Public Company Web Site Content: A Corporate Governance Perspective
The Securities and Exchange Commission's interpretive guidance released in August on the use of company Web sites for compliance with the disclosure requirements under the Securities Exchange Act of 1934 and the antifraud provisions of the securities laws highlights the need to include Web site review as part of a public company's corporate governance program.
This SEC Web site release is part of the SEC's continued efforts to promote the use of a company Web site as a disclosure vehicle for the dissemination of important information to investors. The release focuses on the SEC's existing position that provisions of the federal securities laws apply to information posted on or hyperlinked to the company's Web site. From a corporate governance perspective, as the corporate Web site and securities regulatory compliance become more intertwined, the Web site not only serves as a communications medium, but also as a compliance tool that has to be appropriately managed.
This article describes methods of effectively complying with the new SEC guidance related to company Web sites.
Generally, the system of reviewing and monitoring information posted on a company Web site should be part of the disclosure controls included in the enterprise-wide risk management system established by the company. In order to effectively manage the company's risks at the enterprise level, both the board of directors or a committee of the board and management should be involved in such a process. A specific member of the company's securities compliance team, for example, an in-house counsel or an internal auditor, should be in charge of reviewing and updating the content of the company Web site. This person should report to a committee of the board of directors, to which the responsibility of monitoring the company's securities compliance in general, including company Web site disclosures, was delegated by the board. In addition, if the company has established a disclosure committee, such committee should specifically discuss not only the company's SEC filings but also the company's Web site content as it is related to the company's compliance with the federal securities laws.
The antifraud provisions of the federal securities laws, including Exchange Act Section 10(b) and Rule 10b-5 promulgated under the Exchange Act, apply to information posted on or hyperlinked to a company Web site. Because these provisions generally prohibit a company from making material misstatements and omitting material facts in connection with the purchase or sale of securities, it is imperative that the company posts and maintains accurate information on its Web site.
In light of the new SEC guidance, the in-house counsel, internal auditor or another member of the management responsible for the company Web site content should focus on the following types of information which, if not handled correctly, are highly likely to lead to problematic issues and pose potential liability for a company:
- Information previously posted on the company Web site.
- Hyperlinks to third-party information.
- Summary or overview information.
- Content of interactive Web site features.
Information posted by a company on its Web site may become outdated over time and be only of historical value (for example, press releases, reports to shareholders or other financial and business information regarding the company or its products). However, such information may be considered "republished" every day that it continues to be posted on the Web site and thus available to be reviewed by investors. If a statement contained in one of these documents is considered republished due solely to its presence on the company's Web site, the company may be obligated to continually update the statements contained in such documents. Outdated statements may give rise to antifraud liability because investors may potentially rely on such outdated information such as old earnings guidance contained in a press release in making a decision whether to invest in the company's securities.
Generally, the SEC takes a position that a company has not reissued or republished previously posted information for the purposes of the antifraud provisions of the securities laws simply because such information remains on the Web site and is accessible to the public. However, the line between not republishing such information and affirmatively reissuing an outdated statement is extremely murky.
To avoid any doubt as to whether the company has affirmatively reissued the statement, regular review and monitoring of the Web site content is necessary to ensure that all historical investor information is posted in a separate section of the Web site specifically designated for such purpose. Site content should be reviewed at least once every quarter to make sure that all historical information has been properly identified and segregated from current information. In addition, all previously posted information should be dated to avoid the impression of reissuing such information.
A company can also be held liable under the antifraud provisions of the securities laws for third-party information that it has hyperlinked to its Web site, provided the company was directly or indirectly involved in its preparation or endorsed such information, and thus implicitly adopted it as its own information. The company's management should discuss the benefits and risks of hyperlinking third-party information to the company's site in light of the SEC's guidance regarding hyperlinking to ensure that an informed decision is made as to the benefits of utilizing hyperlinking.
If the decision is made to use such hyperlinks, then a specifically designated person within the company, such as the in-house counsel or internal auditor, should be responsible for selecting which information will be hyperlinked to the company Web site. That person would then actively monitor the hyperlinked information to ensure that any changes in the third-party information do not create issues for the company under the securities laws.
Companies should avoid selective hyperlinking where, for example, only positive analyst reports or newspaper articles about the company are hyperlinked, which may suggest that the company has adopted the views conveyed by such reports or articles. Many companies using hyperlinks have created "exit notices" or "intermediate screens" leading to hyperlinked information in order to clarify confusion as to the source of the hyperlinked information and to avoid giving the impression that the company has prepared or approved such information.
