Tag Archives: PCAOB

Communicate Consistently – It Really Does Matter

By: George M. Wilson & Carol A. Stacey

 
As we discuss in our workshops, it is crucial that companies communicate consistently across all the channels they use. Here are a couple of SEC comments that illustrate this point.

This first comment refers to articles in the news. Yes, the SEC staff does read the paper! This means that companies need to monitor news stories to assure that publically disseminated information is consistent with other disclosures.

General

  1. Recent articles indicate that Yahoo’s November 2014 agreement with Mozilla contains a change-in-control provision that provides Mozilla with the right to receive $375 million annually through 2019 if Yahoo is sold and Mozilla does not deem the new partner acceptable. As this provision appears to take the agreement out of the ordinary course of business, please provide us with your analysis of the materiality of this agreement for purposes of Item 601(b)(10) of Regulation S-K.

 

Here is another frequent theme, how the staff monitors earnings calls and other presentations.

Results of Operations, page II-7

 

  1. We note in your September 8, 2015 earnings call, your chief executive officer made reference to verbal commitments from customers to escalate contract prices when oil prices improve. Given the importance of the price of oil on your results, please tell us and consider disclosing in more detail whether such verbal commitments represent a known event. Refer to Item 303(a)(3)(ii) of Regulation S-K and SEC Release No. 33- 8350.

 

As a parting thought, have all the members of your disclosure committee, and in particular the persons involved in drafting and reviewing MD&A, reviewed your earnings calls as part of their process? (And yes, the second comment is one of our favorite MD&A topics!)

 

As always, your thoughts and comments are welcome!

Things Are Changing!

By: George M. Wilson & Carol A. Stacey

Two of the provisions of the Dodd Frank Act relating to disclosures by public companies are being considered for change in Washington, DC.

 
Conflict Minerals Disclosures
Acting Chairman Piwowar has directed the Staff to reconsider whether the 2014 guidance on the conflict minerals rule is still appropriate and whether any additional relief is appropriate. You can read his announcement including his formal statement and information he gathered on a trip to Africa here.

 
Resource Extraction Payment Rule
Congress has begun the process of revoking the Resource Extraction Payments provisions of the Act. The House passed this provision earlier and the Senate voted to revoke the provision Friday, February 3, 2017. You can read about the Senate vote here.

 

As always your thoughts and comments are welcome!

When Disclosure Obligations Reach Beyond Financial Reporting

By: George M. Wilson & Carol A. Stacey

Good accounting requires good communication. Many times information that is well-removed from the financial reporting and accounting functions has impacts on the financial statements or other parts of the SEC reporting process, especially MD&A. The Sarbanes Oxley Act built on the internal accounting controls guidance in section 13(b) of the FCPA Act in expanding the evaluation, audit and reporting requirements for internal control over financial reporting, or ICFR, and creating the concept of disclosure controls and procedures, or DCP.

A recent enforcement action brings home, at this important year-end time, the importance of effective disclosure controls throughout the company, with perhaps redundant controls that search beyond traditional financial reporting functions for issues that may impact the financial statements or require disclosure in other parts of a periodic report. It reinforces the idea that responsibility for disclosure is a company-wide obligation, and that companies need to build reliable infrastructures to ensure that investors receive all of the information they are supposed to receive.

ICFR and its related requirements have been part of the reporting process for decades. ICFR is formally defined in Exchange Act Rule 13(a)-15 as:

a process designed by, or under the supervision of, the issuer’s principal executive and principal financial officers, or persons performing similar functions, and effected by the issuer’s board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles and includes those policies and procedures that:

(1) Pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the issuer;

(2) Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the issuer are being made only in accordance with authorizations of management and directors of the issuer; and

(3) Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the issuer’s assets that could have a material effect on the financial statements.

ICFR is all about the financial statements and that of course includes all of the relevant disclosures in the footnotes to the financial statements.

