The Securities and Exchange Commission has introduced sweeping changes to disclosure requirements that take effect in Q2 2026. These changes reflect growing investor demand for greater transparency and accountability from publicly traded companies.
Among the most significant updates is the expanded requirement for climate-related risk disclosures. Public companies must now quantify their exposure to physical and transition climate risks in their annual filings. This goes beyond mere narrative description — boards must demonstrate that they have conducted material risk assessments and present findings in a standardized format.
Another critical change involves cybersecurity incident reporting. The 72-hour disclosure window for material cybersecurity events remains in place, but the definition of 'material' has been clarified and broadened. Companies should audit their incident response protocols immediately to ensure compliance timelines can be met.
Executive compensation disclosures have also been updated. The pay-versus-performance tables introduced in 2023 now require three years of comparative data, and companies must provide clearer narrative explanations of how compensation decisions align with company performance.
For boards and general counsel, the immediate priorities are: reviewing disclosure controls and procedures, updating board-level cybersecurity oversight policies, and ensuring your climate risk assessment methodology is audit-ready. Early compliance is strongly recommended — the SEC has signaled aggressive enforcement in H2 2026.