August 2002 Securities Law Update is distributed periodically by Orrick’s Corporate Department, without charge, to clients and friends of the firm. The Report addresses selected topics and developments that public and private companies face. Inquiries about topics addressed or the Corporate Department may be directed to info@orrick.com. On July 30, 2002, President Bush signed into law the Sarbanes-Oxley Act of 2002 (the “Act”). The Act applies to all companies that are required to file periodic reports with the SEC and contains a number of significant changes relating to the responsibilities of directors and officers and the reporting and corporate governance obligations of SEC-reporting companies. Certain provisions of the Act are effective immediately, while other provisions will take effect after the SEC adopts related rules. The Act is the most far-reaching U.S. legislation dealing with securities in many years and has extraordinary implications for public companies. Nevertheless, it may be some time until many of the implications are fully understood because of the broad nature of many of the provisions and the delegation of rule-making authority to the SEC on other provisions. This memorandum summarizes some of the material provisions of the Act, highlights issues the provisions raise, and recommends approaches to comply with the Act. It also addresses proposals by the SEC, New York Stock Exchange, Nasdaq Stock Market and others that touch on the same or related issues. Sarbanes-Oxley Executive Summary For more Corporate Disclosure and Governance information about CEO and CFO certification of financial reports Orrick, please visit The Act contains separate certification requirements that apply to all reporting companies. Section 906 of the Act, which is effective immediately, requires that a certification by the company’s chief executive officer and chief financial officer accompany each periodic report filed under Section 13(a) or 15(d) containing financial statements. The certification must provide that the report fully complies with the requirements of the securities laws and that the information in the report fairly presents, in all material respects, the financial condition and results of operations of the company. Section 302 of the Act, which will be effective no later August 29, 2002, adds certifications regarding internal controls and material misstatements or omissions beyond the financial information. www.orrick.com. ©Copyright 2002, Orrick, Herrington & Sutcliffe LLP. All Rights Reserved. The contents of this publication are for informational purposes only and are not meant nor should be construed to be legal advice. No responsibility is assumed for errors made in the publishing process. Real time disclosure of material events Effective immediately, the Act requires plain English disclosure on a “rapid and current basis” of information regarding material changes in the financial condition or operations of a public company as the SEC determines is necessary or useful to investors and in the public interest. This represents a fundamental change in the disclosure obligations of public companies. Before the Act, absent a “duty to update” (such as during periods when the company has securities in registration), public companies were generally permitted to defer disclosure of material events until their next quarterly or annual report. Material correcting adjustments identified by auditors; Off-balance sheet transactions; Pro forma financial information The Act requires that each SEC-filed financial report that contains financial statements required to comply with GAAP must include all material correcting adjustments identified by the outside auditors, requires disclosure of all material off-balance sheet transactions and requires that pro forma financial information not contain an untrue statement of a material fact or omit to state a material fact necessary in order to make the pro forma financial information, in light of the circumstances under which it is presented, not misleading. Revised audit committee independence standards and responsibilities The Act requires that the SEC direct the national securities exchanges and national securities associations to prohibit the listing of securities of companies not complying with certain audit committee requirements. The listing requirements would provide, among other things, that each audit committee member be independent. A director will not be considered independent if he or she accepts any consulting fee or other compensation from the company or is an affiliated person of the company or any subsidiary. The Act also directs the SEC to issue rules requiring each public company to disclose whether or not its audit committee has a “financial expert.” Insider Accountability and Disclosure Obligations Disgorgement of compensation and trading profits if financial reports restated Effective immediately, the Act provides a “claw-back” provision requiring the chief executive officer and chief financial officer to disgorge certain compensation if the public company must restate its financial statements because of any misconduct resulting in material noncompliance with financial reporting requirements under the securities laws. Accelerated deadline for insiders to report changes of beneficial ownership Effective August 29, 2002, reporting persons will be required generally to disclose changes of beneficial ownership in public company securities (or the purchase or sale of securitybased swap agreements) on Form 4 no later than the end of the second business day after the transaction. Company loans to insiders prohibited Effective immediately, the Act prohibits companies from extending or maintaining credit, or arranging for an extension of credit, in the form of a personal loan, to any director or executive officer. Loans outstanding are permitted, but may not be extended or materially modified. Insider trades restricted during pension fund blackout periods Directors and executive officers will be prohibited from buying or selling equity securities of their public companies during certain retirement plan blackout periods. Disclosure of code of ethics for senior financial officers The SEC must issue rules requiring a public company to disclose whether or not it has adopted a code of ethics for senior financial officers. Auditor Independence Non-audit services restricted; Rotation of audit partner The Act requires the audit committee to pre-approve all auditing services and, subject to a de minimus exception, all non-audit services rendered by an outside auditor. In addition, the outside auditor will be prohibited from performing certain specified non-audit services contemporaneously with the audit. The Act requires that the lead audit partner and the review partner on a public company’s account must be changed every five years. Orrick, Herrington & Sutcliffe LLP Page 2 Auditor conflicts of interest; Improper influence The Act effectively imposes a one-year cooling-off period on audit firm employees who leave an accounting firm to become CEO, CFO or chief accounting officer of a client for whom they performed audit services. The Act also prohibits corporate personnel from fraudulently influencing, coercing, manipulating or misleading any accountant engaged in auditing the company’s financial statements. Increase auditor oversight The Act creates the Public Company Accounting Oversight Board to oversee the audit of public companies that are subject to the securities laws. The Board will be a nonprofit corporation under the general oversight of the SEC. All accounting firms that audit public companies, including foreign accounting firms, must register with the Board no later than 180 days after the Board commences operation. Sanctions for Criminal and Civil Wrongdoing Criminal sanctions enhanced The Act changes liability and penalty provisions of federal law. It creates or modifies criminal liability punishable by fines and/or imprisonment for a number of white collar crimes. The Act also makes attempts and conspiracies to commit offenses subject to the same penalties as the underlying offenses. Civil sanctions enhanced The Act extends the statute of limitations for securities fraud in a private right of action to the earlier of two years after discovery of the facts or five years after the violation. In addition, the Act makes the debts of an individual for violations of securities laws nondischargeable in bankruptcy. Analyst and Attorney Matters Analyst conflicts of interest The SEC must, either directly or through a national securities exchange or national securities association, adopt rules to address the potential conflicts of interest that arise when analysts recommend equity securities. Attorneys’ responsibilities The SEC must set forth minimum standards of professional conduct for attorneys representing public companies before the SEC, including requiring an attorney to report to the chief legal officer or chief executive officer of a public company evidence of material violations of the securities laws, breaches of fiduciary duty or other similar violations by the company or its agents. The Act is lengthy, and this memorandum does not cover all of its provisions. A copy of the Act can be obtained at http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_bills&docid=f:h3763enr.txt.pdf. In addition, links to other relevant materials are included throughout this memorandum. Orrick, Herrington & Sutcliffe LLP Page 3 TABLE OF CONTENTS Enhance Corporate Disclosure and SEC Oversight ........................................................ A-1 CEO and CFO certification of financial reports ..................................................... A-1 Section 906. ......................................................................................... A-1 Section 302. ......................................................................................... A-2 Real time disclosure of material events.............................................................. A-4 Material correcting adjustments identified by auditors ........................................... A-6 Off-balance sheet transactions ........................................................................ A-6 Pro forma financial information ....................................................................... A-6 Internal controls assessment ........................................................................... A-7 Frequent SEC review .................................................................................... A-7 Strengthen Corporate Governance ......................................................................... A-8 Revised audit committee independence standards and responsibilities ........................ A-8 Audit committee financial expert ................................................................... A-10 Whistleblower job protection mandated........................................................... A-10 Section 1107....................................................................................... A-10 Section 806. ....................................................................................... A-10 Expand Insider Accountability and Disclosure Obligations ............................................ A-11 Disgorgement of certain incentive compensation and trading profits of CEO and CFO if financial reports restated because of misconduct ......................................... A-11 Deadline for insiders to report transactions involving their company’s equity securities accelerated to two business days after occurrence of transaction ............ A-11 New loans by company to insiders prohibited ..................................................... A-13 Insider trades restricted during pension fund blackout periods ................................ A-13 Disclosure of code of ethics for senior financial officers ........................................ A-14 Heighten Auditor Independence .......................................................................... A-14 Non-audit services restricted ........................................................................ A-14 Report to audit committee required................................................................ A-15 Rotation of audit partner ............................................................................. A-15 Auditor conflicts of interest limited ................................................................ A-16 Improper influence by corporate personnel on the conduct of audit prohibited ............ A-16 Increase Auditor Oversight................................................................................. A-17 Independent auditor oversight board created to regulate (with SEC oversight) public company auditors and audits ..................................................................... A-17 Broaden Sanctions for Wrongdoing ....................................................................... A-18 Criminal sanctions enhanced......................................................................... A-18 Civil sanctions enhanced.............................................................................. A-19 Other Matters ................................................................................................ A-20 Analyst conflicts of interest .......................................................................... A-20 Attorneys’ responsibilities............................................................................ A-21 i Summary and Analysis of Sarbanes-Oxley Act of 2002 Enhance Corporate Disclosure and SEC Oversight CEO and CFO certification of financial reports Sections 906 and 302 of the Act contain separate certification requirements that apply to all reporting companies (including foreign private issuers filing Form 20-F and Canadian issuers filing Form 40-F). These certification requirements are separate from the one-time certification pursuant to SEC Order 4-460 that applies only to 947 of the largest domestic companies. Section 906. Section 906 of the Act requires that a certification by the company’s chief executive officer and chief financial officer accompany each periodic report filed under Section 13(a) or 15(d) of the Securities Exchange Act of 1934 (the “Exchange Act”) containing financial statements. The certification must provide that: • the report fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934; and • the information in the report fairly presents, in all material respects, the financial condition and results of operations of the company. Section 906 imposes criminal penalties of up to $1 million and/or ten years in prison for knowingly filing a false certification, and up to $5 million and/or 20 years in prison for willfully filing a false certification. Effective Date: Section 906 is effective immediately. For calendar year companies, the Section 906 certification must accompany the Form 10-Q due by August 14, 2002. Issues: • Unlike the certifications required under Section 302 and SEC Order No. 4-460, the Section 906 certification does not contain a “knowledge” qualification, although the criminal penalties may only be imposed where the certifying officer knows that the report does not meet the requirements. • The Act states that a company’s periodic reports shall be “accompanied by” the certification. The Act does not indicate, and no official guidance has been issued, whether the certification should be filed as an exhibit to the report or otherwise submitted or filed separately with the SEC. Orrick, Herrington & Sutcliffe LLP A-1 Section 302. Section 302 of the Act directs the SEC to adopt rules requiring the principal executive officer and principal financial officer of all companies filing periodic reports under Section 13(a) or 15(d) of the Exchange Act to certify in each annual or quarterly report that: • he or she has reviewed the report; • based on his or her knowledge, the report does not contain any untrue statement of a material fact or omit to state a material fact necessary in order to make the statements made, in light of the circumstances under which such statements were made, not misleading; • based on his or her knowledge, the financial statements and other financial information included in the report fairly present in all material respects the financial condition and results of operations of the company as of, and for, the periods presented in the report; • they are responsible for the company’s internal controls, have designed the controls so that material information is made known to them, have evaluated the effectiveness of the internal controls and have presented their conclusions about the effectiveness of the internal controls in the report; • they have disclosed to the company’s auditors and the audit committee of the board all significant deficiencies in the internal controls and any fraud involving management or employees playing a role in internal controls; and • they have included in the report the presence of significant changes in internal controls (or factors significantly affecting internal controls) after the date of the report, including corrective actions. Effective Date: Section 302 will be effective when the SEC adopts rules; no