Here is how SOX expanded this process and formally defined disclosure controls in Exchange Act Rule 13(a)-15:

For purposes of this section, the term disclosure controls and procedures means controls and other procedures of an issuer that are designed to ensure that information required to be disclosed by the issuer in the reports that it files or submits under the Act (15 U.S.C. 78a et seq.) is recorded, processed, summarized and reported, within the time periods specified in the Commission’s rules and forms. Disclosure controls and procedures include, without limitation, controls and procedures designed to ensure that information required to be disclosed by an issuer in the reports that it files or submits under the Act is accumulated and communicated to the issuer’s management, including its principal executive and principal financial officers, or persons performing similar functions, as appropriate to allow timely decisions regarding required disclosure.

What is clear in this definition is that DCP relates to the entire report, not just the financial statements. And, both ICFR and DCP are relevant to the financial statements.

The terms “accumulate and communicate” are particularly relevant for this case. DCP clearly applies to the concept of a known trend in MD&A, which may not be relevant to the financial statements. It also applies to information that may be relevant to accounting for contingencies, even when that information is in an operational area.

In the enforcement case mentioned above the company paid “a $1 million penalty to settle charges that deficient internal accounting controls prevented the company from properly assessing the potential impact on its financial statements of a defective ignition switch found in some vehicles.” Further,

“[t]he SEC’s order finds that the company’s internal investigation involving the defective ignition switch wasn’t brought to the attention of its accountants until November 2013 even though other (company) personnel understood in the spring of 2012 that there was a safety issue at hand. Therefore, during at least an 18-month period, accountants at the (company) did not properly evaluate the likelihood of a recall occurring or the potential losses resulting from a recall of cars with the defective ignition switch.

This case clearly addressed accounting for contingencies and the related GAAP disclosures. In other situations there may not be a contingency disclosure, but there could be a known trend in MD&A. Both are relevant issues as we work through year-end. What this all builds to is that the disclosure process, including both ICFR and DCP, has to reach beyond the information required for financial statement reporting.

It is all about communication! And this might be a good time to communicate this issue to your disclosure committee and all the parts of your organization.

As always, your thoughts and comments are welcome!

Whistleblower Reminders

By: George M. Wilson & Carol A. Stacey

 

On December 19 and 20, 2016, as a year-end reminder, the SEC’s Enforcement Division announced two more cases to emphasize that companies MUST NOT do anything to impede employees from blowing the whistle.

You can find a lot more background about this issue in this post.

In the first case NeuStar Inc. paid a fine of $180,000 for putting restrictive language in severance agreements.

The SEC found that NeuStar was “routinely entering into severance agreements that contained a broad non-disparagement clause forbidding former employees from engaging with the SEC and other regulators ‘in any communication that disparages, denigrates, maligns or impugns’ the company.” The agreements were structured harshly. Departed employees would lose all but $100 of their severance pay if they violated the agreement. This language impeded at least one former employee from contacting the SEC.

In the second case Oklahoma City-based SandRidge Energy Inc. agreed to pay a fine of $1.4 million. Even though the company reviewed their severance arrangements several times after new Dodd/Frank rules were put in place, they continued to include language “restricting” former employees from blowing the whistle to regulators.

The SEC found that “SandRidge fired an internal whistleblower who kept raising concerns about the process used by SandRidge to calculate its publicly reported oil-and-gas reserves.”

The message is clear – Don’t try to limit a former employee’s ability to blow the whistle! Instead, take steps to investigate the matter!

As always, your thoughts and comments are welcome!

IPO’s – Getting Ready and Keeping Up

By: George M. Wilson & Carol A. Stacey

If you are contemplating an IPO or advising companies in this process, PLI’s “Securities Offerings 2017: A Public Offering: How it is Done” will provide you with valuable knowledge and how-to tools about the IPO process. The program simulates an offering from start to finish, builds a foundation in the law and SEC guidance, and walks through each step in the process. The program is on March 3, 2017 and you can learn more here.

The program also includes up to 2 hours of ethics credit (see program page on www.pli.edu for credit by state).

Why, Oh Why, Is It Always Segments?

