Thursday, May 31, 2007

White Paper Published on SEC-PCAOB Internal Control Reform

By James Hamilton, J.D., LL.M.

The SEC-PCAOB guidance, rules, and standard reforming Sec. 404 internal control over financial reporting is the most significant reform of regulation under Sarbanes-Oxley since the Act was passed in 2002. I have prepared a white paper on these important reforms.

Tuesday, May 29, 2007

Risk Assessment Key to SEC-PCAOB Top-Down Approach to Internal Controls

The top-down approach to internal controls favored by the new SEC-PCAOB regime heavily relies on risk assessment, with the Board’s new Auditing Standard No. 5 requiring risk assessment at each of the decision points in a top-down approach. In fact, risk assessment underlies the entire audit process mandated by the new standard, including the determination of significant accounts and disclosures and relevant assertions, the selection of controls to test, and the determination of the evidence necessary for a given control.

AS5 defines relevant assertions as those financial statement assertions that have a reasonable possibility of containing a misstatement that would cause the financial statements to be materially misstated.

In the Board’s view, focusing auditor attention on the areas of greatest risk is likely to produce a more effective audit and substantially decrease the opportunity for a material weakness to go undetected. The proper use of risk assessment also enhances audit efficiency because the auditor does not spend time testing controls that, even if deficient, would not present a reasonable possibility of material misstatements in the financial statements.

Moreover, a direct relationship exists between the degree of risk that a material weakness could exist in a particular area of the company's internal controls and the amount of audit attention that should be devoted to that area. In addition, the risk that a company's internal controls will fail to prevent or detect misstatement caused by fraud usually is higher than the risk of failure to prevent or detect error. Auditors should focus more of their attention on the areas of highest risk.

Under the top-down approach embodied in AS5, the auditor is required to test those controls that address the assessed risk of misstatement to each relevant assertion. These are the most important controls to test.

When using a top-down approach, the auditor identifies the controls to test by starting at the top, which is the financial statement and the entity-level controls. A top-down approach first begins at the financial statement level and with the auditor's understanding of the overall risks to internal controls. Note that the top-down approach describes the auditor's sequential thought process in identifying risks and the controls to test, not necessarily the order in which the auditor will perform the auditing procedures.

The auditor next focuses on entity-level controls and works down to significant accounts and disclosures and their relevant assertions. This approach directs the auditor's attention to accounts, disclosures, and assertions that present a reasonable possibility of material misstatement to the financial statements. Auditors must then verify their understanding of the risks in the company's processes and select for testing those controls that sufficiently address the assessed risk of misstatement to each relevant assertion.
SEC-PCAOB Reform of Internal Control Reporting Has Many Elements

The SEC’s management guidance, rules, and the PCAOB’s new audit standard No. 5, have reformed the internal control reporting system by:
  • Focusing the audit on the matters most important to internal control by directing the auditor to test the most important controls
  • Adopting a flexible principles-based system reliant on professional judgment
  • Eliminating the requirement that the auditor evaluate management’s process
  • Scaling the audit for smaller companies
  • Aligning SEC regulations with the PCAOB standard
  • Eliminating the principal evidence provision to allow more reliance on the work of others
  • Redefining material weakness upward
  • Requiring audit committee pre-approval of non-audit internal control services
  • Placing the main testing focus on entity or company level controls
  • Requiring auditors to assess the risk of fraud when planning the audit
  • Reducing the number of walkthroughs while preserving quality
  • Integrating internal control and financial statement audits
  • Requiring risk assessment at each of the decision points in a top-down approach
  • Testing controls important to assessing the risk of financial statement misstatement
  • Allowing a risk-based approach for auditing multiple corporate locations
  • Allowing auditors to use knowledge obtained during past audits
  • Refocusing internal controls to prevent material misstatements in financial statements

Monday, May 28, 2007

New Internal Control Standard Has Testing Principles

With regard to the PCAOB's new audit standard for internal control over financial reporting, AS5, I have gleaned the below maxims or general principles with regard to the testing of internal controls.

· A conclusion that a control is not operating effectively can be supported by less evidence than a conclusion that it is effective.
· Re-performance of a control is greater evidence of effectiveness than observation, inspection of documentation, or inquiry.
· Inquiry alone cannot provide enough evidence to support a conclusion on a control’s effectiveness.
· Documentary evidence of the operation of some controls, such as management’s philosophy, might not exist.
· Testing controls over a greater period time provides more evidence of effectiveness.
· Testing controls closer to the date of management’s assessment provides more evidence than testing earlier in the year
· The more extensively a control is tested, the greater the evidence obtained from that test.

Sunday, May 27, 2007

Audit Committee Must Pre-Approve Non-Audit Internal Control Services

As part of the massive internal control reforms, the PCAOB adopted a rule requiring the auditor to obtain pre-approval from the audit committee for the performance of any non-audit internal control services. The Sarbanes-Oxley Act requires audit committee pre-approval of all non-audit services that the auditor proposes to perform for the client company.