However, the SEC has warned that such measures alone may not suffice to shield a company from antifraud liability if there is circumstantial evidence that the company has effectively endorsed such information. Similarly, the SEC has stated that disclaimers as to the accuracy of the third-party information will not insulate a company from antifraud liability if the company knows or is reckless in not knowing that such third-party information is materially false or misleading.
In light of the SEC's guidance, the person responsible for monitoring hyperlinked information on the Web site should brief company management regarding the nature of the hyperlinked information, and the company's securities compliance team should re-evaluate whether particular links should be maintained or removed from the Web site, or whether additional hyperlinks should be added to provide balanced and nonbiased information about the company to investors.
Another area of Web site disclosure that should be the focus point for the company's securities compliance team is the content of the posted summaries of information or overviews, such as summary financial information, on the Web site. Although the SEC views summaries and overviews as useful tools of highlighting important information to investors, the SEC is concerned that investors may not perceive a particular piece of information as a summary and base the investment decision on incomplete information.
The member of the securities compliance team responsible for the Web site should monitor the summary information posted on the site to ensure such information has a heading or a title that clearly communicates the abbreviated nature of the information. In addition, explanatory language may accompany the summary information identifying the information as a summary or overview and directing the reader to the location of the more detailed information.
The company may also place the summary information close to a link to more detailed information that served as a source for the summary or overview information so that the investor had access to full information available on the subject. This can help avoid antifraud liability based on the information that the investor can obtain just from the summary.
For example, the SEC guidance suggests that the use of a "layered" or "tiered" format for a company Web site, where the opening page would contain summaries of information with links to more detailed information about the company's strategy, financial position, management and corporate governance, is helpful for addressing this issue.
As companies are making greater use of interactive Web site features such as blogs or "electronic shareholder forums," as now permitted by the SEC's amendments to the proxy rules, the SEC Web site release suggests that there should be appropriate controls and procedures monitoring statements made by or on behalf of the company on such blogs or forums, because the antifraud provisions of the securities laws apply to these channels of communication.
In addition, the SEC clarified that companies may not have investors waive federal securities laws protection as a condition of using a blog or a forum. The company's management, together with its securities compliance team, should apply the same stringent controls to disclosures in the blogs or forums as to information posted on its Web site or disclosed in its SEC filings. In addition, given the multitude of issues raised by the participation in blogs and shareholder forums by members of management, companies should carefully weigh the pros and cons of such participation before making the decision to participate in these avenues of shareholder communication. Given the potential for Regulation FD violations arising from this practice, if the decision is made to participate in these blogs and forums, careful scrutiny of what is being posted in them is crucial.
Under SEC rules and regulations, the company's principal executive officer and principal financial officer must certify that they have evaluated the effectiveness of the disclosure controls and procedures as of the end of every fiscal quarter and such certifications must be attached to the quarterly and annual reports filed with the SEC.
The SEC Web site release clarifies that these disclosure controls and procedures cover information disclosed on the company Web site as an alternative to providing the required disclosure in an Exchange Act report or proxy statement filed with the SEC. For example, if a company elected to post its code of ethics on its Web site instead of filing it as an exhibit to its annual report on Form 10-K as permitted by the SEC rules, and the company failed to post its code of ethics on the Web site, then its Form 10-K is incomplete. Such failure to post the code of ethics on the Web site should be considered by the principal executive and financial officers in evaluating the effectiveness of disclosure controls and procedures.
As a result of the foregoing guidance, the member of the company's securities compliance team responsible for the content of the company Web site should review the company's elections to use Web site posting as the appropriate disclosure vehicle instead of providing such disclosure in Exchange Act reports or proxy statements to ensure that these postings are maintained for the required periods. In addition, specific controls should be put in place, as necessary, to avoid the inadvertent deletion of these materials from the company Web site.
These efforts will help avoid the deletion of required disclosure, where such omission may lead to a determination that disclosure controls and procedures are not effective.
Given the significance of this issue, the disclosure committee should address whether the internal certifications supporting the certifications of the principal executive and financial officers filed with the SEC should be revised to specifically include references to company Web site disclosures.
Reprinted with permission from the November 12, 2008 edition of the Legal Intelligencer © 2008 ALM Properties, Inc. All rights reserved. Further duplication without permission is prohibited.