to arbitrate. Thus, the employer was entitled to compel arbitration of the former employee’s individual claims. The Court left in place Iskanian‘s prohibition on wholesale waivers of (nonindividual) PAGA claims. See also People v Maplebear, Inc. (2022) 82 CA5th 923 (interpreting Viking River Cruises). See §3.10A.
On March 15, 2022, the Adjustable Interest Rate (LIBOR) Act (the LIBOR Act), Division U of the Consolidated Appropriations Act of 2022 (Pub L 117–103, 136 Stat 49), was signed into law. The LIBOR Act provides that the statutory replacement rate will be based on the Secured Overnight Financing Rate (SOFR) for loan contracts that either (1) contain no fallback provisions or (2) contain no specific non-LIBOR fallback rate and do not have a person to determine the rate. Therefore, loan contracts that have fallback provisions or have a determining person and fallback to a rate such as prime are not within the scope of the legislation. As required under the LIBOR Act, in July 2022, the Federal Reserve Board released their proposed rules to implement the LIBOR Act. The proposed rules could bring some loan contracts that were excluded from the legislation back into the scope of the legislation. Only until the final rules are published will we know the full scope of the LIBOR Act on existing loan contracts that still need to transition to a non-LIBOR rate. See §8.16.
In Nagel v Westen (2021) 59 CA5th 740, the court held that, under the Uniform Voidable Transactions Act (UVTA) (CC §§3439–3439.14), converting nonexempt property into exempt property by “physically relocating personal property and transmitting or transporting sale proceeds out of state, then transmuting them into a different legal form, may constitute a direct or indirect mode of parting with assets or one’s interest in those assets,” and is a voidable “transfer” under the UVTA, even if those assets were not transferred to a third party transferee. See §8.20A.
Amendments to the UCC were completed in 2022 by the Uniform Law Commission and the American Law Institute (the “2022 UCC Amendments”) to address emerging technologies (in particular digital assets). See https://www.uniformlaws.org/viewdocument/final-act-164?CommunityKey=1457c422-ddb7-40b0-8c76-39a1991651ac&tab=librarydocuments. The amendments include changes to Article 9 of the UCC to govern security interests in digital assets. These digital assets are referred to as “controllable electronic records” (CERs) and are defined as a record of information in electronic form that is susceptible to “control.” CERs include certain virtual currencies (e.g., Bitcoin), non-fungible tokens (NFTs), and digital assets in which specific payment rights are embedded. The 2022 UCC Amendments provide that CERs are in effect “negotiable” (i.e., capable of being transferred in such a way to cut off competing property claims (including security interests) to the CER). The 2022 Amendments provide for a security interest in a CER to be perfected by the filing of a financing statement or by control. A security interest in a CER perfected by control will have priority over a security interest perfected only by the filing of a financing statement. See §8.25.
The issue of whether a lender owes a tort duty of care to a borrower in connection with a mortgage loan modification was recently decided by the California Supreme Court, resolving a split in the courts of appeal. In Sheen v Wells Fargo Bank, N.A. (2022) 12 C5th 905, the supreme court affirmed the court of appeal and held that a lender does not owe a borrower a tort duty of care during loan modification negotiations and therefore a lender has no common law duty to “process, review and respond carefully and completely to” a borrower’s loan modification application. 12 C5th at 948. Because the plaintiff’s claims arose from a mortgage contract with Wells Fargo, the claims fell within the ambit of the economic loss doctrine, a judicially created doctrine that bars recovery in negligence for purely economic losses “when such claims would disrupt the parties’ private ordering, render contracts less reliable as a means of organizing commercial relationships, and stifle the development of contract law.” 12 C5th at 915. See §8.80.
In Murray v UPS Capital Ins. Agency, Inc. (2020) 54 CA5th 628, 639, the court ruled that an insurance broker may assume a greater duty to an insured when (1) it “misrepresents the nature, extent or scope of the coverage”; (2) the insured asks about a particular type or extent of coverage; or (3) the broker “assumes an additional duty by either express agreement or by ‘holding [it]self out’ as having expertise in a given field of insurance being sought by the insured.” See §11.55A.
Cybersecurity and Privacy
In August 2021, the National Institute of Standards and Technology (NIST) published “Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide,” intended to provide direction and guidance to organizations in any sector or community that are seeking to improve cybersecurity risk management through utilization of NIST’s Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework). See https://www.nist.gov/publications/getting-started-nist-cybersecurity-framework-quick-start-guide. See §13.7.