Rule 3525 implements this pre-approval requirement by requiring auditors to
take certain steps as part of seeking audit committee pre-approval of internal control related non-audit services. These steps are intended to ensure that audit committees are provided the information they need to make an informed decision on how the performance of internal control-related services may affect the auditor’s independence. The rule must still be approved by the SEC.

Specifically, the auditor seeking pre-approval to perform non-audit internal control services would have to:

• Describe, in writing, to the audit committee the scope of the proposed
service;
• Discuss with the audit committee the potential effects of the proposed
service on the firm's independence; and
• Document the substance of the firm's discussion with the audit committee.

These requirements parallel the auditor's responsibility in seeking audit committee pre-approval to perform tax services for an audit client under PCAOB Rule 3524 and are codified, like that rule, as part of the Board's rules on ethics and independence.

Consistent with the tax service pre-approval rule, Rule 3525 does not specify that the pre-approval must be specific. Instead, the rule is neutral as to whether an audit committee pre-approves a non-audit service on an ad hoc basis or on the basis of policies and procedures.

Many companies have adopted policies providing for pre-approval in annual audit committee meetings. And the Board understands that such an annual planning process can include as robust a presentation to the audit committee as a case-by-case pre-approval process. Thus, Rule 3525 is flexible enough to accommodate either system and encourages auditors and audit committees to develop systems tailored to the needs and attributes of the company.

A Note to Rule 3525 explains the general standard of auditor independence, and that application of this standard is guided by several principles, including whether auditors assume a management role or audit their own work. The Note further specifies, as an example of the standard’s application, that an auditor would not be independent if management had delegated its duty for internal control to the auditor or if the auditor had designed or implemented the audit client's internal controls.

Friday, May 25, 2007

New PCAOB Standard Allows Auditors to Use the Work of Others and Walkthroughs

Walkthroughs can help auditors understand likely sources of potential misstatements and help in selecting controls to test. While a walkthrough will frequently be the best way of attaining these goals, noted the Board, the auditor's focus should be on the objectives, not on the mechanics of the walkthrough. And in some cases, other procedures may be equal or more effective means of a achieving them.

Under the new AS5, a sound walkthrough envisions the auditor following the transaction from origination through the company’s processes, including information systems, until it is reflected in the company’s financial records, using the same documents and IT that company personnel use. Walkthrough procedures usually include a combination of inquiry, observation, inspection and re-performance of controls. (AS5, paragraph 37)

In performing a walkthrough, at the points at which important processing procedures occur, the auditor questions the company's personnel about their understanding of what is required by the procedures and controls. These probing questions, combined with the other walkthrough procedures, allow the auditor to gain a sufficient understanding of the process and to be able to identify important points at which a necessary control is missing or not designed effectively. Additionally, probing beyond the single transaction used as the basis for the walkthrough allows the auditor to understand the different types of significant transactions handled by the process. (AS5, paragraph 38)

The standard lists a number of objectives that a walkthrough can help attain, including identifying management controls to address potential misstatements or detect or prevent misstatements. Another objective is to understand the flow of transactions related to relevant assertions. (AS5, paragraph 34).

Using Work of Others

AS 5 also allows the outside auditor to use the work of others to obtain evidence about the design and operating effectiveness of controls and eliminates the principal evidence provision. Recognizing that issuers might employ personnel other than internal auditors to perform activities relevant to management's assessment of internal controls, the standard also allows the auditor to use the work of company personnel other than internal auditors, as well as third parties working under the direction of management or the audit committee.

Consistent with the standard’s risk-based approach, the extent to which auditors may use the work of others depends on the risk associated with the control being tested. As the risk decreases, so does the need for auditors to perform the work themselves. Conversely, in higher risk areas, such as controls addressing fraud risks, using the work of others would be limited if such work could be used at all. Similarly, the impact of the work of others on the auditor's work also depends on the relationship between the risk and the competence and objectivity of those who performed the work. As the risk decreases, the necessary level of competence and objectivity decreases as well.

Importantly, AS5 eliminates the principal evidence provision formerly contained in AS2. The principal evidence provision required that the auditor’s own work be the principal evidence for the auditor’s opinion. This provision limited the use of the work of others.

Thursday, May 24, 2007

Definition of Material Weakness Key to SEC-PCAOB Internal Control Regime

The definition of material weakness is a central feature of the reforms because management’s assessment of the company’s internal controls is based on whether any material weaknesses exist. Similarly, the objective of an audit of internal control is to obtain reasonable assurance as to whether material weaknesses exist. The term’s importance is evident from the rule that management is not permitted to conclude that the company’s internal controls are effective if there are one or more unremediated material weaknesses.

