Reviewing Risk Factor Disclosures Amid Russian Sanctions

(March 8, 2022, 5:18 PM EST) --
Erin Martin
Erin Martin
Carl Valenstein
Carl Valenstein
Celia Soehner
Celia Soehner
Public companies should consider the impact of sanctions on Russia relating to the situation in Ukraine, and related supply chain issues, in assessing risk factor disclosure.

Risk factor disclosure has long been an important component of the disclosure regime applicable to public companies in the U.S.[1] While historically it was only required in offering materials, in 2005, the U.S. Securities and Exchange Commission extended the requirement to provide risk factor disclosure in periodic reports.[2]

As part of the SEC's ongoing efforts to modernize, simplify and enhance public company disclosure, the SEC revised risk factor disclosure requirements to reflect the agency's shift toward a more principles-based disclosure framework in both 2019[3] and 2020.[4]

As currently adopted, Item 105 of Regulation S-K requires public companies to disclose the material factors that make an investment in the company speculative or risky.[5] In this respect, risk factor disclosure should be registrant-specific, concise, logically organized and rooted in materiality. 

Effective risk factor disclosure provides investors with an appropriate amount of information to adequately understand and appreciate the context and magnitude of the risk being presented as it relates specifically to the company.

While there are some circumstances — such as geopolitical tensions, cybersecurity threats and breaches, economic recessions or global pandemics — that may affect companies across all industries, disclosure presented on those risks should be done with specificity such that the impact of these events on a company's operations and financial condition is insightful and clear.

Against the backdrop of the sweeping sanctions imposed on Russia by the U.S., U.K., European Union and other allied countries, public companies should review their risk factor disclosures to ensure that they appropriately address the risks associated with these events as they relate to their business, results of operations and financial condition.

These potential risks include supply chain disruptions; contractual disputes and litigation; asset freezes; capital restrictions; business continuity interference; and heightened cybersecurity concerns.

For example, global supply chain disruptions are already occurring such that the effect is not limited only to companies that depend on exports from, or imports to, Russia.

In this respect, transport routes are being affected by closed airspace, redirected ocean carriers and cargo ships, and restricted land travel, such that companies across all industries, regardless of direct connections to Russian imports or exports, must evaluate the effects of such disruptions.

While companies that are dependent on Russian imports or exports should provide disclosures that appropriately convey the material effect of such sanction programs, additional licensing requirements and boycotts on their business, many other companies will need to consider disclosures that appropriately reflect the uncertainty surrounding the impact of the escalating conflict and supply chain disruptions.

In this respect, the effects of supply chain disruptions could also include contract disputes and force majeure issues resulting in potential litigation.

Additionally, trade restrictions, sanctions and countersanctions will also have a significant impact on the way that financial institutions operate, which will not only directly affect their operations, but also the operations of other companies that rely on financial institutions for material services, such as payroll, access to capital or investments.

For example, companies will need to consider whether additional disclosures regarding the uncertainty of the full costs, burdens and limitations are appropriate in relation to their dependence on the services impacted.

The increasing sanctions being imposed on the Russian financial system and the designation of a number of large Russian banks, and potential denial of the use of the Society for Worldwide Interbank Financial Telecommunications, or SWIFT, system, will also present payment challenges even for business activity relating to Russia that is itself not subject to sanctions.

Public investment companies with investments in Russia securities may be under an obligation to dispose of these securities or to unwind derivative transactions during a wind-down period, or may need to block the investment or transaction.

A company that materially depends on third parties for its operations should also consider whether those third parties may be affected by the events in Russia and Ukraine.

For example, third-party contractors may have staff, material operations, financial transactions, research and development facilities, equipment or other properties located in Russia or Ukraine that could be directly affected by the conflict, which, in turn, could result in material implications for the company's operations.

Likewise, a public company may have a material customer base located in Russia or Ukraine, whereby both the economic and security conditions could limit the company's ability to provide its services or products to such customers, as well as limit its ability to receive payments, resulting in a potential loss of revenues.

While comprehensive sanctions have only, at the present time, been extended from Crimea to the Donetsk and Luhansk People's Republics regions of Ukraine, it is possible that these comprehensive sanctions could be extended to larger portions of Ukraine depending on the outcome of the current situation.

Russia has adopted countersanctions itself, and the potential effects of these countersanctions on a public company's business and operations in Russia must also be evaluated and the risks appropriately disclosed.

The examples provided are not exhaustive, but present a starting point for evaluating the manner in which any updated disclosure may be needed.

Public companies should take a holistic and detailed approach to their review and evaluation of risk factor disclosures, and carefully consider whether additional or revised disclosures, either qualitative or quantitative, are necessary.

As is true of all risk factor disclosures, no one disclosure works for every company, and the details of how a company conducts business will matter substantively. In this respect, the SEC has consistently emphasized that generic or boilerplate disclosures are discouraged.[6]

Any disclosure provided regarding the rapidly changing situation in Ukraine should be timely, meaningful and appropriately tailored to the specific risks that a company faces.

The sanctions on Russia are quickly evolving, and the effects on a public company's business may change over time, so it is imperative that public companies not only update their assessment of the effects on their business, but also update their corresponding risk factors.



Erin Martin, Carl Valenstein and Celia Soehner are partners at Morgan Lewis & Bockius LLP.

The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.


[1] See, e.g., Guides for Preparation and Filing of Registration Statements, Release No. 33-4666 (Feb. 7, 1964).

[2] See Securities Offering Reform, Release No. 33-859 (July 19, 2005).

[3] See, e.g., FAST Act Modernization and Simplification of Regulation S-K, Securities Act Release No. 10618 (May 2, 2019) (relocating Item 503(c) to Item 105 of Regulation S-K to better reflect that the disclosure is not limited to offerings and to remove the examples of speculative or risky circumstances).

[4] See, e.g., Modernization of Regulation S-K Items 101, 103, and 105, Securities Act Release No. 33-10825 (Nov. 9, 2020) (revising Item 105 to require summary risk factor disclosure if the risk factor section exceeds 15 pages, refine requirement of "material" risk factors, and require relevant headings and appropriate organization such that general risk factors appear at the end of the risk factor section).

[5] Id.

[6] For example, both current Item 105 and prior Item 503(c) explicitly discourage generic risk factor disclosure (i.e., risks that could apply to any issuer or offering).

For a reprint of this article, please contact reprints@law360.com.

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!