The Current Status of Corporate Governance in the USA An overview of the cause and effect of recent legislation The State of Governance The is a lengthy history of corporate governance in the US. Here is a short summary… 19th century legislation facilitated the rights of corporations as sovereign entities with legal standing "The Modern Corporation and Private Property" (Berle and Means, 1932) published shortly after the 1929 stock market crash continues to have a profound influence on the concept of corporate governance in scholarly debates today. The State of Governance Fama & Jensen’s "The Separation of Ownership and Control" (1983) firmly established agency theory as a way of understanding corporate governance. The corporation is seen as a series of contracts under which an agent represents the interests of a principal. The State of Governance The current preoccupation with corporate governance in the US can be traced to a series of corporate crises which saw the collapse of two big corporations: Enron and WorldCom, and the ensuing scandals and collapses in other organizations such as Arthur Andersen, Global Crossing and Tyco. However, the story is far more complicated than that… The State of Governance The State of Governance Corporate governance as we know it today was legislated in 2002…. Anyone know the name of the bill? The State of Governance Sarbanes-Oxley Act (SOX) The legislation is wide-ranging and establishes new or enhanced standards for all U.S. public company boards, management, and public accounting firms. The Act contains 11 titles, or sections, ranging from additional Corporate Board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law The State of Governance Sections of SOX TITLE I -- “Public Company Accounting Oversight Board (PCAOB)” Title I establishes the Public Company Accounting Oversight Board (PCAOB), to provide independent oversight of public accounting firms providing audit services ("auditors"). It also creates a central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX. Title I consists of nine sections. The State of Governance TITLE II -- “Auditors Independence” Title II, which consists of nine sections, establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation policy, conflict of interest issues and auditor reporting requirements. Section 201 of this title restricts auditing companies from doing other kinds of business apart from auditing with the same clients The State of Governance TITLE III -- “Corporate Responsibility” Title III mandates that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports. It defines the interaction of external auditors and corporate audit committees, and specifies the responsibility of corporate officers for the accuracy and validity of corporate financial reports. It enumerates specific limits on the behaviors of corporate officers and describes specific forfeitures of benefits and civil penalties for noncompliance. For example, Section 302 implies that the company board (Chief Executive Officer, Chief Financial Officer) should certify and approve the integrity of their company financial reports quarterly. This helps establish accountability. Title III consists of eight sections. The State of Governance TITLE IV -- “Enhanced Financial Disclosures” Title IV consists of nine sections. It describes enhanced reporting requirements for financial transactions, including off-balance sheet transactions, pro-forma figures and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures, and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports. The State of Governance TITLE V -- “Analyst Conflicts of Interest” Title V consists of only one section, which includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest. The State of Governance TITLE VI -- “Commission Resources and Authority” Title VI consists of four sections and defines practices to restore investor confidence in securities analysts. It also defines the SEC’s authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, adviser or dealer. The State of Governance TITLE VII -- “Studies and Reports” Title VII consists of five sections. These sections 701 to 705 are concerned with conducting research for enforcing actions against violations by the SEC registrants (companies) and auditors. Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations and enforcement actions, and whether investment banks assisted Enron, Global Crossing and others to manipulate earnings and obfuscate true financial conditions. The State of Governance TITLE VIII -- “Corporate and Criminal Fraud Accountability” Title VIII consists of seven sections and it also referred to as the “Corporate and Criminal Fraud Act of 2002.” It describes specific criminal penalties for fraud by manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistle-blowers. The State of Governance TITLE IX -- “White Collar Crime Penalty Enhancement” Title IX consists of two sections. This section is also called the “White Collar Crime Penalty Enhancement Act of 2002.” This section increases the criminal penalties associated with white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense. The State of Governance TITLE X -- “Corporate Tax Returns” Title X consists of one section. Section 1001 states that the Chief Executive Officer should sign the company tax return. The State of Governance TITLE XI -- “Corporate Fraud Accountability” Title XI consists of seven sections. Section 1101 recommends a name for this title as “Corporate Fraud Accountability Act of 2002” . It identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties. This enables the SEC to temporarily freeze large or unusual payments. The State of Governance OK, so how does all of this relate to information systems? Answer: SOX Sec 302 & Sec 404 The State of Governance Sec 302 Section 302 of the Act mandates a set of internal procedures designed to ensure accurate financial disclosure. The signing officers must certify that they are “responsible for establishing and maintaining internal controls” and “have designed such internal controls to ensure that material information relating to the company and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared.” The State of Governance Lastly, Sec 302 requires… The officers must “have evaluated the effectiveness of the company’s internal controls as of a date within 90 days prior to the report” and “have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date.” The State of Governance Section 404 Management is required to produce an “internal control report” The report must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting.” The State of Governance The report produced under Sec 404 must be audited by the financial statement auditors to determine whether or not the assertions made by management are generally relilable. The State of Governance Alright already, how is this related to Information Systems? Most, if not all, corporate financial accounting is conducted within the parameters of automated accounting software that is directed link to almost every other enterprise system! The State of Governance There are a lot of information systems areas that require investigation and audit. Take about 10 minutes and on a sheet of paper and list some areas of information systems that would require audit under SOX.