The SEC staff has said that it will apply the PCAOB’s definition of material weakness when applying Commission rules. Previously, Auditing Standard No. 2 defined material weakness as a significant deficiency, or combination of significant deficiencies, resulting in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected. Acting on complaints that this definition was confusing and made it difficult to assess the severity of deficiencies, the Board revised the definition in Auditing Standard No. 5.

In AS5, the Board defines a material weakness as a control deficiency, or combination of control deficiencies, such that there is a reasonable possibility that a material misstatement of the company's financial statements will not be prevented or detected on a timely basis. The Board replaced the standard ``more than a remote likelihood’’ with `` reasonable possibility’’ based on its belief that companies and auditors were evaluating the likelihood of a misstatement at a much lower threshold than the Board intended. The new standard should, in the Board’s view, result in the identification of the most important material weaknesses. This is also the definition of material weakness used in the SEC’s management guidance.

PCAOB Adopts New Principles-Based Standard for Internal Control Audit

By James Hamilton, J.D., LL.M.

Working in close alignment with the SEC’s management guidance, the PCAOB has adopted a new auditing standard for internal controls to replace the current prescriptive and rules-based Auditing Standard No. 2. Embodying a principles-based, risk-based approach, the new Auditing Standard No. 5 is designed to increase the likelihood that material weaknesses in internal control will be found before they result in misstatement of a company’s financial statements, while at the same time eliminating unnecessary procedures. The final standard also focuses the auditor on the procedures necessary to perform a high quality audit tailored to the company’s facts and circumstances.

As part of the Board’s commitment to the effective implementation of the new standard, the inspection program will be adjusted to assure that it is consistent with the new standard and its principles-based approach. The PCAOB is also continuing to develop for auditors of smaller public companies tailored guidance for applying the new standard as outlined in its four-point plan of May 2006.

AS5 must still be approved by the SEC. Gordon Seymour, PCAOB General Counsel, has indicated that the Board will submit AS5 to the SEC for approval tomorrow, May 25. And PCAOB Chief Auditor Thomas Ray believes that the SEC will move expeditiously to approve the new standard. He is confident of that based on remarks by SEC officials.

Importantly, the new standard focuses the audit on those areas that present the greatest risk that a company’s internal control will fail to prevent or detect a material misstatement in the financial statements. It does so by focusing on material weaknesses and emphasizing the importance of auditing higher risk areas, such as the financial statement close process and controls designed to prevent management fraud. At the same time, it provides auditors a range of alternatives for addressing lower risk areas, such as by demonstrating how to calibrate the nature, timing and extent of testing based on risk, as well as how to incorporate knowledge accumulated in previous years’ audits into the auditors’ assessment of risk and use the work performed by internal auditors.

The organizing principle of AS5 is the top-down concept, under which the auditor focuses on entity-level controls and works downward, planning the audit so that testing of lower level controls is influenced by the strengths and weaknesses of those above. But it emphasizes that the approach is more one of reasoning than work sequence, and that the auditor needs to use judgment, not follow a roadmap.

The final standard underscores that walkthroughs, the process by which the auditor traces a transaction from cradle to grave through the company’s reporting system, are not an end in themselves, but rather a means to attaining an understanding of likely sources of misstatement. This change reduces the risk that walkthroughs will become just another step that must be performed without much understanding as to why the work is being done.

The new standard also requires the auditor to communicate to the audit committee control deficiencies identified during the audit that are less severe than material weaknesses, but important enough to merit the attention of those responsible for the company’s financial reporting. This replaces the approach in AS No. 2, which relied on the auditor’s ability to make difficult determinations about the application of abstract phrases like “more than remote” and “more than inconsequential” to deficiencies.

Wednesday, May 23, 2007

SEC Adopts Management Guidance on Internal Controls

The SEC has adopted new risk-based, principles-based management guidance for internal control over financial reporting pursuant to section 404 of the Sarbanes-Oxley Act. Section 404, of course, remains unchanged, but the rules and guidance promulgated pursuant to the statute have been reformed in response to concerns that internal controls compliance was overly costly and harmful to the competitiveness of US financial markets. The effective date of the interpretive guidance and adopted rules will be 30 days from their publication in the Federal Register. The full text of the interpretive guidance and rules will be posted to the SEC Web site as soon as possible.

The reforms build on the guidance issued by the SEC in May of 2005. Further, while the SEC incorporated certain sections of the May 2005 staff guidance into the new interpretive guidance, the Commission has emphasized that the staff guidance remains relevant. The PCAOB is slated to adopt a new principles-based internal control standard for auditors tomorrow, which promises to be closely aligned with the guidance.

The Commission's interpretive guidance is centered on two broad principles. The first principle is that management should evaluate whether it has implemented controls that adequately address the risk that a material misstatement in the financial statements would not be prevented or detected in a timely manner. The second principle is that management's evaluation of evidence about the operation of its controls should be based on its assessment of risk.

