Financial reporting is constantly evolving, shaped by global events, technological advancements and regulatory changes.
As we dig into the 2023 annual reports of Fortune 500 companies, we discover that companies are increasingly prioritizing cybersecurity, executive compensation clawbacks and more.
1. Cybersecurity disclosures. On July 26, 2023, the Securities and Exchange Commission issued a final rule on cybersecurity disclosures, effective since December 2023, mandating that public companies disclose material information related to their cybersecurity risk management, strategy and governance.
Per a review performed by Deloitte on Fortune 500 filers from Dec. 15, 2023, through Feb. 29, 2024, most companies included the following, while the details and specifics varied:
- Cybersecurity frameworks: Companies discussed their use of the National Institute of Standards and Technology or International Organization for Standardization cybersecurity frameworks.
- Incident response plans: Companies disclosed their formal incident response plans, which are crucial for managing cyber threats.
- Employee training: Companies emphasized their regular cybersecurity training, including phishing exercises.
- Vulnerability testing: Companies engage in penetration or vulnerability testing to assess their defenses.
2. Executive compensation clawback. On Oct. 26, 2022, the SEC issued a final rule on the clawback of executive compensation. This rule requires public companies to disclose and file their recovery policy as an exhibit with their annual report. They must also indicate by checkboxes if the financial statements in the annual report reflect a correction of an error to previously issued financial statements that triggered a recovery analysis, and disclose any actions taken because of the recovery analysis.
- Clawback policies: Companies are increasingly disclosing their executive compensation clawback policies. These policies allow companies to recoup executive bonuses or incentives in cases of financial restatements due to misconduct or errors.
- Triggering events: Disclosures outline the conditions triggering clawbacks, the process for recovery, and the role of compensation committees in enforcing accountability.
3. Artificial intelligence transforming business models. As AI's transformative potential reshapes world markets, companies have added more disclosures surrounding their adoption of AI technologies.
- AI applications: Companies discuss how they incorporate AI into their operations, from customer service chatbots to predictive analytics.
- Challenges and risks: Disclosures highlight the risks associated with AI, including bias, data privacy and ethical considerations (i.e., legal and compliance requirements such as those under the European Union's Artificial Intelligence Act).
4. Integrated reporting beyond the numbers. Integrated reporting combines financial and non-financial information to convey a holistic view of a company's value creation. Key aspects in disclosures among the Fortune 500 included:
- Materiality: Companies identify material non-financial factors (ESG metrics) that impact their long-term success.
- Stakeholder engagement: Integrated reports engage stakeholders beyond investors, including employees, customers and communities.
- Sustainability goals: Companies communicate their commitment to sustainable practices and societal impact.
5. ESG metrics. Disclosing environmental, social, and governance metrics is gaining prominence.
- Environmental responsibility: Companies are reporting on carbon emissions, water usage, and waste management.
- Social impact: Companies disclose diversity initiatives, employee well-being, and community engagement.
6. Climate-related disclosures. As climate change becomes a critical global issue, companies are providing granular disclosures on climate risks and opportunities.
- Physical impacts: Companies assess how climate events (e.g., extreme weather) affect their operations and assets.
- Reputational risk: Companies discuss how environmental practices impact brand reputation.
- Regulatory compliance: Companies address the effects of regulations like the EU Corporate Sustainability Reporting Directive and state-level climate laws.
In March 2024, the SEC announced its final rule for the
While, according to a
Tailored disclosures needed
The 2023 annual reports reflect a shift toward transparency, sustainability and strategic risk management. As investors and stakeholders demand more comprehensive information, companies must navigate these trends to build trust and resilience in an ever-changing world.
While these trends provide valuable insights, each company's disclosures should be tailored to its unique circumstances. For CPA consultants, consider advising your clients on effective reporting strategies that align with these evolving themes.