later than August 29, 2002. Related Proposals: • SEC Order 4-460. SEC Order 4-460, issued on June 27, 2002, requires the chief executive officer and chief financial officer of 947 of the largest domestic reporting companies to certify the contents of their most recent annual report and quarterly reports filed after the annual report but before the date of the certification. For calendar fiscal year companies, certifications are due by August 14, 2002. The Act does not affect this one-time certification. • SEC Rule Proposals. On June 17, 2002, the SEC issued a proposed rule titled “Certification of Disclosure in Companies’ Quarterly and Annual Reports” (Release No. 34-46079) that would have required the principal executive officer and principal financial officer of all domestic Exchange Act reporting companies to certify, in plain English, that, to their knowledge, the information in the company’s quarterly and annual reports is true in all important respects and that the reports contain all information about the company of which they are aware that they believe is important to a reasonable investor. In addition, the SEC proposed to require a company to maintain procedures to provide reasonable assurance that the company is able to collect, process and disclose the information required in these reports and Orrick, Herrington & Sutcliffe LLP A-2 in current reports on Form 8-K, and also to require periodic review and evaluation of these procedures. On August 2, 2002, the SEC issued supplemental information (Release No. 3446300) announcing its intent to issue and make effective final rules on or before August 29, 2002 to require the certification mandated by Section 302 of the Act, rather than the plain English certification in its June 17 proposed rules, and to extend the certification requirement to foreign private issuers filing annual reports on Form 20-F and Form 40-F. The SEC does not intend to modify the portion of the proposed rule requiring maintenance of sufficient procedures. • NYSE Rule Proposals. A NYSE Listing Standards Committee proposal of June 6, 2002 would have required that each listed company’s chief executive officer certify to the NYSE annually that the company has established and complied with procedures for verifying the accuracy and completeness of information provided to investors, the absence of violations of NYSE rules and certain other matters. The NYSE decided to defer to the Section 302 certification, and a revised NYSE proposal of August 1, 2002 will only require certification as to NYSE rule compliance. The Nasdaq Stock Market has not yet announced similar requirements. Recommendations: We suggest that companies consider using the following procedures as part of the preparation of Forms 10-K and 10-Q to provide their CEOs and CFOs with a reasonable basis for making the certifications: • Review the Reports. The CEO and CFO should each review the report before • Establish a Disclosure Assessment Committee. Based upon SEC guidance in • Interview Appropriate Personnel. As part of the due diligence process, the CEO and CFO should ask detailed questions of appropriate personnel through a schedule of individual or group interviews to understand the process through which the report was prepared, to inquire whether there were any issues of concern regarding the report or whether any recent developments might affect the report, and to determine whether the report should have included disclosure regarding so-called “hot-button” topics under review by the SEC (i.e. critical accounting policies, related party transactions, off-balance sheet items, use of estimates, range of results if different methods had been used, rationales for why the methods employed were chosen, etc.). signing the certifications, with an aim to evaluating the adequacy of disclosure in light of his or her knowledge of the company (and the additional knowledge they obtain as part of the due diligence process). proposed Rule No. 33-46079, this committee should consist of individuals responsible for preparing and reviewing the information in the report, such as the company’s principal accounting officer or controller, general counsel, risk management officer, principal investor relations officer, the CEO, the CFO and senior personnel from business units. The committee should be responsible for reviewing and evaluating the report to assess the accuracy and completeness of the disclosures in the report. This committee should be tasked with collecting and evaluating information about the company and determining disclosure obligations on a timely basis. As applicable, the committee should also consult with the company’s independent auditors and outside legal counsel. Orrick, Herrington & Sutcliffe LLP A-3 • Request Certifications from Subordinate Officers. The CEO and CFO should consider requesting other officers involved in the preparation of the report and the provision of the information used in the preparation of the report to submit to the CEO and CFO certifications within the officer’s areas of expertise and responsibility comparable to those required under the Act. • Meet with Audit Committee to Review Certifications and Due Diligence Process. • Meet with Outside Auditors to Discuss Accuracy of Report. Before signing the • Document the Review Process. The company should maintain a record of the due diligence and other procedures followed in complying with the certification requirements. The record should document what interviews and meetings occurred, who participated in the review, and what follow-up investigations occurred as a result of any initial meetings or interviews. The CEO and CFO should review the certifications with the audit committee, including the presentation of sufficient information so that the audit committee can determine the adequacy of the due diligence undertaken to support the certifications. In the best case scenario, the CEO and CFO should work early on with the audit committee to plan and ensure an adequate due diligence review process in preparation for compliance with the certification requirements. certifications and after meeting with the internal disclosure assessment committee, the CEO and CFO should take time to meet with outside auditors to discuss issues the auditors may have raised in connection with previous audits and current and past SAS 71 reviews, including accounting treatment of certain items, and to revisit SEC “hot-button” issues. They should also review any issues and internal control considerations identified by the outside auditors, including in the most recent management review letter. Public companies should also confirm if their directors’ and officers’ insurance policy covers certifications. Real time disclosure of material events Section 409 of the Act requires plain English disclosure on a “rapid and current basis” of additional information regarding material changes in the financial condition or operations of a public company, which may include trend and qualitative information and graphic presentations, as the SEC determines, by rule, is necessary or useful to investors and in the public interest. Section 409 is effective immediately, but no deadline is specified for the completion of SEC rulemaking under Section 409. Effective Date: Issues: Section 409 potentially represents a fundamental change in the disclosure obligations of public companies. Before the Act, absent a “duty to update” (such as during periods when the company has securities in registration), public companies were generally permitted to defer disclosure of material events until their next quarterly or annual report. Depending on the SEC’s implementing rules, Section 409 could require public companies to assess continuously whether existing disclosure is required to be updated. Similarly, this provision could substantially change the periodic reporting obligations of foreign private issuers that file annual reports on Form 20-F. Orrick, Herrington & Sutcliffe LLP A-4 The Act does not specify the timing necessary to satisfy the “rapid and current basis” requirement, nor does it specify the means by which such disclosure should be made (Form 8-K, press release or otherwise). Related Proposals: On June 17, 2002, the SEC issued a proposed rule titled “Additional Form 8-K Disclosure Requirements and Acceleration of Filing Dates” (Release No. 338106). In order to provide more timely disclosure of significant events, the proposal would add 11 new items to the Form 8-K reporting requirements, modify two others and shorten the filing deadline to two business days after an event triggering the form’s disclosure requirements. The 