Regulatory & Compliance

From ransomware to AI missteps, boards are navigating an unprecedented surge in liability exposure The directors and officers (D&O) liability insurance landscape in the US is shifting rapidly in early 2026 as emerging threats like cyber‑security incidents and AI risks reshape litigation patterns, underwriting practices and coverage disputes. As boards confront expanded liabilities and insurers adjust to complex exposures, the traditional features of D&O coverage are under pressure from technology, litigation trends and changing regulatory expectations. One of the most definitive recent developments highlighting the importance of precise policy language came from the Delaware Supreme Court. On January27,2026, the court…

This week’s governance, compliance and risk-management stories from around the web – Two related lawsuits have been filed against SEC, challenging recent policy shifts that critics say weaken shareholder rights and corporate accountability. According to Dow Jones (paywall), investor advocacy groups allege the SEC has effectively ‘silenced’ shareholders by scaling back its long-standing role in reviewing disputes over investor proposals. Traditionally, the agency helped determine whether companies could exclude shareholder resolutions from proxy ballots. However, a 2025 policy change to regulation 14a-8 allows firms to omit proposals with minimal SEC oversight, relying largely on companies’ own justifications. Plaintiffs argue this…

Regulator’s chairman told lawmakers he plans to review and potentially scale back disclosure rules to ground them in material financial information Last month, SEC chairman Paul Atkins delivered testimony before the US House Financial Services Committee, where he confirmed plans to review and potentially revise rules adopted under the previous administration, including those tied to ESG disclosure requirements. Atkins – who returned to the SEC with a mission to refocus the agency on its ‘core mission of protecting investors maintaining fair orderly and efficient markets and facilitating capital formation’ – emphasized that part of that mission involves reassessing the existing…

The agency’s latest policy is expected to place greater pressure on boards and general counsel to detect, investigate and report issues quickly The US Department of Justice (DOJ) has introduced its first department-wide Corporate Enforcement and Voluntary Self-Disclosure Policy, marking a significant change in how federal prosecutors approach corporate crime. Announced on March 10, the policy applies to most DOJ criminal divisions and US attorney’s offices, with the exception of antitrust cases. The goal is to create a consistent framework for how prosecutors evaluate corporate misconduct and how companies can receive credit for voluntarily disclosing wrongdoing, cooperating with investigations and…

This week’s governance, compliance and risk-management stories from around the web This week’s governance, compliance and risk-management stories from around the web – US regulators have taken a major step toward clarifying cryptocurrency oversight, as SEC chairman Paul Atkins outlined a new framework to define when digital assets fall under securities laws. In comments madeearlier this week, Atkins said the SEC is introducing a ‘token taxonomy’ to classify crypto assets and end years of regulatory uncertainty over whether they qualify as securities. The framework distinguishes between different categories of tokens, with only those deemed ‘digital securities’ subject to federal securities…

The chipmaker has trimmed DEI and ESG details, keeping only broad statements on inclusion and compliance January saw NVIDIA file its annual report (form 10‑K) with the SEC, one of the first of the season. The document shows a notable reduction and removal of DEI disclosures compared with the company’s filing for the year before. In similar filings from other public companies like Ford Motor Company and Netflix, the use of DEI‑related language has changed in different ways, offering context for how corporate disclosure practices are evolving. In a lengthy LinkedIn analysis, Michelle Leder, founder and editor at footnoted.com, it…

The SEC’s approval of ETF share classes for mutual funds signals a major shift in US capital markets In January, the SEC under chairman Paul Atkins approved a major change allowing traditional mutual funds to offer ETF share classes, a shift that could reduce capital gains tax burdens for millions of US investors and reshape participation in the capital markets. The SEC’s move to modernize fund structures enables investors to switch between the two without triggering immediate capital gains taxes that typically arise when mutual fund shares are sold to meet redemptions. According to Atkins’ op-ed in the Washington Post,…

In a concentrated market, a shift to real-time, digitally native processes may create a potent opening for innovation – Global investment management companyVanguard has reached a settlement agreement with the state of Texas. As reported by The Financial Times (paywall), the Lone Star State’s authorities had accused Vanguard and other large US fund managers of conspiring to curb coal-related investments as part of ESG strategies, alleging anti-competitive conduct and urging the state to divest public funds from firms perceived as hostile to fossil fuels. The case was brought by Texas Attorney General Ken Paxton against BlackRock, State Street and Vanguard.…

The SEC’s amendments to Regulation S-P, now in effect and requiring compliance by June 2026, elevate cyber-security from an operational concern to a board-level accountability issue The SEC’s new cyber-security disclosure rules hold boards personally accountable for cyber oversight, intensifying scrutiny and liability across public companies and registered entities. The amendments, effective in 2025 with a compliance deadline of June 3, 2026, expand obligations under Regulation S-P and reshape how firms govern, document and disclose cyber risk. Adopted in 2024 and now in force, the changes modernize safeguards for customer information and tighten incident response requirements as part of a…