Evolving Responsibilities for Public Company Directors and Officers

The responsibilities of public company directors and officers (D&Os) are continually evolving, especially with the increasing emphasis on social responsibility. The U.S. Securities and Exchange Commission (SEC) has introduced new disclosure requirements for cybersecurity incidents and climate-related risks, significantly impacting the roles of D&Os. In July 2023, the SEC mandated that companies disclose material cybersecurity incidents and annually report on their cybersecurity risk management, strategy, and governance. Since these rules took effect in December 2023, companies like Ticketmaster and Frontier Communications have disclosed significant cybersecurity incidents. However, issues have arisen, such as bad actors exploiting these disclosure requirements and the evolving definition of material events.

Beyond cybersecurity, the SEC’s new rules adopted in March 2024 require annual climate-related risk disclosures, although they are currently stayed due to legal challenges. Meanwhile, other regulations like California’s Climate Corporate Data Accountability Act and the EU’s Corporate Sustainability Reporting Directive (CSRD) are moving forward, demanding detailed reporting on greenhouse gas emissions and comprehensive sustainability disclosures. These regulatory changes, alongside increasing environment-based lawsuits, are shaping the landscape for underwriters, brokers, and adjusters, highlighting the growing importance of D&Os adapting to these new and unique risks.