11 new items are: • execution or termination of a material agreement not in the ordinary course of business; • termination or reduction of a business relationship with a customer which constitutes a specified portion of revenues; • creation of a direct or contingent material financial obligation; • events triggering a direct or contingent material financial obligation (i.e., default or acceleration of an obligation); • exit activities such as material write-offs and restructuring charges; • any material impairment; • any change in a rating agency decision, issuance of a credit watch or change in company outlook; • movement of securities from one exchange or quotation system to another, delisting of securities, failure to comply with a listing standard; • conclusion or notice that security holders should no longer rely on previously issued financial statements or audit report; and • any material limitation regarding employee benefit, retirement or stock ownership plans. The final rules that the SEC adopts to implement Section 409 are likely to incorporate these earlier proposals. Recommendation: • Establish policies to ensure that material transactions and developments are timely communicated to those responsible for disseminating information to the public, including those responsible for filing Form 8-K reports. Orrick, Herrington & Sutcliffe LLP A-5 Material correcting adjustments identified by auditors Section 401(a) of the Act requires that each SEC-filed financial report that contains financial statements required to comply with GAAP must include all material correcting adjustments identified by the outside auditors. Effective Date: This portion of Section 401 is effective immediately. Recommendations: • Create review process with auditors to allow for informal discussions of accounting treatments well in advance of filing deadline. Off-balance sheet transactions Section 401(a) of the Act requires the SEC to adopt rules requiring disclosure in a public company’s annual and quarterly reports of all material off-balance sheet transactions and other relationships of the company with unconsolidated entities or other persons that may have a material current or future effect on the company’s financial condition, changes in financial condition, results of operations, liquidity, capital expenditures, capital resources, or significant components of revenues or expenses. This portion of Section 401 will be effective when the SEC adopts rules; no later than January 26, 2003. Effective Date: Related Proposals: • SEC Statement. On January 22, 2002, the SEC issued a statement titled “Commission Statement about Management’s Discussion and Analysis of Financial Condition and Results of Operations” (Release No. 33-8056) discussing disclosures relating to liquidity and capital resources, including off-balance sheet arrangements, and the effect of transactions with related and certain other parties. The suggested disclosures in the SEC statement on off-balance sheet transactions and unconsolidated special purpose entities may become required under the Act. • FASB Draft. In addition, on June 28, 2002, the Financial Accounting Standards Board (“FASB”) issued an exposure draft, titled “Proposed Interpretation, Consolidation of Certain Special-Purpose Entities, an interpretation of ARB No. 51” addressing consolidation by business enterprises of special-purpose entities. The draft expresses FASB’s belief that if a business enterprise has a controlling financial interest in a special purpose entity the assets, liabilities, and results of the activities of the special purpose entity should be included in consolidated financial statements with those of the business enterprise. Pro forma financial information Section 401(b) of the Act requires the SEC to adopt rules requiring that pro forma financial information included in periodic or other reports or other public disclosures, including press releases, be presented in a manner that • does not contain an untrue statement of a material fact or omit to state a material fact necessary in order to make the pro forma financial information, in light of the circumstances under which it is presented, not misleading; and Orrick, Herrington & Sutcliffe LLP A-6 • reconciles it with the financial condition and results of operations of the company under GAAP. This portion of Section 401 will be effective when the SEC adopts rules; no later than January 26, 2003. Effective Date: Related Proposals: On December 4, 2001, the SEC issued a statement titled “Cautionary Advice Regarding the Use of “Pro Forma” Financial Information in Earnings Releases” (Release No. 33-8039). The “cautionary advice” provided by the SEC is consistent with the requirements proposed by the Act. Internal controls assessment Section 404 of the Act requires the SEC to issue rules requiring annual reports to contain an internal control report: • stating the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and • containing a year-end assessment of the effectiveness of the internal control structure and procedures of the company for financial reporting. The outside auditor must attest to and report on the assessment. The Act does not specify a date by which the SEC must adopt rules implementing Section 404. Effective Date: Related Proposals: • SEC Rule Proposal. The SEC’s “Certification of Disclosure in Companies’ Quarterly and Annual Reports” (Release No. 34-46079) would require a company to maintain procedures to provide reasonable assurance that the company is able to collect, process and disclose the information required in these reports and in current reports on Form 8-K, and also to require periodic review and evaluation of these procedures. • NYSE Rule Proposals. The NYSE rule proposals would require each listed company to have an internal audit function. Frequent SEC review Section 408 of the Act directs the SEC to review the Section 13(a) disclosures of public companies whose securities are listed a national securities exchange or the Nasdaq Stock Market on a “regular and systematic basis” but no less frequently than once every three years. The SEC could likely review more frequently large cap companies, companies with volatile stock prices, companies issuing material restatements, emerging companies with disparities in price/earnings ratios and companies whose operations affect a material sector of the economy. Effective Date: Section 408 is effective immediately. Orrick, Herrington & Sutcliffe LLP A-7 Strengthen Corporate Governance Revised audit committee independence standards and responsibilities Section 301 of the Act requires that the SEC direct the national securities exchanges and the Nasdaq Stock Market to prohibit the listing of securities of companies not complying with certain audit committee requirements. These listing requirements must require the audit committee of the board of directors to be directly responsible for the company’s outside auditors, including choice of the auditor, compensation of the auditor and oversight of the audit work (including resolution of disagreements between management and the auditor regarding financial reporting), and that the auditor report directly to the audit committee. The listing requirements also would provide other specific requirements for the audit committee, including that each member must be an independent board member. A director will not be considered independent if he or she accepts any consulting or other compensation from the company, other than in his or her capacity as a board or committee member, or is an affiliated person of the company or any subsidiary, although the SEC has the authority to grant exceptions to this requirement. Section 301 also would require companies to develop channels of communication between the committee and broader constituencies. Thus, the listing standards would require audit committees to establish procedures: • for employees to submit anonymously any concerns they have about questionable accounting or auditing matters; and • for receipt, retention and treatment of complaints that the company receives about accounting, internal control or auditing matters. In addition, Section 301 would preclude the listing of any company that does not give its audit committee the authority to retain independent counsel and advisors as necessary or does not provide its audit committee with funding sufficient to engage the outside auditor and retain advisors. Section 301 will become effective when the SEC adopts rules; no later than April 26, 2003. Effective Date: Related Proposals: • NYSE Rule Proposals. The NYSE rule proposals cover many of the same