internal controls

advertisement
Sarbanes-Oxley Act of 2002
Corporate Governance Reforms
September 26, 2002
A quick overview:
•
establishes new disclosure requirements for public companies;
•
imposes principal executive officer and principal financial officer certification
requirement for periodic filings with associated criminal liability;
•
prohibits company loans to executive officers and directors;
•
requires accelerated Sec 16 reporting of transactions by executive officers and
directors;
•
provides for forfeiture of bonuses and stock gains of CEOs and CFOs following an
accounting restatement due to misconduct;
A quick overview:
•
prohibits insider transactions during benefit plan “blackout periods;”
•
imposes new obligations on corporate audit committees;
•
establishes a new regulatory body to oversee the public company accounting
profession;
•
prohibits auditors from contemporaneously providing non-audit services to their
audit clients;
•
imposes new rules of professional responsibility on attorneys and securities analysts;
and
•
enhances criminal penalties for securities-related offenses.
Implementation of Sarbanes-Oxley Act:
•
signed into law on July 30, 2002;
•
certain provisions of Sarbanes-Oxley became effective immediately;
•
the SEC was granted authority to implement regulations in furtherance of the Act;
and
•
since July 2002, the SEC has adopted three sets of final rules and additional rules
are expected.
To whom does Sarbanes-Oxley apply?
•
applies to all issuers that file quarterly and annual reports under either Section
13(a) or 15(d) of the Exchange Act.
•
this includes:
– foreign private issuers;
– small business issuers;
– banks and savings associations;
– asset-backed issuers;
– investment companies (although subject to slightly different rules); and
– companies that have filed a registration statement with the SEC that has
not yet become effective.
Certification of Periodic Reports
Two separate certifications:
•
Section 302 certification; and
•
Section 906 certification.
SEC Rules 13a-14 and 15d-14:
•
require an issuer’s principal executive officer and principal financial officer to
certify the contents of the issuer’s quarterly and annual reports (and any
amendments to those reports);
•
certification does not apply to Forms 8-K or 6-K; and
•
rules still require that disclosure controls and procedures be designed, maintained
and evaluated to ensure full and timely disclosure in current reports, proxy
statements and information statements.
Content of the Section 302 Certification:
An issuer’s principal executive officer and principal financial officer each must
certify, with respect to the issuer’s quarterly and annual reports that:
•
he or she has reviewed the report;
•
based on his or her knowledge, the report does not contain any untrue
statement of a material fact or omit to state a material fact necessary in order to
make the statements made, in light of the circumstances under which such
statements were made, not misleading;
•
based on his or her knowledge, the financial statements, and other financial
information included in the report, fairly present in all material respects the
financial condition and results of operations of the issuer as of, and for, the
periods presented in the report;
Content of the Section 302 Certification:
•
he or she and the other certifying officers:
are responsible for establishing and maintaining disclosure controls and
procedures for the issuer;
•have “designed such disclosure controls and procedures to ensure that
material information is made known to them, particularly during the period
in which the periodic report is being prepared;”
•have evaluated the effectiveness of the issuer’s disclosure controls and
procedures within 90 days of the date of the report; and
•have presented in the report their conclusions about “the effectiveness of the
disclosure controls and procedures based on the required evaluation as of
that date;”
•
Content of the Section 302 Certification:
•
he or she and the other certifying officers have disclosed to the issuer’s
auditors and to the audit committee of the board of directors (or persons
fulfilling the equivalent function):
•
•
•
all “significant deficiencies” in the design or operation of internal controls
which could adversely affect the issuer’s ability to record, process,
summarize and report financial data and have identified for the issuer’s
auditors any material weaknesses in internal controls; and
any fraud, whether or not material, that involves management or other
employees who have a significant role in the issuer’s internal controls; and
he or she and the other certifying officers have indicated in the report whether
or not there were significant changes in internal controls or in other factors that
could significantly affect internal controls subsequent to the date of their
evaluation, including any corrective actions with regard to significant
deficiencies and material weaknesses.
Certification statements:
•
still to be made based on the certifying officer’s knowledge;
•
knowledge based on discharging their duties and following disclosure controls and
procedures;
•
quarterly reports are not being expanded to satisfy the requirements of annual
reports;
•
definition of “materiality” is not changing; and
•
subject to SEC action for violating Sec 13(a) or 15(d) of the Exchange Act and to
SEC and private actions for violating Sec 10(b) of the Exchange Act.
Section 906 Certification
•
was effective immediately for periodic reports filed by issuers on or after July 30,
2002;
•
requires that any SEC periodic report containing financial statements be accompanied
by a written statement of the CEO and CFO certifying that the report (1) complies
with the SEC requirements for periodic reports and (2) fairly presents in all material
respects the financial condition and results of operations of the company; and
•
knowing violation is punishable by a fine of up to $1 million and imprisonment for up
to 10 years while a willful violation raises fine to maximum of $5 million and
imprisonment of up to 20 years.
Disclosure Controls and Procedures
“Disclosure controls and procedures:”
•
designed to incorporate a broader range of information than is covered by an
issuer’s internal controls,
•
different from “internal controls,”
•
Procedures should:
(1)
(2)
(3)
ensure timely collection and evaluation of information subject to
disclosure under the requirements of S-X, S-K, S-B and Forms 20-F and
40-F;
capture information relevant to an assessment of the need to disclose
developments and risks pertaining to the issuer’s business; and
cover information that must be evaluated in the context of the disclosure
requirement of Exchange Act Rule 12b-20.