Under the guidance, management can align the nature and extent of its evaluation procedures with those areas of financial reporting that pose the highest risks to reliable financial reporting (that is, whether the financial statements are materially accurate). As a result, management may be able to use more efficient approaches to gathering evidence, such as self-assessments, in low-risk areas and perform more extensive testing in high-risk areas. By following these two principles, the SEC believes that companies of all sizes and complexities will be able to implement the rules effectively and efficiently.

While commenters sought guidance and illustrative examples in areas such as the identification of controls that address financial reporting risks, including IT general controls, the SEC said that additional specificity and examples would have the negative consequence of establishing bright line or one-size fits all evaluation approaches. Rather, the Commission wants management to make reasonable judgments that reflect each company's individual facts and circumstances.

The definition of material weakness has been aligned with the PCAOB’s expected definition based on the general principle that the SEC and PCAOB should be in alignment on reform. But even so, some differences are expected to remain between the interpretive management guidance and the PCAOB's audit standard. Far from being contradictions or misalignments, explained the SEC, these differences reflect the fact that management and the auditor have different roles and duties with respect to evaluating and auditing internal controls.

Material weakness is defined as a deficiency, or combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of the company's annual or interim financial statements will not be prevented or detected on a timely basis.

Importantly, the SEC clarified that, under Section 404(b), the auditor is not evaluating management’s evaluation process but is opining directly on internal control over financial reporting.

The guidance broadly declares that management's evaluation of internal controls should consider the control environment, and other entity level activities that are necessary to have a system of internal control that is effective at providing reasonable assurance regarding the reliability of financial reporting.

The SEC accepts that the risk of fraudulent financial reporting will exist in all companies. Rigorous evaluations require management to recognize that the existence of a fraud risk does not mean that fraud has occurred. Further, the guidance clarifies that the risk of management override is something that every company needs to consider. Effective control systems ought to take steps to manage this risk, and the Commission believes that companies of all sizes can do so.

The SEC also understands that many of the larger public companies already complying with Section 404 have established a compliant evaluation process that may differ from the approach described in the interpretive guidance. That is okay, said Corp Fin Director John White, since there is no requirement for these companies to alter their procedures from the last three years to align them with the new interpretive guidance, unless they choose to do so.

Also, now, the auditor will be required to express only one opinion directly on the effectiveness of internal control over financial reporting in its audit report. Previously, the auditor expressed two separate opinions: one on effectiveness and another on management's assessment.

Tuesday, May 22, 2007

GSE Reform Bill Passes House with Strong Sarbanes-Oxley Provisions

A bill overhauling the regulatory oversight of the government sponsored enterprises Fannie Mae, Freddie Mac, and the Federal Home Loan Banks has passed the House. The Federal Housing Finance Reform Act (HR 1427) would also create a new, independent regulator of the GSEs with broad powers analogous to current banking regulators. The Federal Housing Finance Agency would be headed by a Director, appointed by the President and confirmed by the Senate for a 5-year term.

New Financial Services Committee Chair Barney Frank has pledged to pass legislation to reform the government-sponsored enterprises in this session of Congress.

The regulated entities are required to register at least one class of capital stock with the Securities and Exchange Commission.

The legislation establishes corporate governance requirements for the composition, operation, and compensation of the board of directors. The enterprises are required to comply with several provisions of the Sarbanes-Oxley Act regardless of their registration status with the SEC.

For example, the Act requires the chief executive officer and the chief financial officer of an enterprise to review each quarterly report and annual report issued by the enterprise to certify that these financial statements fairly present the financial condition of the enterprise as required by section 302 of Sarbanes-Oxley. It also bans loans from the enterprise to any board member or executive officer of the enterprise.

The Act would also amend Section 105(b) of the Sarbanes-Oxley Act by adding the Federal Housing Finance Agency to the list of those federal agencies with which the PCAOB may share information without loss of confidentiality.
Congress Will Act if SEC-PCAOB Internal Control Reform Fails

In the next few days, the SEC and the PCAOB will adopt a brand new regulatory regime under the internal control reporting provisions of Section 404 of Sarbanes-Oxley. It is a principles-based, rules-based, scaled, top-down regime designed to allow public companies to comply with Section 404 in a more cost-effective way.

My sense is that, if this fix does not work, Congress will be forced to act to amend Section 404. All three recent white papers on securities regulation reform, Paulson, Bloomberg-Schumer and Chamber of Commerce, have called for the reform of Section 404 since they posit that this mandate is making US markets less competitive.

The Dodd-Shelby amendment to the American Competes Act (S 761) does give the SEC and PCAOB time, but not unlimited time, to reform the internal control reporting mandates.
But an amendment offered by Sen. Jim DeMint (R-SC), although defeated, garnered 35 votes to completely exempt small companies from 404 compliance. Sen. DeMint is not going away; after all he represents a state where incumbent senators simply do not lose. He will be back with a bill if the SEC and PCAOB reforms fail to achieve the desired results, and he will have a tail wind of reform generated by the white papers. Dodd-Shelby did praise 404 for greatly enhancing the quality of financial reporting and increasing investor confidence. But it also praised the SEC and PCAOB for determining that the current auditing standard implementing section 404, AS 2, has imposed unnecessary and unintended cost burdens on small and mid-sized public companies.