matters as Section 301, including the requirements that o audit committee be comprised solely of independent directors; o prohibition on consulting and advisory fees paid to audit committee members; o chair of the audit committee must have accounting or financial management experience; and o audit committee has sole authority to hire and fire auditors and to approve any significant non-audit work by the auditors. Orrick, Herrington & Sutcliffe LLP A-8 The NYSE rule proposals also include many significant audit committee-related changes not directly covered by the Act, including: • o independent directors must comprise a majority of a board and meet without management in regular executive sessions; o a shareholder owing or controlling 20% or more of the company’s voting securities may not vote in audit committee proceedings; o tightening the definition of an independent director, including a five-year “cooling-off” period for former employees; and o independent directors must have no direct or indirect material relationship with the listed company. Nasdaq Rule Proposals. The Nasdaq rule proposals cover many of the same matters as Section 301, including the requirements that o audit committee be comprised solely of independent directors; o audit committee has sole authority to hire and fire auditors and to approve any significant non-audit work by the auditors; and o audit committee has right to consult and retain legal, accounting and other experts at company’s expense. Several of Nasdaq’s rule proposals have been mooted by the Act’s more stringent provisions. The Nasdaq rule proposals also include many significant audit committee-related changes not covered directly by the Act, including: o independent directors must comprise a majority of a board and meet without management in regular executive sessions; o audit committee must approve all related party transactions; o director is not independent if a charity affiliated with the director receives payments from the company that exceed the greater of $200,000 or 5% of either the company’s or charity’s gross revenues; o a shareholder owing or controlling 20% or more of the company’s voting securities will not be considered independent; o tightening the definition of an independent director, including a three-year “cooling-off” period for interlocking compensation committees, receipt of payments in excess of $60,000 other than for board service or having worked on the company’s audit engagement; and o mandated continuing education for directors. Orrick, Herrington & Sutcliffe LLP A-9 Recommendation: • Review composition of audit committee to ensure compliance with applicable new independence standard. Ensure continued compliance. • Revise audit committee charter to reflect new duties and responsibilities. • Provide additional education regarding new rules and responsibilities for audit committee members and unfettered access to outside auditors and legal counsel. • Formalize procedures for resolving disagreements on financial reporting between management and outside auditors. • Design and implement employee questions and complaint program regarding accounting concerns. Audit committee financial expert Section 407 of the Act directs the SEC to issue rules requiring each public company to disclose whether or not its audit committee has a “financial expert” and, if not, the reasons why it does not. In defining “financial expert”, the Act directs the SEC to consider whether a person has, through education or past experience as an accountant, controller or the like, the necessary understanding of GAAP, experience in preparing financial statements, experience with internal controls and an understanding of the audit committee function. Effective Date: Section 407 will become effective when the SEC adopts rules; no later than January 26, 2003. Related Proposals: The NYSE rule proposal requires that the chair of the audit committee must have accounting or financial management experience. Recommendation: • Determine whether anyone on the audit committee meets the new “financial expert” standard. Whistleblower job protection mandated Section 1107. Section 1107 of the Act makes knowing and intentional retaliation against persons giving law enforcement officers truthful information relating to commission or possible commission of any federal offense subject to fine and/or up to 10 years imprisonment. Section 806. Section 806 of the Act provides a civil cause of action to employees of public companies discharged or otherwise discriminated against for providing information or otherwise assisting in an investigation or proceeding involving an alleged violation of federal securities laws or regulations, or other federal law relating to fraud against shareholders. Effective Date: Sections 1107 and 806 are effective immediately. Orrick, Herrington & Sutcliffe LLP A-10 Expand Insider Accountability and Disclosure Obligations Disgorgement of certain incentive compensation and trading profits of CEO and CFO if financial reports restated because of misconduct Section 304 of the Act includes a “claw-back” provision requiring a public company’s chief executive officer and chief financial officer to disgorge certain compensation if the public company must restate its financial statements because of any misconduct resulting in material noncompliance with financial reporting requirements under the securities laws. Upon any such restatement, a public company’s chief executive officer and chief financial officer must reimburse the company for: • any bonus or other incentive-based or equity-based compensation received; and • profits realized from the sale of company securities during the 12-month period following the first public issuance or filing of the incorrect financial statements. Effective Date: Section 304 is effective immediately. The Act leaves to interpretation the definition of “misconduct” and, as a result, it is currently unclear whether or not “misconduct” under the Act would encompass negligent errors in reporting. The Act is also unclear as to whose misconduct would trigger the “claw-back” provision. Issues: Deadline for insiders to report transactions involving their company’s equity securities accelerated to two business days after occurrence of transaction Section 403 of the Act amends Section 16(a) of the Exchange Act to require reporting persons to disclose changes of beneficial ownership of public company securities (or the purchase or sale of security-based swap agreements) on Form 4 no later than the end of the second business day after the transaction. Currently, a Form 4 must be filed on the tenth calendar day after the end of the month in which a reportable transaction takes place, although the reporting of certain transactions, including those with the issuer exempted by Exchange Act Rule 16b-3, may be deferred until 45 days after the company’s fiscal year end. The Act does, however, grant rule-making authority to the SEC to change the deadline if the SEC determines that this filing deadline is not feasible. In addition, beginning no later than July 30, 2003, Form 4 must be filed with the SEC electronically. A company will be required to make these reports available to the public on its website (if it maintains one) not later than the end of the business day following the filing. Effective Date: August 29, 2002. Issues: Although Section 16 filings are the responsibility of the individual director or officer, many companies coordinate and file these forms as a service to their directors and officers. The real-time nature of the new filing requirements may make this difficult unless pre-transaction clearance or notification procedures are put in place. Orrick, Herrington & Sutcliffe LLP A-11 Related Proposals: • On April 12, 2002, the SEC issued a proposed rule titled “Form 8-K Disclosure of Certain Management Transactions” (Release No. 33-8090), which would amend Form 8-K to require more prompt disclosure of insider transactions. Many of the proposals were included in the Act. As a result, on August 6, 2002, the SEC issued supplemental information (Release No. 34-46313) regarding the amendments to Section 16 enacted by the Act. The SEC announced that it does not intend to consider further its proposed amendments in Release 33-8090 to require companies to report directors’ and executive officers’ transactions in company equity securities on Form 8-K. The SEC continues to consider the other amendments proposed in that release that would require companies to disclose information about directors’ and executive officers’ Rule 10b5-1 arrangements and company loans and loan guarantees to