By: George M. Wilson & Carol A. Stacey

If you have been involved with SEC reporting for more than say, five minutes, you have heard about or discussed with someone the SEC’s focus on operating segments. Segment related disclosures are included in several Form 10-K Items, including:

Item 1 – Description of the business,

Item 2 – Properties,

Item 7 – MD&A, and of course

Item 8 – Financial Statements.

Almost every SEC conference or workshop addresses the importance of segment disclosures.

The latest segment “message” from the SEC is in the November 7, 2016 Accounting and Auditing Enforcement Release dealing with PowerSecure.

It is the same familiar message we heard in the Sony case in 1998 and the PACCAR case in 2013. When companies avoid making proper GAAP disclosures for operating segments to try and bury problems in one part of a business with profits from another part of their business, trouble will result.

In the “classic” Sony case the company used profits from its music business to mask problems in its movie business. This case also has a great known trend disclosure problem and becomes an almost scary “double trouble” example. To escalate this case to “triple trouble” the SEC also made it clear that Sony’s assignment of MD&A to the IR manager was not appropriate by naming that person in the case and forcing Sony to reassign this responsibility to the CFO. With all that was going on with Sony the SEC went so far as to require the company to engage its auditors to “examine” MD&A. Surprisingly, under the attest standards, auditors can issue a full opinion report on MD&A!

In the PACCAR case problems in new truck sales were hidden with profits from truck parts sales. This SEC Complaint includes a very detailed summary of the operating segment disclosure requirements, discussing in detail how PACCAR’s management viewed the business and how, in the SEC’s judgement, PACCAR was not following the GAAP requirements. It includes this language:

“However, in reporting its truck and parts results as a single segment, PACCAR did not provide investors with the same insight into the Company as PACCAR’s executives.”

This story line repeats in PowerSecure. For the periods in question PowerSecure reported one segment when that was not how management actually viewed the business:

“PowerSecure also misapplied ASC 280 by concluding that its CODM – who was determined to be the Chief Executive Officer (“CEO”) – did not regularly review operating results below the consolidated level to make decisions about resource allocations and to assess performance. This was inconsistent with the way in which the CEO regularly received, reviewed, and reported on the results of the business and how the company was structured. On a monthly basis, the CEO received financial results that reflected a measure of profitability on a more disaggregated level than the consolidated entity. Further, on a quarterly basis, the CEO met with each business unit some of the business unit leaders had business unit level budgets and forecasts and received incentive compensation based, at least in part, upon the results of their business unit.“

The message is clear, don’t use segments to try and hide problems! As a last reminder, don’t forget that these disclosure requirements may go to an even lower level than operating segments in MD&A. Regulation S-K Item 303 makes this clear:

“Where in the registrant’s judgment a discussion of segment information or of other subdivisions of the registrant’s business would be appropriate to an understanding of such business, the discussion shall focus on each relevant, reportable segment or other subdivision of the business and on the registrant as a whole.”

As always, your thoughts and comments are welcome!

 

Third Annual Form 10-K Tune-Up

As you draft your annual Form 10-K it is always a challenge to be sure that you deal effectively with new and emerging issues and the ever-evolving focus areas of the SEC. Register for our January 23rd One Hour Briefing, Form 10-K Tune-Up. Review the key issues to address in this year’s Form 10-K, including the latest in SEC Staff comments about non-GAAP measures; new accounting standards, revenue recognition, leases and financial instruments.

http://www.pli.edu/Content/Seminar/Third_Annual_Form_10_K_Tune_Up_/_/N-4kZ1z10jog?Ns=sort_date%7c0&ID=301955

Disclosure Effectiveness – The Saga Continues

By: George M. Wilson & Carol A. Stacey

A not so long, long time ago (OK, sorry Arlo Guthrie), and over a very reasonable period, the SEC began its Disclosure Effectiveness initiative. As you have likely heard (and can read about here), the Staff has sought comment and feedback about a variety of issues, including a lengthy release dealing with Regulation S-K and another dealing with various “financial statements of others” requirements in Regulation S-X.