Monday, May 21, 2007

SEC and PCAOB to Reform Internal Controls Mandate This Week

With Congress closely watching, the SEC and PCAOB are set this week to adopt a new risk-based, principles-based top down regime for disclosure of internal control over financial reporting pursuant to section 404 of the Sarbanes-Oxley Act. Section 404, of course, remains unchanged, but the rules, guidance, and standards promulgated pursuant to the statute will be reformed in response to concerns that internal controls compliance has been overly costly and harmful to the competitiveness of US financial markets. The reforms build on the guidance issued by the SEC and PCAOB in May of 2005. Further, while the SEC incorporated certain sections of the May 2005 staff guidance into the new interpretive guidance, the Commission has emphasized that the staff guidance remains relevant. Also, companies that have already completed one or more evaluations can continue to use their existing procedures to satisfy the evaluation required by our rules, or companies can choose to follow the guidance.

It is interesting to note that, because management is responsible for maintaining effective internal control over financial reporting, the interpretive guidance will most likely not specifically address the role of the board of directors or audit committee in a company’s evaluation and assessment of internal controls. However, in the proposed guidance, the SEC said that it expects a board of directors or audit committee, as part of its oversight duties for the company’s financial reporting, to be knowledgeable and informed about the evaluation process and management’s assessment, as necessary in the circumstances.

Friday, May 18, 2007

Corp Fin Director Clarifies SEC Position on PIPES

By James Hamilton, J.D., LL.M.

PIPES, private investment in public equity, have been in the financial news lately. These instruments have been an item of recent SEC staff focus regarding disclosure and also whether the registered resale offering is, in substance, a primary offering by the issuer.

The SEC staff has also been concerned where the securities are convertible into a large number of shares of common stock relative to the issuer's outstanding shares and where there is insufficient disclosure about the market impact and cost of these transactions. In these transactions, recently explained Corporation Finance Director John White, the staff is not worried only about disclosure, but also about the shelf registration system being used in circumstances not intended to be covered by those rules.

The SEC’s disclosure operations staff has undertaken a screening process to identify potential problematic transactions and will be seeking enhanced disclosure where appropriate. The staff's response to these transactions has also drawn attention due to the mistaken view that the staff is reconsidering their approach to PIPE transactions. But the Director emphasized that the staff's view of PIPE transactions has not changed. He added that the staff has simply addressed the recent development where convertible note transactions are structured in an abusive manner.

Thursday, May 17, 2007

Senate Bill Would Require SEC Registration of Hedge Fund Advisers

By James Hamilton, J.D., LL.M.

A bill introduced by Sen. Charles Grassley would require hedge fund advisers to register with the SEC, effectively providing a legislative override of the federal appeals court Goldstein ruling. The Hedge Fund Registration Act would authorize the SEC to require all investment advisers, including hedge fund managers, to register with the SEC. The bill would, however, exempt investment advisers who manage less than $50 million, have fewer than fifteen clients, do not hold themselves out to the public as investment advisers, and manage the assets for fewer than fifteen investors, regardless of whether investment is direct or through a pooled investment vehicle, such as a hedge fund.

I think that a legislative override of a federal appeals court decision is fairly rare and a difficult thing to accomplish. But Sen. Grassley is determined to get hedge fund advisers registered. This is at least his second try. His main concern is that pension funds are becoming heavy investors in hedge funds.

Specifically, the bill would amend section 203(b)(3) of the Investment Advisers
Act to narrow the current exemption from registration for certain investment
advisers. This exemption is used by large, private pooled investment vehicles, commonly
referred to as hedge funds. According to Sen. Grassley, who is the Ranking Member on the Finance Committee, hedge funds are operated by advisors who manage billions of
dollars for groups of wealthy investors in total secrecy. They should at least have to register with the SEC, he emphasized, like other investment advisers do.

According to Sen. Grassley, Congress needs to act because of the appeals court decision, which struck down as arbitrary an SEC rule that required registration of hedge fund advisers. The appeals panel rejected the SEC’s suggestion of counting the investors in the hedge fund as clients of the fund’s adviser within the statute’s meaning of clients in order to get over the statutory client level. (Goldstein v. SEC, CA DofC 2006). That decision effectively ended all registration of hedge funds with the SEC, unless and until Congress acts.

Tuesday, May 15, 2007

EU Directive on Shareholder Voting Primed for Summer Adoption

The European Commission expects to adopt a Directive on the exercise of shareholders' voting rights this summer, according to Commissioner for the Internal Market Charlie McCreevy. In remarks to the European Association of Listed Companies (EALIC), he said that the objective of the Directive is to eliminate practical obstacles which make it difficult for non-resident shareholders to exercise their voting rights. Separately, he indicated that the Commission has decided to refrain from requiring disclosure of the voting policies of institutional investors.