On January 18, 2022, the federal Cybersecurity and Infrastructure Security Agency (CISA) published a guide, “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats,” which provides steps to reduce the likelihood of a cyberattack and steps to detect and respond to such attacks. See https://www.cisa.gov/sites/default/files/publications/CISA_Insights-Implement_Cybersecurity_Measures_Now_to_Protect_Against_Critical_Threats_508C.pdf. CISA has also created a website located at https://www.cisa.gov/stopransomware that provides guidance for responding to ransomware attacks. See §13.7A.
On March 15, 2022, as part of the Consolidated Appropriations Act, 2022 (Pub L 117–103, 136 Stat 49), President Biden signed into law new cyberattack reporting obligations for companies with businesses involving critical infrastructure. The new law, titled the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (Division Y of the Consolidated Appropriations Act, 2022, §§101–107), will eventually require certain companies with critical infrastructure to report cyber incidents within 72 hours, and ransomware payments within 24 hours. The new requirements do not go into effect immediately. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has 24 months to issue proposed rules to implement the law, although the agency may do so in advance of that deadline. See §13.11.
On November 3, 2020, California voters passed Proposition 24 (the California Privacy Rights Act (CPRA)). See https://vig.cdn.sos.ca.gov/2020/general/pdf/topl-prop24.pdf. The CPRA amended 18 out of the 24 original statutes in the California Consumer Privacy Act of 2018 (CCPA) (CC §§1798.100–1798.199.100) and added 21 new statutes at the end of the original CCPA. It is scheduled to take effect on January 1, 2023, but is subject to a rulemaking process, so practitioners are encouraged to follow developments regarding implementation of the CPRA. For further discussion of the CPRA, see Internet Law and Practice in California, chap 9 (Cal CEB). See §13.13.
In February 2021, the Federal Trade Commission (FTC) released an updated helpful guide on data breach response, titled Data Breach Response, A Guide for Business, available at https://www.ftc.gov/tips-advice/business-center/guidance/data-breach-response-guide-business. The guide sets forth a series of steps that a company is advised to take for a quick and appropriate response when the company suspects a data breach has occurred. See §13.14.
The IRS grants automatic consent for certain accounting method changes. To apply for automatic consent, a taxpayer must attach IRS Form 3115, Application for Change in Accounting Method, to its income tax return for the year of the change. See Rev Proc 2022–14, 2022–07 Cum Bull 502 for the current list of accounting method changes that are available automatically. See §15.8.
With respect to tax years ending after March 26, 2020, and before January 1, 2021, taxpayers who received a loan under the Paycheck Protection Program (PPP) were previously barred from deducting certain otherwise deductible expenses paid or incurred during such tax years if such expenses resulted in, or were expected to result in, forgiveness of the PPP loan. Under a 2021 IRS-issued safe harbor, certain eligible taxpayers are now allowed to deduct these previously nondeductible expenses. Effective for tax years ending in calendar year 2020 and the immediately subsequent tax year, a “Covered Taxpayer” can elect to deduct eligible expenses on the taxpayer’s timely filed (including extensions) original Federal income tax return or information return for the taxpayer’s immediately subsequent taxable year. Rev Proc 2021–20, 2021–19 Cum Bull 1150. See §15.41B.
In Technical Advice Memorandum 2022–01, available at https://www.ftb.ca.gov/tax-pros/law/technical-advice-memorandums/2022-01.pdf, the FTB cited the U.S. Supreme Court’s analysis in South Dakota v Wayfair, Inc. (2018) 585 US 298, 138 S Ct 2080, as relevant to the analysis of whether a seller who sells to customers located in California is engaged in business activities in California. Therein, the FTB provided a list of internet activities in California that create a California income tax filing requirement. See §16.35.
Federal and State Securities Regulation
As of January 1, 2022, California offers a crowdfunding exemption under Corp C §25102(r). The new law enables issuers to raise up to $300,000 on a funding portal conforming with federal Regulation CF (17 CFR §§227.100–227.206), without a financial statement review. Importantly, because the new California law is a blue-sky exemption that relies on federal Rule 147A (17 CFR §230.147A), it preserves for a follow-on federal Regulation CF offering the audit exception for first-time users of Regulation CF. To be eligible for the crowdfunding exemption, (1) the issuer must be a California corporation or a foreign corporation subject to Corp C §2115; (2) the offering must follow the requirements of federal Regulation CF (except that aggregate amount of securities sold by the issuer during the 12-month period preceding the date of offering, including the securities offered in such transaction, must not exceed $300,000); (3) the issuer need only include accounting statements certified by management rather than a review by an independent public accountant; (4) the issuer must take reasonable steps to ensure that each purchaser who is a natural person and not an accredited investor is able to evaluate the merits and risks of the prospective investment; (5) the issuer must give the purchaser a 3-day right to rescind any investment; (6) the issuer must not, itself or through any third party not licensed as a broker-dealer, conduct any direct solicitation of the securities; and (7) the issuer must not require any investor to waive jury trials, be bound by law other than California, or file or resolve a claim or dispute in a forum other than California. See §§1.27, 6B.37A.