The latest disclosure simplification development is a 26-page Staff report required by the FAST Act titled “Report on Modernization and Simplification of Regulation S-K”. It addresses a variety of areas ranging from properties to risk factors. Included are several interesting ideas such as requiring year-to-year comparisons in MD&A for only the current year and prior year and including hyperlinks to prior filings for prior comparisons.

The report is a thoughtful and interesting step in this challenging process.

As always, your thoughts and comments are welcome!

Tone at the Top, History and COSO

By: George M. Wilson & Carol A. Stacey

 

First, a quick warning before you read this post. One of the authors of this post spent nine years teaching at a university which had one of the few undergraduate business programs in the country with a required course in business ethics. This post is perhaps a bit preachy!

We have seen some distressing examples in the news lately of organizations acting unethically. If you were around during the early 2000s these events evoke a strong feeling of déjà vu. The similarities in the “tone at the top” of the organizations in the news today compared to the tone at the top in the companies involved in the pre-SOX waves of fraud (such as WorldCom and Enron) is eerie!

In all of these frauds, the roots of unethical conduct which harmed shareholders were at the top of the organizations.

History, as it always seems to do, is repeating itself. Eventually defective tone at the top will always result in trouble and distress for the organization and investors. (Yes, that was one of the preachy parts!)

All this makes it seem like a great time to review a key element in the foundations of internal control, the control environment. Here is an excerpt from the Executive Summary of the 2013 COSO Framework:

 

“Control Environment

The control environment is the set of standards, processes, and structures that provide the basis for carrying out internal control across the organization. The board of directors and senior management establish the tone at the top regarding the importance of internal control including expected standards of conduct. Management reinforces expectations at the various levels of the organization. The control environment comprises the integrity and ethical values of the organization; the parameters enabling the board of directors to carry out its governance oversight responsibilities; the organizational structure and assignment of authority and responsibility; the process for attracting, developing, and retaining competent individuals; and the rigor around performance measures, incentives, and rewards to drive accountability for performance. The resulting control environment has a pervasive impact on the overall system of internal control. “

Building an effective control environment starts at the top of an organization with the executive leadership, board and Audit Committee. If the people in these roles place financial performance before integrity, if their attitude is about accomplishing objectives at whatever the cost, that is poison in the control environment.

Understanding, assessing and evaluating tone at the top and the other elements of the control environment is not easy.

In a telecom company where the message from the CEO is to make the numbers at any cost is there any surprise that the end result is one of the largest financial reporting frauds ever? Or that the fraud was carefully crafted to avoid detection by the auditors? And, when the perpetrators of the fraud are the leaders of the organization, who have the power to punish anyone who might call out the tone at the top issues, is it any wonder that it is easy for them to conceal the corruption in the control environment? Is it any surprise that the courageous internal auditors who eventually called out the fraud actually had to conduct their investigation in secret and at times wondered if they should be afraid for their lives?

 

In an energy trading company where the CFO was behind hidden issues involving off-balance sheet arrangements that were not on the up-and-up, is it any wonder that the first person to really escalate the issue did so in an anonymous letter?

 

In a bank where not making sales goals resulted in your termination, is there any surprise when rules are bent? Is there any surprise when people are fired when they attempt to raise the issue to their managers?

 

As another example, check out this 10-K for Hertz which includes a major restatement. In the “Explanatory Note” at the beginning of the document you will find this language:

 

As of December 31, 2014, we did not maintain an effective control environment primarily attributable to the following identified material weaknesses:

Our investigation found that an inconsistent and sometimes inappropriate tone at the top was present under the then existing senior management that did not in certain instances result in adherence to accounting principles generally accepted in the United States of America (“GAAP”) and Company accounting policies and procedures. In particular, our former Chief Executive Officer’s management style and temperament created a pressurized operating environment at the Company, where challenging targets were set and achieving those targets was a key performance expectation. There was in certain instances an inappropriate emphasis on meeting internal budgets, business plans, and current estimates. Our former Chief Executive Officer further encouraged employees to focus on potential business risks and opportunities, and on potential financial or operating performance gaps, as well as ways of ameliorating potential risks or gaps, including through accounting reviews. This resulted in an environment which in some instances may have led to inappropriate accounting decisions and the failure to disclose information critical to an effective review of transactions and accounting entries, such as certain changes in accounting methodologies, to the appropriate finance and accounting personnel or our Board, Audit Committee, or independent registered public accounting firm.