Interestingly, the commissioner believes that the takeover battle at ABN/AMRO marks a watershed for shareholder rights and activism, not only in the Netherlands, but also throughout the EU. The salutary lesson is that, whatever the outcome might be, in future mergers and takeovers company management will be very attentive about getting a deal that their own shareholders will accept before deciding themselves what is best for the real owners of the company.

While non-resident shareholders hold about 30% of the capital of listed companies in the EU, noted the official, they face serious problems when they want to exercise their voting rights. These problems are due in part to the complexity of the cross-border holding of shares via chains of intermediaries and in part to the fact that national legal systems cater mainly to resident shareholders. The Directive introduces minimum standards such as a minimum convocation period for general meetings, a simplification of the proxy voting system and the abolition of all forms of share-blocking and of legal obstacles to electronic voting.

One of the issues that still needs to be resolved, however, is the role of financial intermediaries in the voting process. Not all shareholders have access to voting services, explained the commissioner. since there are many local custodians that do not offer such services. Even where, in theory, such services are provided, problems in the chain of intermediaries often prevent the process from working smoothly. This issue will be addressed in a future recommendation.

In tabling the issue of the disclosure of the voting policies of institutional investors, Comm. McCreevy noted hesitation on EU responses to the initial consultation in this area. While the Commission considers this issue a priority, it wants to study how it is working out in jurisdictions requiring disclosure. Institutional shareholders collectively hold a huge proportion of the capital of listed companies, he said, which puts additional duties on them towards the companies they invest in as well as towards the people whose money they invest.

Monday, May 14, 2007

SEC Seeks Stay of Court Ruling Striking Down Fee-Based Broker Exemptive Rule

By James Hamilton, J.D., LL.M.

The SEC has asked a federal appeals court for a 120-day stay of its ruling in Financial Planning Association v. SEC, in which a panel of the DC Circuit Court of Appeals vacated an SEC rule exempting brokers who receive fee-based compensation for incidental advisory services from regulation under the Investment Advisers Act. The split panel ruled that the SEC exceeded its authority and flouted six decades of consistent understanding when it broadened the existing statutory exemption for brokers. In asking for the four-month stay, the SEC also indicated that it would not appeal the panel’s ruling to either the full DC Circuit or the US Supreme Court.

According to the SEC, the stay will give investors and their brokers a chance to respond to a court decision that affects an estimated one million fee-based brokerage accounts. The Commission intends to work with individual brokerage firms during the transition period as they respond to the decision. The goal will be to provide customers of the firms with the information and time they need to determine the appropriate form of securities services for them. At the same time, the SEC will consider whether further rulemaking or interpretations are necessary regarding the application of the Advisers Act to these accounts and the issues resulting from the court’s decision
Proposed Definition of Material Weakness Is Crucial to Lowering Internal Control Costs

The revised definition of material weakness proposed by the PCAOB and endorsed by the SEC’s proposed guidance is flawed and unhelpful, warned the ABA committees on federal securities regulation and accounting. In a letter to the SEC, the committees said that the terminology employed in the proposed formulation of the term material weakness is sufficiently ambiguous so as to continue to result in the overly conservative applications that the proposals seek to remedy.

The definition of material weakness is a central feature of the proposed reforms because management’s assessment of the company’s internal controls is based on whether any material weaknesses exist. Similarly, the objective of an audit of internal control is to obtain reasonable assurance as to whether material weaknesses exist. The term’s importance is evident from the rule that management is not permitted to conclude that the company’s internal controls are effective if there are one or more material weaknesses. It is also instructive that the Paulson Committee on Capital Markets Regulation believes that the SEC’s revised guidance on materiality is the most important issue affecting the cost of sec. 404(b) implementation and must be considerably strengthened if Sarbanes-Oxley costs are to be significantly decreased.

The SEC staff has said that it will apply the PCAOB’s definition of material weakness when applying Commission rules. Currently, Auditing Standard No. 2 defines material weakness as a significant deficiency, or combination of significant deficiencies, resulting in more than a remote likelihood that a material misstatement of the financial statements will not be prevented or detected. Acting on complaints that this definition was confusing and made it difficult to assess the severity of deficiencies, the Board revised the definition in proposed Auditing Standard No. 5.

The Board proposes to define a material weakness as a control deficiency, or combination of control deficiencies, such that there is a reasonable possibility that a material misstatement of the company's financial statements will not be prevented or detected. The Board replaced the standard ``more than a remote likelihood’’ with `` reasonable possibility’’ based on its belief that companies and auditors were evaluating the likelihood of a misstatement at a much lower threshold than the Board intended. The new standard should, in the Board’s view, result in the identification of the most important material weaknesses.