In recent years, the SEC has rescinded Industry Guides 2, 3, and 7 and moved the disclosure requirements into subparts of Regulation S-K (17 CFR pt 229). The SEC has been rescinding old Industry Guides on a case-by-case basis to replace them with more consistent corporate disclosure rules for industries to follow. Currently, the SEC is working on a revised Industry Guide 5 to address changes in the real estate industry. Although the SEC’s Corporate Finance Division issued staff interpretive guidance in July 2013, as CF Disclosure Guidance Topic No. 6, to provide additional guidance and clarity, this document when read together with Industry Guide 5 is confusing. The National Association of Real Estate Investment Trusts (NAREIT) has stated that Industry Guide 5 “currently prescribes multiple quantitative disclosures in tabular format, making preparation onerous.” On November 19, 2020, the SEC announced that it voted to adopt amendments that will modernize, simplify, and enhance certain financial disclosure requirements in Regulation S-K. The SEC stated that the “amendments are intended to enhance the focus of financial disclosures on material information for the benefit of investors, while simplifying compliance efforts for registrants.” See https://www.sec.gov/news/press-release/2020-290. See §6A.9.
The Holding Foreign Companies Accountable Act (HFCA Act) (Pub L 116–222, 134 Stat 1063 (Dec. 18, 2020)), which became effective on January 1, 2021, requires the SEC to prohibit the securities of a registrant from trading on any U.S. securities exchange or the over-the-counter market if, for 3 consecutive years, the Public Company Accounting Oversight Board (PCAOB) has determined that it has been unable to inspect the auditor of the registrant’s financial statements because of a position taken by an authority in the registrant’s jurisdiction. See §17.4.
In October 2021, Nasdaq adopted additional listing criteria for companies primarily administered in jurisdictions (such as China) that do not provide the PCAOB with the ability to inspect public accounting firms that audit Nasdaq-listed companies (“Restrictive Market Companies”). See SEC Release 34–93256 (Oct. 4, 2021). See §17.4.
On March 21, 2022, the SEC proposed rule amendments that would require a public company that is subject to the reporting requirements of the Exchange Act to include certain climate-related information in its registration statements and periodic reports. See SEC Release Nos. 33–11042 (Mar. 21, 2022) and 33–11061 (May 9, 2022). On March 9, 2022, the SEC proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by registrants. See SEC Release No. 33–11038 (Mar. 9, 2022). See §§17.11A, 17.26.
Under Nasdaq’s current rules, an issuer must disclose the price range within which it expects to price its securities in the direct listing, and securities must directly list within that price range, unless the issuer files a post-effective amendment to the registration statement. On May 25, 2021, Nasdaq proposed to amend the existing requirement that the auction occur within a predetermined price range. If Nasdaq’s proposed rule change is approved, the price range requirement would be relaxed, permitting the issuer to sell shares in the opening auction up to 20 percent above or below the disclosed price range in all cases, and more than 20 percent above the disclosed price range if certain conditions are met. See https://listingcenter.nasdaq.com/assets/RuleBook/Nasdaq/filings/SR-NASDAQ-2021-045.pdf. See §18.5A.
The SEC has proposed significant new rules to align the treatment of SPACs more closely to that of traditional IPOs, including
- Requiring enhanced disclosures in connection with both the SPAC IPO and the de-SPAC transaction;
- Providing additional investor protections in both the SPAC IPO and the de-SPAC transaction;
- Deeming a business combination of a reporting shell company, including a SPAC, with a company that is not a shell company to involve a “sale” subject to the disclosure and liability provisions of the Securities Act of 1933 (Securities Act) (15 USC §§77a–77aa);
- Better aligning the required financial statements of the private operating company in a business combination involving a shell company, including a SPAC, with those required in a registration statement for a traditional IPO;
- Expanding the SEC’s existing guidance on the use of projections in SEC filings generally, and require additional disclosures regarding projections used in a de-SPAC transaction; and
- Providing SPACs a safe harbor from the requirement to register as investment companies under the Investment Company Act of 1940 (15 USC §§80a–1—80a–64).