directors and executive officers that are not prohibited by Section 402 of the Act. • Under the SEC proposal, Rule 16a-3(f), as amended, would subject to two-business day reporting on Form 4 all reportable transactions with the issuer exempted by Rule 16b-3, including transactions in issuer equity securities and derivative securities. Derivative securities transactions reportable under the amended rule would include issuances, exercises, and cancellations and regrants of stock options, including repricings. • The SEC currently does not intend to consider rules providing exemptions from the two-business day reporting deadline for Form 4 based on non-feasibility for transactions categorized by type of issuer, type of insider or size of transaction. It is reviewing the deadlines only for narrowly specified types of transactions where objective criteria prevent the insider from controlling (and in many cases from knowing) when the transaction is executed and where the SEC has concluded that satisfying the two-business day period would not be feasible. Recommendation: • Revise insider trading policies to require pre-clearance or pre-notification of all stock transactions by Section 16 persons. • Educate directors and affected officers about new filing obligations. • Establish Section 16 reporting compliance procedures to ensure compliance with accelerated deadlines and electronic filing, when required. • Establish process for posting Section 16 reports on website once electronic filing commences. • Review existing Rule 10b5-1 plans to implement procedures for reporting transactions timely. Orrick, Herrington & Sutcliffe LLP A-12 New loans by company to insiders prohibited Section 402 of the Act prohibits companies from extending or maintaining credit, or arranging for an extension of credit, in the form of a personal loan, to any director or executive officer. Loans already outstanding as of the effective date are excepted from this prohibition, but these grandfathered loans may not be extended or materially modified. Very limited specified types of loans made in the ordinary course of a company’s business with terms no more favorable than offered to the public and certain loans made by an insured depository are still permitted. Effective Date: Section 402 is effective immediately. It would appear that certain corporate practices that have become common in recent years will no longer be allowed, including personal loans for relocation, personal loans for exercising stock options (and certain forms of cashless exercise), stock purchase and loan programs arranged and guaranteed by a company, and split dollar life insurance policies. Issues: Recommendation: • Review arrangements with directors and executive officers that are or might be considered loans. • No material modifications or extensions of any existing loans. Insider trades restricted during pension fund blackout periods Under Section 306 of the Act, directors and executive officers will be prohibited from buying or selling equity securities of their public companies during certain retirement plan blackout periods. For purposes of facilitating compliance with this rule, public companies will be required to provide timely notice of these retirement plan blackout periods to the SEC and to its directors and executive officers. The trading prohibition applies only to securities that directors and executive officers have acquired in connection with their services to the company. A “blackout period” is generally defined as a period of more than three consecutive business days in which trading is suspended for at least 50% of a plan’s participants and does not include any regularly scheduled period that is incorporated into the plan and timely disclosed to employees. Directors and executive officers who violate this provision must return any profits realized on the transaction to the company. Either the public company or a holder of the company’s securities, on a derivative basis, if the company fails to do so, may institute suit for recovery of profits. Employee benefit plan administrators must provide participants with at least 30 days’ advance notice of a blackout period, subject to certain exceptions. The notice must be in plain English and must explain the reasons for the blackout period, the investments affected and the expected length of the blackout period. Plan administrators are also required to include a statement in the notice that it may be appropriate for the participant or beneficiary to evaluate his or her investment decision in light of the blackout period. If a blackout period is changed or extended, the plan administrator must provide notice to participants and beneficiaries are soon as reasonably possible. Effective Date: January 26, 2003. Orrick, Herrington & Sutcliffe LLP A-13 Related Proposals: The new items added to Form 8-K under the SEC’s proposed rule “Additional Form 8-K Disclosure Requirements and Acceleration of Filing Dates” would require a Form 8-K filing in connection with a blackout period. Recommendation: • Establish procedures for human resources/employee benefits department to notify insiders/10b5-1 plan brokers/SEC of blackout periods. • Review existing 10b5-1 plans to ensure provision is made for suspension of formula trades during blackout periods. Disclosure of code of ethics for senior financial officers Section 406 of the Act requires the SEC to issue rules requiring a public company to disclose whether or not it has adopted a code of ethics for senior financial officers and, if not, the reasons why it has not. It also requires revisions to SEC rules that would mandate immediate disclosure by Form 8-K or electronic means of any change in or waiver of the code of ethics. Effective Date: Section 406 will become effective when the SEC adopts rules; no later than January 26, 2003. Related Proposals: The NYSE rule proposals and the Nasdaq rule proposals require listed companies to adopt (and publicize) a code of business conduct and ethics for all directors, officers and employees. Waivers of the code for directors or executive officers must be promptly disclosed. Recommendation: • Waivers of, or changes to, ethics code should be approved by audit committee or majority of independent directors. Heighten Auditor Independence Non-audit services restricted Sections 202 of the Act (which is applicable to public companies generally as compared to exchange-listed or Nasdaq traded companies), requires the audit committee (or if no audit committee exists, the entire board) to pre-approve all auditing services and, subject to a de minimus exception, all non-audit services, including tax services, rendered by an outside auditor. However, Section 201 of the Act prohibits outside auditors from performing certain specified non-audit services contemporaneously with the audit. These include: • bookkeeping or other services related to the accounting records or financial statements of the audit client; • financial information systems design and implementation; • appraisal or valuation services, fairness opinions and the like; • actuarial services; Orrick, Herrington & Sutcliffe LLP A-14 • internal audit outsourcing services; • management functions or human resources; • broker or dealer, investment adviser or investment banking services; and • legal services and expert services unrelated to the audit. The audit committee may delegate to one or more designated independent directors that are audit committee members the authority to grant pre-approvals, but the designated member(s) must present any decision to the full audit committee at each scheduled meeting. In addition, approval of a non-audit service must be disclosed in the company’s periodic reports. Section 201 will become effective 180 days after the Public Company Accounting Oversight Board begins operations. Section 202 does not indicate a deadline for effectiveness and presumably is effective immediately. Effective Date: Related Proposals: The NYSE rule proposals would grant the audit committee sole authority to hire and fire auditors and to approve any significant non-audit work by the auditors. Recommendation: • Determine if outside auditors currently provide any prohibited non-audit services and make alternative arrangements. • Audit committee to pre-approve all audit services and permissible non-audit services; put into place procedures to capture information regarding non-audit service approvals for periodic reports. Report to audit committee required Section 204 of the Act requires outside auditors to timely report to the audit committee of a public company (or if no audit committee exists, the