Evaluation of disclosure controls and
procedures:
•
Rules 13a-15 and 15d-15 require the principal executive officer and principal financial
officer of the issuer supervise an evaluation of the effectiveness of the design and
operation of the procedures within 90 days of the filing date of reports;
•
SEC has not outlined procedures yet for the evaluation process;
•
the evaluation process must, at minimum, address matters specified by the rules;
•
findings of the procedures and corrective actions taken must be disclosed;
•
MD&A section should include a discussion of an issuer’s internal controls; and
•
the issuer’s auditors will be required to attest to and report on management’s assessment
of the disclosure controls and procedures.
A disclosure committee:
•
the SEC recommends that an issuer create a disclosure committee responsible for
considering the materiality of information and determining disclosure obligations on a
timely basis;
•
committee should report to the principal exec officer and principal financial officer;
•
committee should include: principal accounting officer or controller, the general
counsel or other senior legal officer, the principal risk management officer, the investor
relations officer and such other officers as the issuer might deem appropriate; and
•
consider appointing a disclosure coordinator.
Recommendations for issuers:
•
Assess existing disclosure controls and procedures.
•
Work to adopt revised or new disclosure controls and procedures:
– existing auditors cannot help with consulting on, or designing, procedures:
– procedures should be written.
•
Form a Disclosure Committee.
•
Select a Disclosure Coordinator.
•
Build into SEC reporting schedule additional time for necessary reviews.
•
Adopt a quarterly review procedure for preparation of periodic reports.
•
Adopt a quarterly review procedure for review of disclosure controls and procedures.
Recommendations for issuers:
•
Review new procedures with the issuer’s Audit Committee and with the issuer’s
auditors.
•
Adopt a policy that encourages employees to communicate to senior executives or to
Disclosure Coordinator concerning disclosure questions.
•
Review with outside counsel their role: just reviewing forms for compliance with S-K
or S-B? commenting on certain sections (regulatory sections)? More?
Accelerated Filing Deadlines for
Periodic Reports
Accelerated filers are domestic
companies that:
•
•
•
•
have a public float of at least $75 million;
have filed at least one annual report;
have been reporting for at least 12 months; and
are not eligible to use SB forms.
Accelerated filing status should be evaluated each year.
Companies that meet the “accelerated filer” test as of the end of their first fiscal year
ending on or after December 15, 2002, the annual report deadline will remain 90 days
for year one and will accelerate by 15 days per year over a two-year period to 60 days.
For Fiscal Years
Ending on or After
Form 10-K
Deadline
Form 10-Q Deadline
December 15, 2002
90 days after fiscal year end
45 days after fiscal quarter
end
December 15, 2003
75 days after fiscal year end
45 days after fiscal quarter
end
December 15, 2004
60 days after fiscal year end
40 days after fiscal quarter
end
December 15, 2005
60 days after fiscal year end
35 days after fiscal quarter
end
Website Access to Reports
What must be disclosed?
•
Beginning with Form 10-K for accelerated filers having a fiscal year ending on or
after December 15, 2002, issuers must disclose:
• the company’s website address,
• whether the company makes available free of charge on or through its website its
periodic reports and any amendments as soon as reasonably practicable after filing
with the SEC,
• if the company does not make filings available in this manner, the reasons it does
not, and
• if the company does not make its filings available in this manner, whether the
company voluntarily will provide electronic or paper copies of its filings free of
charge upon request.
What must be disclosed?
•
Hyperlinking to third party sites is acceptable so long as:
(1) reports are made available within the appropriate time frame;
(2) access to the reports is free of charge; and
(3) hyperlinks lead directly to the company’s reports or to a list of its reports.
•
Incorporated information is not required to be posted separately, although it is
encouraged if it aids investor access to the information.
•
Reports should be available for at least a 12-month period.
Ownership Reports and Trading
by Officers, Directors and Principal
Securityholders
Accelerated filing of Forms 4
Effective August 29, 2002, Forms 4 reporting transactions by:
• officers,
• directors, and
• beneficial owners of more than 10% of any class of equity securities
registered under Section 12 of the Exchange Act.
Must be filed before the end of the second business day following the day on which
the subject transaction was executed
Accelerated reporting of 16b-3
transactions:
•
transactions between officers or directors and the issuer exempted from short-swing
profits recovery by Rule 16b-3 are now reportable within 2 business days on Form 4;
•
this impacts reporting of:
– dispositions to the issuer exempted by Rule 16b-3(e); and
– discretionary transactions pursuant to employee benefit plans.
Exceptions to the 2-Business Day
Deadline:
Only in instances where objective criteria prevent the reporting person from
controlling the trade date, such as
• 10b5-1 program trades where the reporting person does not select the date of
trade, and
• Discretionary Transactions under a benefit plan where the reporting person
doesn’t select the date of execution.
Personal Loans
Section 402 of Sarbanes Oxley
•
amends Sec 13 of the Exchange Act to prohibit, subject to limited exceptions, public
companies from making or arranging, directly or indirectly “personal loans” to their
executive officers and directors;
•
existing loans are grandfathered so long as there are no subsequent material
modifications to the terms nor any renewals;
•
no guidance as to existing commitments to make loans.
Exceptions to Section 402 prohibition:
•
does not prohibit certain consumer credit arrangements (home improvement or credit
card loans), or
•
margin loans by a registered broker-dealer permitted under the rules or regulations of
the Fed,
if, such consumer credit arrangements or margin loans are:
•
made in the ordinary course of the issuer’s business;
•
of a type generally made available by the issuer to the public; and
•
on market terms or terms no more favorable than those offered by the issuer to the
general public.
Issuers should scrutinize:
•
relocation advances/payments;
•
existing loans/notes to executive officers and directors;
•
cashless exercise option programs;
•
premium payments under split dollar life insurance policies; and
•
employer-assisted monetization transactions.
Download