While agreeing that the current “more than remote likelihood” is too low a probability standard, the ABA committees said that inserting reasonable possibility would not change the probability standard. Accountants have interpreted the terms remote, reasonably possible and probable, as used in FASB Standard No. 5, Accounting for Contingencies, as levels of probability that are contiguous, noted the committee.

The auditors interpret it as, once an event is more probable than remote, it is reasonably possible. This interpretation of reasonably possible leads to events being reasonably possible at a probability level of substantially less than 50%. In fact, said the ABA, some accountants take the position that reasonable possibility is triggered at a probability level of as low as 25%. The bar groups believe that such a level of probability is too low for this purpose. Further, the market does not perceive material weakness disclosures as meaningful because they sweep in items that are not important to an investor’s evaluation of the effectiveness of the internal controls or the reliability of the financial statements.
Dodd-Shelby Amendment Gives SEC and PCAOB Time to Reform Internal Controls Mandates

As the SEC and PCAOB near completion of the new regulatory regime for internal controls reporting, a Dodd-Shelby amendment to the American Competes Act (S 761) would give the SEC and PCAOB more time, but not unlimited time, to reform the internal control reporting mandates under section 404 of the Sarbanes-Oxley Act. Specifically, the amendment, which passed 97-0, expresses the sense of the Senate that the SEC and PCAOB should implement the section 404 mandates in a manner that limits the burdens placed on small and mid-size public companies. The amendment was introduced by Banking Committee Chair Christopher Dodd (D-Conn) and co-sponsored by Sen. Richard Shelby (R-AL), the committee’s Ranking Member. The Senate passed S 761 by a vote of 88-8.

My take on the situation is that if this reform of section 404 internal controls does not lessen the burden on public companies Congress will act. But for now, they are willing to wait and see if the regulator and standard setter can do the job.

The Senate also supported a Dodd-Shelby motion to table an amendment offered by Sen. Jim DeMint (R-SC). The DeMint amendment would have made section 404 compliance optional for smaller companies with market capitalization of less than $700 million, with revenue of less than $125 million, or with fewer than 1,500 shareholders, thereby exempting over 70% of companies from key parts of Sarbanes-Oxley. This amendment was tabled on a bipartisan vote of 62-35.

By these two votes, the Senate made a strong statement in two respects, according Sen. Dodd. First, that the Senate will continue to protect investors in public companies; and second, that it supports efforts currently underway to ensure that small and mid-size businesses are not unduly burdened by rules intended to protect investors. The Senate rejected an approach that would weaken investor protection and make it more likely for investors to be harmed by the malfeasance that caused the collapse of Enron and WorldCom.

Importantly, the Dodd-Shelby amendment endorsed section 404 for greatly enhancing the quality of corporate governance and financial reporting for public companies and increasing investor confidence. It praised the SEC and PCAOB for determining that the current auditing standard implementing section 404, AS 2, has imposed unnecessary and unintended cost burdens on small and mid-sized public companies. It also notes that the SEC and PCAOB are nearing completion of a two-year process intended to revise the standard in order to provide more effective regulation. The Senate wants the SEC and PCAOB to complete the adoption of the final guidance and standards under section 404.

Sen. Dodd emphasized that the SEC Chair has wide latitude within which to operate here, since the statute gives broad discretion.

Friday, May 04, 2007

Transfer of Risk Issue Looms Large for Hedge Fund Regulators

By James Hamilton, J.D., LL.M.

The transfer of risk to hedge funds via credit derivatives and other financial instruments reduces the ability of regulators and central bankers to have a clear picture of where risk sits in the financial system, noted Financial Services Authority CEO John Tiner. In his view, this scenario is more than academic since it raises real questions regarding the ability of regulators to monitor and manage financial stability.

In remarks to the Association of Corporate Treasurers, the senior official also noted other issues surrounding hedge funds, including the need to ensure adequate disclosure and accurate valuations. He mentioned that the FSA has been putting in place a regulatory regime to deal with these risks in a proportionate way, including addressing the question of whether hedge funds should be available to retail investors. There is no reason to prevent informed retail customers from accessing this type of risk, he emphasized. The FSA recently issued a consultation paper on the retailization of funds of alternative investment funds.

While hedge funds are not necessarily the biggest institutions, continued the CEO, their impact should not be underestimated. Given their active management, they can represent up to 50% of daily liquidity on the London Stock Exchange. Although the funds are not within the FSA’s regulatory remit, the hedge fund managers are. There are over 300 hedge fund managers in London, representing some 90 per cent of EU hedge fund business.

In his view, the FSA has designed a sensible fit for purpose regulatory approach for this sector, including a regular survey of prime brokers which helps the regulator assess leverage in the hedge fund market. Since this is limited to UK prime brokers only, Mr. Tiner praised the idea put forth by the Minister for the City of London to discuss, at the upcoming G8 Summit, the extension of regulation to other major markets in order to collect aggregate data.

