3. Improved
transparency &
flow of info
Federal law binds
all public
corporations
Enacted 2002,
guidance in 2004,
2007, …
Achange in US business practice
SARBANES-OXELY ACT
Reacting to major corporate and accounting scandals, U.S. Govt. enacted
extensive rules, particularly for public companies, with respect to enhanced
financial disclosure, corporate governance, internal controls and auditing.
4. Management
accountability
Auditor
independence
Record
requirements
New Rule-Book for Public Co.’s
SARBANES-OXELY ACT
Administration records must be accurately stored and available to management
and auditors alike, particularly further to reporting on a corporation's internal
control of financial reporting.
SOX imposed stricter rules on auditors and made corporate directors criminally
liable for false/inaccurate statements about company accounts.
5. Reforms to enhance corporate
responsibility and fight
corporate & accounting fraud
5
As part of obligations under the Sarbanes-Oxley Act, every quarter, subsidiaries
of U.S. public companies should certify that he or she has operated in
compliance.
It is an important reminder that we are all responsible for the overall health of the
company.
In turn, company executives can make the proper representations in quarterly
Sarbanes-Oxley certification letters issued to the Securities Exchange
Commission on behalf of the company.
SARBANES-OXELY ACT
7. Governing legislation for U.S.
financial market regulation
TRUST INDENTUREACT OF1939
SECURITIESACT OF1933
SECURITIES EXCHANGEACT OF1934
created the Securities Exchange Commission
(section 4 of the Act / 15 U.S.C. § 78d)
INVESTMENT COMPANYACT OF 1940
INVESTMENTADVISERSACT OF1940
DODD-FRANK WALLSTREET REFORMAND CONSUMER
PROTECTIONACT OF2010
SARBANES-OXELY ACT OF 2002
aka the Public Accounting Reform and Investor Protection Act,
Or the Corporate and Auditing Accountability and Responsibility Act
Laws central to the governance of financial market players and regulatory powers of the Securities Exchange Commission
7
8. DEFINING A ‘PUBLIC COMPANY’
a limited liability company that offers its securities for sale to the general public.
FINANCIAL & CAPITAL MARKETS
Securities refers to stocks and bonds traded in financial and capital markets. In the
U.S., stock refers to shares of a particular corporation (company) and all related
trade and activity is regulated by the SEC (Securities Exchange Commission).
VERIZON Communications Inc.,
A Public Corporation, and …
8
9. SECURITIES& EXCHANGE
COMMISSION (SEC)
A U.S. government board, consisting of five members, charged with
regulating the public offer and sale of securities (stocks and bonds).
9
v
The SEC has a three-part
mission:
(i) to protect investors;
(ii) maintain fair, orderly &
efficient markets; and
(iii) facilitate capital formation.
To achieve its mandate, the SEC enforces statutory requirement that public
companies submit quarterly and annual reports, as well as other periodic
reports.
10. U.S. REGULATION OF PUBLIC
CO’S & FINANCIALMARKETS
10
Parent
(Public)
Inc.
(Issuer)
SECURITIES
REGULATION
As an “issuer” of securities,
Verizon Communications
Inc. is regulated by the
SEC.
Stocks
Bonds
(issue)
SEC
Securities
and
Exchange
Commission
Financial Markets
Stock and Options
Exchanges
Electronic securities
Stocks
Bonds
(issue)
Stockholders/Bondholders
11. CORPORATEAUDITORS
UNDERPCAOB SCRUTINY
Current accounting rules
apply to off-balance sheet
financing under the U.S.
General Acceptable
Accounting Principles
(GAAP) and International
Financial Reporting
Standards (IFRS).
Established by the SOX Act 2002, the Public Company
Accounting Oversight Board (PCAOB) became the primary
regulator of audits of publicly traded companies.
11
SOX reforms increased independence of professional auditors
carrying out audits on U.S. public corporations.
The PCAOB has a supervisory role over independent auditors.
12. U.S. REGULATION OF PUBLIC
CO’S & FINANCIALMARKETS
12
Parent
(Public)
Inc.
(Issuer)
Aol,
Inc.
SECURITIES REGULATION
As an “issuer” of securities,
Parent (Public) Inc. is
regulated by the SEC and
required to appoint an
auditor, which is regulated by
the PCOAB.
Stocks
Bonds
(issue)
PCAOB
Public Company Accounting
Oversight Board
SEC
Securities
and
Exchange
Commission
Financial Markets
Stock and Options
Exchanges
Electronic securities
Stockholders/Bondholders
Stocks
Bonds
(issue)
Independent Auditor
14. SIGNIFICANT REQUIREMENTS
UNDERSOX COMPLIANCE
Managers have responsibility:
• to maintain and assess the effectiveness of
a sound internal-control structure for
financial reporting
Auditors have responsibility:
• to certify the soundness of this assessment
by management and report on the state of
the overall financial control system 14
AIMS OF SOX COMPLIANCE
REQUIREMENTS
• Restore investor confidence
• Improve reliability of financial reporting
CHANGES FOR SENIOR
CORPORATE OFFICERS
• Role of General Counsel has increased
due to SOX compliance, requiring
General Counsel to work in tandem with
the Chief Compliance Officer
• Role of Chief Compliance Officer has
expanded
MOST BURDENSOME
REQUIREMENT – SECTION 404
15. FINANCIALREPORTS, ONUSON
CORPORATE BOARD
15
CERTIFIED STATEMENT BY CEO
The Chief Executive Officer must submit a
written statement alongside periodic financial
reports certifying that such report “fairly
presents in all material respects, the financial
condition and results of operations of the
issuer”, and fines and/or criminal liability may
attach for failure to do so [Section 906].
