Bloomberg Law
June 11, 2021, 3:11 PMUpdated: June 11, 2021, 6:59 PM

SEC Plans Rules on Climate Disclosures, Cyber Risks This Fall (1)

Andrew Ramonas
Andrew Ramonas
Corporate Disclosure Reporter
Andrea Vittorio
Andrea Vittorio
Amanda Iacone
Amanda Iacone

The SEC intends to propose new corporate disclosures on climate change risks, board diversity, and companies’ workforces by October, according to a new agency agenda.

Updated disclosure rules on cybersecurity risks are also expected this fall, but an agency proposal on potential tougher oversight of special purpose acquisition companies, or SPACs, isn’t due until next spring.

The Securities and Exchange Commission’s rulemaking plan, released Friday, provides the clearest indication yet of when companies can expect to see formal plans about new environmental, social, and governance reporting. Final rules requiring the disclosures then could follow next year.

SEC Chairman Gary Gensler has said creating new disclosures on climate change and human capital are top priorities, without sharing a specific timeline.

The agenda provides few details about the scope of the proposals beyond saying the agency is looking to “enhance” corporate disclosures on climate risks and opportunities, human capital management, and the diversity of board members and nominees.

The agency is currently gathering feedback from the public on potential corporate disclosures on the risks from climate change and the possibility of an SEC-backed sustainability standard setter, among other ESG topics.

Most ESG reporting has been voluntary and subject to what companies deem as material to investors. Companies aren’t required to publicly report metrics on board and workforce diversity or greenhouse gas emissions, for example.

Democrats have long complained that investors lack ESG information needed to make decisions on whether to buy or sell a company’s stock. Republicans have questioned whether the SEC is moving away from its core mission, arguing the average investor might not need an influx of ESG information.

Cyber Risks, SPACs, & China

The SEC is also looking to shore up public companies’ disclosures on how they oversee cybersecurity risks, according to another new item on its rulemaking agenda. A proposal is scheduled to come out by October.

The commission last gave publicly traded companies guidance in 2018 on how to report cyber incidents and risks. Cyberattacks have ramped up since then, with the Colonial Pipeline incident and a number of other high-profile hacks demanding hefty ransoms from companies.

The SEC isn’t as far along on plans to update rules governing special purpose acquisition companies following a historic surge in blank-check IPOs over the past year. A proposal isn’t expected until April 2022, according to the agenda.

The SEC has issued repeated warnings to investors and to corporate management of target companies about the risks of using SPACs as a fast-track to take a company public. And Gensler said last month that the SPAC boom raises questions about investor protection and whether SPACs are less efficient than traditional IPOs.

After a record-setting first quarter, SPAC listings plummeted in April in response to a change in accounting for warrants, a type of incentive used by SPACs to raise capital. The surge in filings has strained the Division of Corporation Finance staff.

The SEC agenda also included a rule that would address the listing and trading of Chinese companies whose auditors aren’t inspected by regulators in the U.S. The agency is expected to release a proposal by April 2022, according to the agenda.

The trading prohibition rule is one of several needed to implement a 2020 law that threatens to delist Chinese companies that skirt U.S. audit requirements. It would also align listing standards for U.S. exchanges to the new law’s requirements.

(Updates with additional background throughout)

To contact the reporter on this story: Andrew Ramonas in Washington at; Andrea Vittorio in Washington at; Amanda Iacone at

To contact the editors responsible for this story: Michael Ferullo at; Roger Yu at