On 3 May 2023, the Securities and Exchange Commission adopted new rules to modernize and enhance the disclosure requirements for repurchases of equity securities by publicly listed companies, often referred to as stock buybacks. Among other changes, the amendments will require issuers to disclose in their periodic reports their daily share repurchase activity for each quarter (replacing the proposed rule that issuers would have to make daily filings of share repurchase activity) and provide certain additional narrative disclosure about their share repurchase programs in periodic reports. The SEC also adopted new Item 408(d), which will require disclosure in issuers’ periodic reports regarding the adoption and/or termination of 10b5-1 trading arrangements during the reporting period.

The SEC adopted final rules relating to Rule 10b5-1 in December 2022, which went into effect on 28 February 2023. The amendments introduce new restrictions on 10b5-1 plans, as well as disclosure requirements to address insider trading and improve public reporting on corporate insiders’ transactions.
With the new rules impacting both reporting companies and persons wishing to avail of themselves of the affirmative defense, internal legal and compliance departments must be familiar with and ready to implement the changes brought by the new rules.

On 21 March 2022, the US Securities and Exchange Commission issued its long-awaited proposed rules that, if adopted as currently drafted, would mandate both domestic and foreign registrants to make a variety of climate-related impacts and risk disclosures in registration statements and annual filings under the Securities Exchange Act of 1934.

On 9 March 2022, the US Securities and Exchange Commission proposed amendments to its rules on disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. These rules are intended to enhance and standardize cybersecurity disclosures, and, if adopted in their current form, would require public companies to disclose cybersecurity-related policies, procedures and all material cybersecurity incidents.