SAFE HARBOUR FOR WHISTLEBLOWERS
Similar penalties apply for any act of retaliation
against whistleblowers who provide law
enforcement with true information relating to a
SOX investigation [Section 1107]. (see also Dodd-
Frank Act)
CRIMINAL SANCTIONS FOR FAILURE TO
COMPLY
Criminal penalties apply for altering,
destroying, mutilating, concealing, falsifying
records, documents or tangible objects with
the intent to obstruct, impede or influence a
legal investigation, as well as violation of the
requirement to maintain all audit and review
papers.
17. BOARD RESPONSIBILITY
FOR FINANCIAL REPORTS
FINANCIAL REPORTING
• Reporting must include a list of all deficiencies in the internal controls and
information on any fraud that involves employees who are involved with
internal activities;
• Disclosure in reporting must include any significant changes in internal
controls or related factors that could have a negative impact on the internal
controls;
• Organizations cannot attempt to avoid these requirements by
reincorporating their activities or transferring their activities outside of the
United States.
FINANCIALREPORTING
17
18. BOARD RESPONSIBILITY
FOR FINANCIAL REPORTS
ASSESS SCOPE, ADEQUACY
& EFFECTIVENESS
18
ASSESSMENT BY MANAGEMENT
Section 404 imposes the requirement of management assessment of the scope,
adequacy and effectiveness of internal controls and publishing such findings in
the annual reports.
The registered accounting firm preparing financial reports must also attest to and
report on the effectiveness of internal control structures and procedures for financial
reporting.
19. BOARD RESPONSIBILITY
FOR FINANCIAL REPORTS
SECTION 404 OBLIGATIONS ON MANAGEMENT
In determinations of the scope, adequacy and effectiveness of internal controls both
management and accountants must:
• Assess both the design and operating effectiveness of selected internal
controls related to significant accounts and relevant assertions, in the context of
material misstatement risks;
• Understand the flow of transactions, including IT aspects, sufficient enough to
identify points at which a misstatement could arise;
• Evaluate company-level (entity-level) controls;
• Perform a fraud risk assessment;
• Evaluate controls designed to prevent or detect fraud, including management
override of controls;
• Evaluate controls over the period-end financial reporting process;
• Scale the assessment based on the size and complexity of the company;
• Rely on management's work based on factors such as competency, objectivity,
and risk;
• Conclude on the adequacy of internal control over financial reporting.
SECTION 404 OBLIGATIONS
ON MANAGEMENT
19
21. REALTIME REPORTING
21
You must
tell us
now!
REAL TIME REPORTING
According to Section 401, disclosure in periodic reports
must include all material off-balance sheet liabilities,
obligations or transactions.
REAL TIME DISCLOSURES
Section 409 imposes an obligation on the corporation
as an issuer to make real-time disclosures of
information on material changes in the financial
condition or operations, as a matter of urgency and
presented in easy-to-understand terms and
supported by trend and qualitative information of
graphic presentation where appropriate.
23. WHAT IMPLICATIONS DO SOX REQUIREMENTS
HAVE ON AOL TECHNOLOGIES (IRELAND) LTD.?
SOX requirements apply to:
• (i) all publicly-held American
companies
• (ii) any international companies
that have registered equity or
debt securities with U.S.
Securities and Exchange
Commission [SEC]
• (iii) any accounting firm or
other third party that provides
financial services to either of
the former.
DO SOX
RULES IMPACT DUBLIN?
23
US Subsidiary
Inc.
Parent (Public) Inc.
Subsidiary
(Ireland)
Ltd.td.
24. WHAT IMPLICATIONS DO SOX REQUIREMENTS
HAVE ON U.S. PUBLIC COMPANY SUBSIDIARIES?
INDIRECT REACH OF SOX COMPLIANCE
No direct obligations are binding on the Ireland subsidiary entity because no filing
to the Securities Exchange Commission is required.
The Ireland subsidiary’s U.S. parent corporation (which is required to file with the
Securities Exchange Commission), however, is required to assess the
effectiveness of internal controls within its Ireland subsidiary.
The role of sales compliance and related reporting directly facilitates the U.S.
parent corporation in meeting its requirements under SOX law, principally
making filings with the Securities Exchange Commission.
DO SOX
RULES IMPACT DUBLIN?
25. U.S. REGULATION OF PUBLIC
CO’S & FINANCIALMARKETS
25
Parent
(Public)
Inc.
(Issuer)
U.S.
subsidiary,
Inc.
Ireland
subsidiary Ltd. SECURITIES REGULATION
As an “issuer” of securities, a Public corporation is
regulated by the SEC and required to have
independent auditors, which in turn are scrutinized
by the PCOAB.