entire board) the company’s critical accounting policies and practices. Where GAAP provides more than one alternative method for treatment of a transaction, the outside auditor must describe the different alternatives discussed with management and their impact, and specify which treatment the outside auditor prefers. Finally, the outside auditors must report management letters, schedules of unadjusted differences and other material written communications with management to the audit committee. Section 204 will become effective once outside auditors become registered (i.e., no later than October 23, 2003). Effective Date: Related Proposals: • SEC Rule Proposal. On May 10, 2002, the SEC issued a proposed rule titled “Disclosure in Management’s Discussion and Analysis about the Application of Critical Accounting Policies” (Release No. 33-8098). Under the first part of the proposals, a company would have to identify the accounting estimates reflected in its financial statements that required it to make assumptions about matters that were Orrick, Herrington & Sutcliffe LLP A-15 highly uncertain at the time of estimation. Disclosure about those estimates would then be required if different estimates that the company reasonably could have used in the current period, or changes in the accounting estimate that are reasonably likely to occur from period to period, would have a material impact on the presentation of the company’s financial condition, changes in financial condition or results of operations. A company’s disclosure about these critical accounting estimates would include a discussion of: the methodology and assumptions underlying them; the effect the accounting estimates have on the company’s financial presentation; and the effect of changes in the estimates. Under the second part of the proposals, a company that has initially adopted an accounting policy with a material impact would have to disclose information that includes: what gave rise to the initial adoption; the impact of the adoption; the accounting principle adopted and method of applying it; and the choices it had among accounting principles. • NYSE Rule Proposals. The NYSE rule proposals require that the audit committee must obtain and review a report by the independent auditor describing the firm’s internal quality-control procedures and any material issues raised by the most recent internal-quality control review, or peer review, of the firm. Rotation of audit partner Section 203 of the Act requires that the lead audit partner and second (review) partner on a public company’s account must be changed every five years. Effective Date: Section 203 will become effective once outside auditors become registered (i.e., no later than October 23, 2003). Recommendation: • Verify audit partner rotation schedule and auditors’ compliance with new conflicts of interest rules. Auditor conflicts of interest limited Section 206 of the Act effectively imposes a one-year cooling-off period on audit firm employees who leave an accounting firm to become CEO, CFO or chief accounting officer of a client for whom they performed audit services; their former firm is prohibited from performing any audit services for the new employer for one year. Effective Date: Section 206 will become effective once outside auditors become registered (i.e., no later than October 23, 2003). Improper influence by corporate personnel on the conduct of audit prohibited Section 303 of the Act prohibits officers or directors of a public company (or any person acting under their direction) from fraudulently influencing, coercing, manipulating or misleading any independent public or certified accountant engaged in auditing the public company’s financial statements, for the purpose of rendering its financial statements materially misleading. It gives the SEC exclusive authority to enforce this provision in any civil proceeding. Orrick, Herrington & Sutcliffe LLP A-16 Effective Date: Section 303 will become effective when the SEC adopts rules; no later than April 26, 2003. Recommendation: Companies should include a provision incorporating this prohibition in their code of ethics. Increase Auditor Oversight Independent auditor oversight board created to regulate (with SEC oversight) public company auditors and audits Title I of the Act creates the Public Company Accounting Oversight Board (the “Board”) to oversee the audit of public companies that are subject to the securities laws. The Board will be a nonprofit corporation under the general oversight of the SEC. It will not be an agency of the federal government. Its operations will be funded by fees assessed against public companies. The Board will be comprised of five full-time independent members (of whom only two may be current or former certified public accountants) appointed by the SEC for five-year terms. The duties of the Board will include the following: • Register accounting firms that audit public companies. All accounting firms that audit public companies, including foreign accounting firms, must register with the Board no later than 180 days after the Board commences operation. • Establish and adopt auditing, quality control, ethics, independence and other standards relating to the preparation of audit reports. The Act specifies certain rules the Board must adopt. The mandatory standards include: o seven years retention of audit work papers and related information in sufficient detail to support the auditor’s conclusions in its audit report; o “second partner” review and approval of audit reports; and o disclosure of the procedures used by the auditor to test the company’s systems for compliance with internal accounting control structure and procedures, together with an evaluation of internal controls. In addition, it must establish standards for a registered accounting firm’s monitoring of ethics and independence; consultation within the firm on audit issues; audit supervision; hiring, development, and advancement of audit personnel; acceptance and continuance of engagements; and internal inspection. • Conduct inspections of registered public accounting firms. The Board is required to regularly inspect the operations of each registered public accounting firm. Firms that audit over 100 public companies must be inspected annually; all others must be inspected at least once every three years. Orrick, Herrington & Sutcliffe LLP A-17 • Conduct investigations and disciplinary proceedings and impose sanctions against registered public accounting firms. The Board has broad powers to investigate acts, practices or omissions of public accounting firms that may violate the Act, the Board’s rules, professional accounting standards or the federal securities laws. The initial Board members must be appointed by the SEC by October 28, 2002. The initial members of the Board must finalize the organizational matters (including the hiring of staff, proposal of rules and adoption of initial and transitional auditing and professional standards) by April 26, 2003, at which point the SEC will make a determination that the Board is ready to begin operation. Effective Date: Broaden Sanctions for Wrongdoing Criminal sanctions enhanced The Act changes liability and penalty provisions of federal law. It creates or modifies criminal liability punishable by fines and/or imprisonment for the following: • Destruction, Alteration or Falsification of Records. Section 802 of the Act makes the knowing alteration, destruction, mutilation, concealment, cover up or falsification of a record or document with the intent to impede, obstruct or influence a federal investigation or bankruptcy case subject to fines and/or up to 20 years imprisonment. • Destruction of Corporate Audit Records. Section 802 of the Act also makes the knowing and willful violation of new audit workpaper retention requirements of five years imposed by the Act and related rules and regulations subject to fines and/or up to ten years imprisonment. • Tampering with Records. Section 1102 of the Act makes the corrupt alteration, destruction, mutilation or concealment of a record or document with the intent to impair its integrity or availability for a proceeding or otherwise obstructing, influencing or impeding a proceeding (or attempting to do so) subject to fines and/or up to 20 years imprisonment. • Securities Fraud. Section 807 of the Act creates an additional federal felony, subject to fines and/or up to 25 years imprisonment, for knowingly executing or attempting to execute a scheme or artifice o to defraud a person in connection with any security of a public company; or o to obtain by means of fraud any money or