Below is an analysis of all changes made to the work plan since our last analysis on January 27, 2018.

Maintenance projects

• Plan amendment, curtailment or settlement (amendment to IAS 19) — This has been removed from the work plan, as an IFRS Amendment was issued on February 7, 2018.

Research projects

• Principles of disclosure — Discussions on feedback of the discussion paper occurred at the IASB’s February 2018 meeting; the next milestone is now “decide project direction” in March 2018.

Other projects

• IFRS Taxonomy Update—2017 Annual Improvements — The next milestone has changed from a Feedback Discussion in February 2018 to a Final Update in March 2018.

The revised IASB work plan is available on the Board's website.

Over the last several months, the SEC has intensified its threats to so-called “gatekeepers,” especially in the area of initial coin offerings (“ICOs”) and cryptocurrencies.

Clayton’s testimony was his latest in a series of warnings to lawyers involved in structuring ICOs that the SEC is on “high alert” and may charge them with securities law violations if they do not “do better” in performing their job as gatekeepers for the securities industry. While the SEC has long sought to hold accountable lawyers whom it believes have fallen short of their professional obligations, Clayton’s recent warnings go far beyond those of his predecessors.

While many entrepreneurs—and their lawyers—may view ICOs as a decentralized and largely unregulated means of raising capital, the SEC has essentially adopted a rebuttable presumption that ICO tokens are securities that must comply with the registration requirements of the securities laws.

Review the full article on Bloomberg Law's website.

According to the article, there are three key steps to ensuring your organization is privacy compliant:

1. Appoint a designated privacy officer
2. Develop and/or update your privacy policy to ensure compliance with your organizations privacy practices and the current privacy jurisprudence
3. Ensure that the necessary safeguards are in place to protect your organization from privacy breaches and policies in place to quickly respond in the unfortunate event of a privacy breach.

Review the full article on Lawson Lundell LLP's website.

Previous guidance in this area stated that companies may be obligated to disclose cybersecurity risks and incidents, but it did not provide specific disclosure requirements. The new guidance clarifies that the SEC expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences.

Review the press release and interpretation on the SEC’s website.

In a unanimous decision, the Court held that employees are not protected under Dodd-Frank unless they report information relating to a violation of the securities laws to the Securities and Exchange Commission (SEC). Employees who only report violations internally within their company, therefore, are not protected by Dodd-Frank’s anti-retaliation provisions.

Review the decision on the Supreme Court's website and an article on Holland & Hart LLP's website.

For mergers and monopolistic practices, the Bureau will continue to apply its traditional framework to market definition, market power and competitive effects. Where issues concerning big data are involved, the Bureau will consider both the efficiencies and consumer benefits from a network, but also whether big data could impose barriers to new competition or soften competition between firms.

Review the report on the Bureau's website.

But what's in a bitcoin? What's in a Smart Contract? And what is an Initial Coin Offering?

Read these article to learn more about cryptocurrency based on blockchain technology.

• What's in a bitcoin?
• What's in a Smart Contract?
• What is an Initial Coin Offering?

An organization should obtain appropriate professional advice when making important decisions about privacy and cyber insurance. Most insurance companies offer insurance policies specifically designed to protect an insured against losses and liabilities arising from privacy breaches and cybersecurity incidents.

The protection afforded by an insurance policy depends on the precise language of the policy (e.g. definitions, coverage descriptions, restrictions and exclusions) interpreted in accordance with legal principles established by Canadian courts.

Review the full article on Borden Ladner Gervais' website.

While there are many questions around the GDPR, one key question that organizations outside of the European Union (the “EU”) are asking is whether they are required to comply with the GDPR, even if they do not have a physical presence within the EU. While the answer will largely depend on the specific activities of each organization, there are good reasons to believe that in many instances, compliance with the GDPR may be required.

Review the full article Miller Thomson's website.

Mr. Jackson and his SEC staff looked at 157 dual-class initial public offerings occurring over the past 15 years, and "immediately noticed some pretty significant differences" between the 71 companies with sunset provisions and the 86 without, and found that over time their predicted valuations diverged.

Seven or more years after their IPOs, firms without sunset provisions traded at a significant discount, and decisions by some firms to drop their dual-class structures later were associated with a significant increase in valuations, he said, noting that the analysis is preliminary but a subject "that deserves much further study."

Review the full speech on the SEC's website.