Stocks
Bonds
(issue)
PCAOB
Public Company Accounting
Oversight Board
SEC
Securities
and
Exchange
Commission
Financial Markets
Stock and Options
Exchanges
Electronic securities
Independent Auditor
26. REPORTING ONUSTRICKLES
DOWN TO SUBSIDIARIES
26
Periodic Reporting
including: material off
balance sheet transactions SEC
Securities
Exchange
Commission
Parent
(Public)
Co.
Inc.
REACH OF SOX COMPLIANCE
Not direct obligations on Ireland subsidiary ltd.,
because no filing to the Securities Exchange
Commission is required.
However, the U.S. parent of Ireland subsidiary ltd.,
U.S. subsidiary Inc. (which is required to file with the
Securities Exchange Commission if a public
corporation) must assess the effectiveness of
internal controls within its Ireland subsidiary.
U.S.
subsidiary
Inc.
Ireland subsidiary Ltd.
27. INFORMATION SOURCED
FROM SHAREDSERVICES
27
Parent
(Public)
Inc.
US
Inc.
Ireland
subsidiary
Ltd.
DISCLOSURE IN
PERIODIC REPORTS
All material off-balance
sheet liabilities, obligations
or transactions must be
disclosed in periodic reports
submitted to the SEC
(Securities Exchange
Commission) in accordance
with Section 401
Stockholders/Bondholders
Stocks
Bonds
(issue)
Stocks
Bonds
(issue)
Financial Markets
Periodic Reporting
Audit Reporting
Stockholder
Reporting
Independent Auditor
SEC
Securities
Exchange
Commission
28. INFORMATION SOURCED
FROM SHAREDSERVICES
28
Parent
(Public)
Inc.
What are
subsidiaries
doing?
How many deals
have we closed
in EU markets?
How many
deals have we
collected in EU
markets?
U.S.
subsidiary
Inc.
Ireland
subsidiary Ltd.
Deal
Management
Team
Billing/
Collections
Teams
29. CLOSED CONTRACTS =
OFF-BALANCE SHEETASSETS
Generally, an item should appear on the company's balance sheet if it is
an asset or liability that the corporation owns or is legally responsible for.
29
All
promises
topay
mustbe
recorded
Current accounting rules apply to off-balance sheet financing under the U.S.
General Acceptable Accounting Principles and International Financial Reporting
Standards.
30. REPORTING ONUSTRICKLES
DOWN TO SUBSIDIARIES
30
Periodic Reporting
including: material off
balance sheet transactions
SEC
Securities
Exchange
Commission
Parent
(Public)
Inc.
U.S.
subsidiary
Inc.
Ireland subsidiary Ltd.
32. MARKET
EXPECTATIONSFinancial markets are driven on forecasting and expectations
• Stockholders are constantly prospecting on the future performance and health of
the corporation.
• An important indicator of such performance and health is off-balance sheet
assets, e.g. sales which have not been fully closed / collected.
• Therefore, sales compliance is carrying out an important reporting function, as
well as compliance function.
• In fact, sections 404 plus 409 of the SOX Act together address real-time
reporting, including the sales compliance function of reporting ‘closed but not
collected’ sales. 32
+ =
33. M&ASOXINTEGRATIONSOX compliance can be an issue when integrating new entities
resulting from M&A acquisitions
• Complex factors for such integration have propensity to result in divergence
between actual and reported performance.
• An unintended consequence and benefit of implementing documentation efforts
is increased employee understanding of operations, how they are accomplished
and how they might be improved.
33
34. PERCEIVED
VS.
ACTUAL
"A lot of steps we assumed were
being taken -account reconciliations
and interest calculations and data
integrity checks- actually weren't"(PepsiCo)
34
PERSONAL ATTESTATIONS
Sections 302 and 404 require CEOs and CFOs attest
personally to the effectiveness of internal control
systems for financial reporting (and Section 906
attaches criminal liability for 'willful failure' to portray the
true condition of the company's finances and
operations).
INDEPENDENT AUDITOR
Section 404 mandates an independent auditor to attest
each year to the company's evaluation of its controls.
(The auditor is expected to assess the documentation
of controls and procedures as well as how competently
employees perform the control activities for which they
are responsible.)
PCAOB
https://pcaobus.org/Pages/default.aspx
The Public Company Accounting Oversight Board is a
non-profit corporation established by Congress to
protect investors and the public interest by promoting
informative, accurate, and independent audit reports
and to oversee the audits of public companies and
broker-dealers.
BEST PRACTICE
Responsibility for internal controls to be assigned to a
“sufficiently high level” person possessing “adequate
resources” to implement the system and periodic
reviews to uncover errors and wrongdoing.
SARBANES-OXLEY ACT 2002
http://www.soxlaw.com/
COMMITTEE OF SPONSORING
ORGANIZATIONS OF THE
TREADWAY COMMISSION
The COSO is a joint initiative of the five private sector
organizations listed on the left and is dedicated to providing
thought leadership through the development of frameworks
and guidance on enterprise risk management, internal control
and fraud deterrence.
http://www.coso.org/