See SEC Release Nos. 33–11048, 34–94546, IC–34549 (Mar. 30, 2022) (SEC SPAC Release), available at https://www.sec.gov/rules/proposed/2022/33-11048.pdf. See §§19.93, 19A.1, 19A.25.
In In re Multiplan Corp. Stockholders Litig. (Del Ch 2022) 268 A3d 784, an action arising from a merger involving a SPAC, the court held that a limited liability company retained as a financial advisor was not an independent third party advisor but rather an entity controlled by the SPAC’s controlling stockholder. The court ruled that the plaintiffs’ breach of fiduciary duty claims against the SPAC’s corporate directors were viable. See §19A.17.
In February 2022, the SEC proposed amending Exchange Act Rule 15c6–1(a) (17 CFR §240.15c6–1(a)) to shorten the standard settlement cycle for securities transactions from 2 business days after trade date (T+2) to 1 business day (T+1), commencing March 31, 2024. If adopted, public offerings could close as early as 1 business day after the date the underwriting agreement is executed. See SEC Release No. 34–94196 (Feb. 6, 2022). See §§20.5, 20.40.
On March 23, 2022, the SEC proposed to replace the reference to investment grade nonconvertible securities in Rule 101 with a standard utilizing a specified probability of default as estimated by certain standard credit risk models. See SEC Release No. 34–94499 (Mar. 23, 2022). See §20.26.
Board Diversity Requirements
In 2021, Nasdaq adopted rules that require, subject to specified exceptions, all listed companies
- To disclose annually board diversity statistics, including the number of directors based on the self-identification of gender, race/ethnicity, and LGBTQ+ status (NASDAQ Rule 5606); and
- To have, or to explain why they do not have, at least two diverse directors, including one who self-identifies as female and one who self-identifies either as (1) Black or African-American, Hispanic or Latinx, Asian, Native American or Alaska Native, Native Hawaiian, or Pacific Islander, or (2) LGBTQ+. The timetable to meet the board composition rule is based on the company’s listing tier (NASDAQ Rule 5605(f)).
The rules adopt a “comply-or-explain” model and are not a quota or mandate. The rules establish a recommended objective for most Nasdaq-listed companies to have at least two diverse directors and, if not, to explain why not. See https://listingcenter.nasdaq.com/assets/Board%20Diversity%20Disclosure%20Five%20Things.pdf; SEC Release No. 34–92590 (Aug. 6, 2021). Nasdaq’s board diversity rules have been challenged in federal court. See, e.g., Alliance for Fair Bd. Recruitment v SEC (5th Cir 2021, filed Aug. 10, 2021, No. 21-60626); National Ctr. for Pub. Policy Research v Weber (ED Cal, filed Nov. 22, 2021, No. 2:21-cv-02168-JAM-AC). See §18.42A.
California’s board gender and racial diversity laws have been challenged in both state and federal court on the grounds that they are, among other things, unconstitutional and violate the internal affairs doctrine. See Meland v Weber (9th Cir 2021) 2 F4th 838 (reversing federal district court, holding plaintiff shareholder had standing to pursue lawsuit); Crest v Padilla (LA Super Ct, filed Aug. 6, 2019, No. 19STCV27561), 2019 WL 3771990 (complaint) (challenging gender-based quotas); Crest v Padilla (LA Super Ct, filed Oct. 2, 2020, No. 20STCV37513) (challenging racial quotas). See also National Ctr. for Pub. Policy Research v Weber (ED Cal, filed Nov. 22, 2021, No. 2:21-cv-02168-JAM-AC) (challenging racial quotas); Alliance for Fair Bd. Recruitment v Weber (CD Cal, filed July 12, 2021, No. 2:21-CV-05644) 2021 WL 7185705 (complaint). On May 13, 2022, the Los Angeles Superior Court held that California’s board gender diversity law violated the Equal Protection provisions of the California Constitution, and enjoined the use of taxpayer funds to enforce the law. On April 1, 2022, the Superior Court granted a motion for summary judgment in favor of the plaintiffs in their case against California’s board racial/ethnic diversity law; the Superior Court’s order did not provide the reasoning for its decision. As a result of these rulings, California’s board diversity laws are enjoined, subject to appeal. In light of the independent gender or racial/ethnic diversity requirements imposed by the SEC, NYSE, Nasdaq, proxy advisors, other states, and institutional investors, companies must continue to give serious attention to board composition and diversity. See §18.42A.