 

This is another example of a fraud with its roots in tone at the top.

When frauds escalate to a material level there is a reasonable likelihood that it started with a problem with tone at the top, with the control environment.

So, where does all this lead? Assessing tone at the top is not easy. And a poisoned control environment will do everything it can to protect itself. The leaders of an organization with a defective control environment will use the power they wield to keep others from exposing the problem. Perhaps more protections for whistleblowers are a good thing in this regard. Tools to measure ethical behavior in an organization are difficult to find, subjective and imprecise. Enron in fact had a model code of ethics, but having something on paper does not mean that people will live by the code of ethics. The one thing that is clear is that this continues to be a complex area and continues to be at the root of many financial reporting frauds. We all need to focus on this area and work to develop a better understanding and better tools to assess the control environment.

We all need to focus on tone at the top and ethical behavior. Yes, it is not easy to measure, it is not easy for an outsider to observe, but it is clearly crucial to effective ICFR!

 

As always, your thoughts and comments are welcome!

 

 

Year-End Planning – More or Less Concluded – Keeping Up with SEC Focus Areas

By George M. Wilson & Carol A. Stacey

In recent weeks we have been posting about areas to deal with in advance of year-end. So far we have addressed:

Issues in the Statement of Cash Flows

Evaluating and Auditing ICFR

The New Item 16 Form 10-K Summary

Recently Issued Accounting Standards and a Few Example Comments

SAB 74/Topic 11-M – News from the SEC at the September EITF Meeting

Disclosure Effectiveness

Should You Consider Any Issues for OCA Consultation?

A Year End Planning Detail – No More Mailing the ARS to the SEC!

Three Years of Fun – Planning the “Big Three” New FASB Statement Transitions

 

As we are getting ever closer to year-end this is also a good time to proactively review areas where financial reporting problems frequently occur and take steps to assure we have all the “i’s” dotted and “t’s” crossed in these areas.

Unusually complex accounting issues, difficult estimates and sensitive disclosures all become the focus of SEC comments. This is not because the Staff thinks they are important in and of themselves, but rather because these are areas where the Staff frequently uncovers problems in the comment process. Clearly if we do not deal with them appropriately, they involve risk of restatement and amendment.

There are a variety of ways you can keep up with the CorpFin Staff’s frequent comment areas. Every year at our Annual Reporting Forums in November and December, our Conference for Mid-Size and Smaller Companies in September and our Mid-Year Programs in May and June current and former Staffers discuss the areas where they have concerns.

Here is the list from our most recent programs:

  • Segments
  • Statement of Cash Flows
  • Income Taxes
  • Consolidation
  • Business Combinations
  • Fair Value
  • Goodwill
  • Revenue Recognition
  • Non-GAAP Measures & Metrics
  • Internal Control over Financial Reporting

Beyond hearing from the Staff and those in the know, many organizations research comment letters and summarize the areas and frequency of comments within these areas.   You can find these summaries on the web pages for most of the national CPA firms. Here are links to some of them:

EY SEC Comments and Trends

Deloitte’s SEC Comment Letter Series

PWC’s SEC Comment Letter Trends

Other companies build databases of comments which can be researched by comment area, CorpFin Office and even by reviewer. Two companies who sell these kinds of tools are Audit Analytics and Intelligize. However, remember the Staff’s caution that their comments are fact-specific to each registrant and you should never cut and paste from another letter.

If you have any other good sources of information about these issues, please leave them in a comment to this post, and, as usual, your thoughts and comments are welcome!