property in connection with the purchase or sale of any security of a public company. The Act also increase criminal penalties for several existing white collar crimes. • • Increased Criminal Penalties Under the Exchange Act. Section 1106 of the Act increases the penalty for willful violations of the Exchange Act from up to $1 million and/or ten years in prison to up to $5 million and/or 20 years in prison. For other than natural persons, it increases the penalty from up to $2.5 million to up to $25 million. Mail and Wire Fraud. Section 903 of the Act increases the maximum prison terms for mail and wire fraud from five to 20 years. Orrick, Herrington & Sutcliffe LLP A-18 • ERISA. Section 904 of the Act increases the penalties for criminal violations of ERISA from up to $5,000 and/or one year in prison to up to $100,000 and/or ten years in prison. For other than natural persons, it increases the penalty from up to $100,000 to up to $500,000. • Attempts and Conspiracies. Section 902 of the Act makes attempts and conspiracies to commit offenses under the white collar criminal laws contained in the U.S. Code (Chapter 63 of Title 18) subject to the same penalties as the underlying offenses. Effective Date: Each of these sections is effective immediately. Recommendation: • Establish and distribute a written policy explicitly prohibiting employees from destroying, altering or falsifying any records that may be connected to an investigation, litigation or bankruptcy proceeding. Civil sanctions enhanced The Act also amends the following: • Statute of Limitations for Securities Fraud. Section 804 of the Act extends the statute of limitations for securities fraud in a private right of action to the earlier of two years after discovery of the facts or five years after the violation. (The current statute is one and three years, respectively.) • Debts from Violations of Securities Law in Bankruptcy. Section 803 of the Act makes the debts of an individual for violations of any securities law, rule or regulation and for common law securities fraud non-dischargeable in a later bankruptcy. • SEC Authority to Temporarily Freeze Extraordinary Payments. Section 1103 of the Act permits the SEC, during an investigation for violation of the federal securities laws by a public company or any of its directors, officers, partners, controlling person, agents, or employees, to seek a temporary order requiring the company to escrow any “extraordinary payments” to the person for 45-90 days or the conclusion of any legal proceeding against the person. • SEC Authority to Prohibit Persons from Serving as Officers or Directors. Section 1105 of the Act gives the SEC the authority to prohibit any individual who has violated the anti-fraud provisions of the federal securities laws from acting as an officer or director of a public company if the individual’s conduct demonstrates “unfitness” to serve as an officer or director. The standard for disqualification was previously “substantial unfitness”. • Remedies for Victims. Section 308 of the Act permits the SEC to direct any civil penalty obtained concurrently with an order requiring disgorgement of profits for securities laws violations to the disgorgement fund. Effective Date: Each of these sections is effective immediately. Orrick, Herrington & Sutcliffe LLP A-19 Other Matters Analyst conflicts of interest Section 501 of the Act requires the SEC, either directly or through a national securities exchange or a national securities association, to adopt rules to address the potential conflicts of interest that arise when analysts recommend equity securities. The rules are to be designed to: • foster greater public confidence in securities research and to protect the objectivity and independence of security analysts; • define periods when firms who have participated, or are to participate, in a public offering of securities may not distribute research reports on the securities; and • establish safeguards within firms to assure that securities analysts avoid review, pressure, or oversight by the investment banking side of the firms. In addition, the SEC, either directly or through a national securities exchange or a national securities association, must adopt new rules reasonably designed to require disclosure of conflicts of interest by analysts in public appearances and by brokers or dealers in research reports, including: • the extent to which the analyst has debt or equity investments in the subject company; • whether the broker or dealer or analyst has received any compensation from the subject company (subject to such exemptions as the SEC may determine necessary and appropriate); • whether the subject company whose securities are recommended has been a client of the broker or dealer within the past year, and if so, the type of services rendered; and • whether the analyst received any compensation for the research report based on investment banking revenues. Effective Date: Section 501 will become effective when the SEC adopts rules; no later than July 30, 2003. Related Proposals: • NYSE Rulemaking. Amendments to exchange rules relating to analyst conflicts of interest and proposed by the NYSE came into effect on July 9, 2002. The amendments restrict compensation that research analysts can receive from investment-banking activity, certain purchases of subject companies’ securities and their trading. The amendments also establish “quiet periods” for publishing research after a firm’s participation in an IPO or secondary offering as manager or co-manager, and prohibit offering favorable research as an inducement for business. The amendments require clear and prominent disclosure of: Orrick, Herrington & Sutcliffe LLP A-20 o firm ownership of 1% or more of any class of equity security of a subject company; o the financial interest of analysts or their household members in a subject company; o conflicts of interest at the time a research report is issued or a public appearance occurs; and o compensation paid by the subject company to the firm within the last 12 months or expected within the next three months. Further, neither the firm’s investment-banking department nor the subject company may review or approve research reports prior to distribution. • SEC Rules. On August 2, 2002, the SEC issued a proposed rule titled “Regulation Analyst Certification” (Release No. 33-8119). The proposed regulation would require that any research report disseminated by broker or dealer include certifications by the research analyst that the views expressed in the research report accurately reflect the analyst’s personal views, and whether the analyst received compensation or other payments in connection with his or her specific recommendations or views. A research analyst would also be required to provide certifications and disclosures in connection with public appearances. Attorneys’ Responsibilities Section 307 of the Act directs the SEC to set forth minimum standards of professional conduct for attorneys representing public companies before the SEC, including a rule requiring an attorney to report to the chief legal officer or chief executive officer of the public company evidence of material violations of the securities laws, breaches of fiduciary duty or other similar violations by the company or its agents. If that person does not appropriately respond, including undertaking appropriate remedial measures, the rule is to require the attorney to report the evidence to the public company’s audit committee, or to another board committee consisting solely of directors not employed by the company, or to the full board. Effective Date: Section 307 will become effective when the SEC adopts rules; no later than January 26, 2003. Related Proposals: On July 24, 2002, the American Bar Association’s Task Force on Corporate Responsibility proposed amendments to the Model Rules of Professional Conduct intended to guide attorneys confronted with misconduct by corporate officers. The amendments would require an attorney to pursue remedial measures for corporate misconduct known to the attorney and to communicate with higher corporate authority where other efforts fail to prevent or rectify the misconduct, as well as requiring disclosure to prevent felonies or other serious crimes, including violations of the federal securities laws. The proposals of the ABA Task Force, on the whole, do not go as far as the rules Section 307 requires but would apply to all companies, not just public companies. A copy of the draft can be accessed at http://www.abanet.org/buslaw/corporateresponsibility/preliminary_report.pdf. Orrick, Herrington & Sutcliffe LLP A-21