Year in Review

December 28, 2023

Regulatory Disclosures: 2023 Year in Review

It’s been another busy year for the SEC. From Tailored Shareholder Reports to N-PX Amendments to major cybersecurity-related developments, 2023 set the stage for what could be an even busier 2024.

As we looked back on 2023, there were a handful of items that stood out:

Tailored Shareholder Reports

Overview

On October 26, 2022, the SEC adopted a new rule that requires open-end mutual funds and most ETFs to send annual and semi-annual tailored summary shareholder reports to all shareholders. The final rule requires reports to include structured data (iXBRL tagging) for TSRs, an updated Form N-CSR, and more.

This past year, those involved in regulatory disclosures focused on preparing for this change, which is a significant switch from previous requirements. At FilePoint, we advised clients to use Q1 2023 to understand the details of the rule; Q2 to assess data sources, workflow, timelines, and outstanding data; and Q3 to review and refine data mapping, output, and workflow design. Tailored Shareholder Reporting requires individuals and departments who have not previously worked together to coordinate very closely. Those who spent significant time and attention refining their workflow in 2023 should be poised for a more fluid reporting process in 2024.

Compliance Dates

Implementation is required by July 24, 2024

Form N-PX Amendments

Overview

On November 2, 2022, the SEC adopted amendments to Form N-PX filings to make proxy voting disclosures more useful and informative for investors. The compliance date is August 31, 2024, but managers began recordkeeping on July 1, 2023. The main changes associated with these amendments are that managers will be required to file a report on Form N-PX with:

• Say-on-pay votes for the period ending June 30 for the calendar year following the manager’s initial filing on Form 13F
• Respect to any shareholder vote for the period July 1 through September 30 of the calendar year in which the manager’s final filing on Form 13F is due

Additionally, the amendment specifies that Form N-PX must be filed in XML format.

Here are some related materials that may be helpful:

• Form N-PX Amendments: What You Need to Know
• NSCP Currents: The Modernization of Proxy Voting

Compliance Dates

• Effective Date: July 1, 2024
• Compliance Date: August 31, 2024, for reports covering the period of July 1, 2023 to June 30, 2024

Investment Company Names (the “Names Rule”)

Overview

On October 27, 2023, the final amendments to rule 35d-1 under the Investment Company Act of 1940, also known as the “Names Rule” were published to the Federal Register. These amendments aim to increase shareholder protection by increasing the scope of funds required to adopt a policy to invest at least 80% of its assets based on the investment approach suggested by the fund name, as well as notice and recordkeeping requirements relating to these policies.

For a full overview of the rule, including a comparison of the current rule, proposal, and final amendments, view our full post here.

Compliance Dates

• December 11, 2023: the amendments become effective
• December 11, 2025: compliance date for larger entities (entities that, together with other investment companies in the same “group of related investment companies” have net assets of $1 billion or more as of the end of the most recent fiscal year)
• June 11, 2026: compliance date for smaller entities

Amendments to Form 13F

Overview

In 2022, the SEC adopted amendments to Form 13F, and the changes went into effect on January 3, 2023. The amendments include the following:

• Form 13F (13F-NT)
• Confidential Treatment Requests (13F-CTR)
• Form 13F (13F-NT)

For more details on 13F amendments, click our full post here.

Cyber Risk Management Rule for Public Companies

Overview

On July 26th, 2023, the SEC adopted rules requiring public companies “to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance”.

Public companies will be required to disclose any cybersecurity incident, deemed material, and the nature, scope, timing, and impact under an Item 1.05 Form 8-K within four business days of determining the incident is material.

Compliance Dates

The compliance dates vary by the type of disclosure, with smaller reporting companies (“SRCs”) being afforded a longer compliance period for incident reporting:

1. With respect to the annual Form 10-K and Form 20-F cybersecurity disclosures, all registrants (including SRCs) must provide such disclosures beginning with their annual reports for fiscal years ending on or after December 15, 2023.
2. With respect to material cybersecurity incident disclosure on Form 8-K and Form 6-K, registrants that are not SRCs must begin complying by December 18, 2023. SRCs have an additional 180 days to comply, meaning that they must begin complying by June 15, 2024.
3. With respect to the structured data requirements (i.e., Inline XBRL tagging), all registrants (including SRCs) must begin tagging their cybersecurity disclosures in Form 10-K and Form 20-F in Inline XBRL for fiscal years ending on or after December 15, 2024, and all registrants (including SRCs) must begin tagging their material cybersecurity incident disclosures in Form 8-K and Form 6-K in Inline XBRL by December 18, 2024.

Click here to view the full update from the SEC.

Questions?

If you have any questions about these updates, or any other SEC-related items, we can help. Contact us today to speak with one of our regulatory experts.