NY Fed Study Reveals Correlation between LTCM and Current Hedge Funds

By James Hamilton, J.D., LL.M.

A study conducted by the Federal Reserve Bank of NY revealed recent high correlations among hedge fund returns, returns moving in the same direction when facing similar market conditions, which could suggest concentrations of risk comparable to those preceding the Long Term Capital Management hedge fund crisis of 1998. But the comparison of the current rise in correlations with the elevation before the 1998 event reveals a key difference, which is that the recent increase stems mainly from a decline in the volatility of returns, while the earlier rise was driven by high covariances.

Covariance measures hedge fund return comovement by capturing the extent to which the returns move together, or apart, in dollar terms. To determine more precisely how closely hedge fund returns comove relative to their overall volatility, economists divide the covariance of fund returns by the returns’ total variability; the result is correlation.

The Fed study concludes that, despite some seeming parallels between the recent and earlier rise in correlations, the current hedge fund environment differs from the 1998 environment because volatility and covariances now are lower.

In 1998, the Federal Reserve, particularly the NY Fed, facilitated the private-sector refinancing of the large hedge fund, Long-Term Capital Management. The effort was characterized by then NY Fed President William McDonough as a private sector solution to a private-sector problem, involving an investment of new equity by LTCM’s creditors and counterparties.

While hedge funds are major liquidity providers in normal times, the Fed study noted, their use of leveraged trading strategies has raised concerns about their liquidity effects in times of market stress. Indeed, the collapse of the hedge fund LTCM in 1998 seemed to confirm fears that heavy losses by hedge funds have the potential to drain significant liquidity from key financial markets.

These ongoing concerns about hedge fund vulnerability, coupled with the rapid growth of the funds, underscore the importance of understanding risk in this sector. Risk is a critical component of hedge fund strategies, emphasized the study, so the way in which it is measured is extremely important. A key determinant of hedge fund risk is the degree of similarity between the trading strategies of different funds. Similar trading strategies can heighten risk when funds have to close out comparable positions in response to a common shock.

Wednesday, May 02, 2007

Arbitration of Shareholder Actions May Be DOA

The trial balloon of allowing mandatory arbitration of shareholder actions may have just been shot down by House Financial Services Committee Chair Barney Frank. In a letter to SEC Chair Christopher Cox, Rep. Frank criticized suggestions that the Commission may begin permitting public companies to impose mandatory arbitration requirements on shareholders through the registration process.

The idea, whose time may have already come and gone, was floated by the Paulson Commission report on the capital markets, which urged the SEC to allow public companies to contract with their investors to provide for alternative procedures in securities litigation, including arbitration or non-jury trials. A recent WSJ article said the SEC staff was looking at it.

The report analogized the idea to the now quite common arbitration agreement used to resolve broker-customer disputes under substantive Exchange Act rights. The SEC General Counsel’s office has historically taken the position that the US Supreme Court rulings allowing arbitration in the broker-customer world should not be extended to the context of issuer-shareholder disputes. But the report concluded that as a legal matter there is nothing to prevent it.

But Rep. Frank warned that allowing such covenants to be included in registration documents would represent a drastic change in shareholder rights. Calling such agreements contracts of adhesion, he said that companies should not be permitted to impose them unilaterally. While agreeing to consider reasonable measures to improve the efficiency and competitiveness of the financial markets, he cautioned that Congress and the SEC must examine the consequences very carefully before allowing public companies to deny shareholders meaningful avenues of redress as the owners of those public companies. Moreover, given the severe limits on the right of appeal available in arbitration, he believes that investors would be required to risk losing their rights under federal securities laws in order to invest in the public markets

It is hard to see how this idea can get any kind of traction with that level of opposition from the SEC’s and financial industry’s oversight chair.

Tuesday, May 01, 2007

EU-US Framework Puts High Priority on GAAP-IFRS Equivalence

By James Hamilton, J.D., LL.M.

The SEC’s roadmap to the elimination of the need to reconcile IFRS-driven financial statements received a high-level boost as the European Union and the United States have adopted a joint framework on transatlantic financial integration that places a high priority on the equivalent recognition of US GAAP and international financial reporting standards in both jurisdictions without the need for reconciliation by 2009 or possibly sooner. The EU and US also expressed strong support for roadmap discussions between the European Commission and the PCAOB in the area of auditor oversight. The goal of the discussions is to quickly reach a point where the US and EU can rely on each other's auditing oversight systems and avoid burdensome and costly duplicative work and even conflicts of law.

More generally, the EU and US agreed to work towards greater regulatory convergence towards highest quality and most effective regulation and, where appropriate, mutual recognition in the fields of securities regulation. There is also a general agreed principle on increasing cooperation between EU and U.S. financial regulators under the dual goals of adequate investor protection and market integrity.

The agreed framework also promotes the smooth implementation of the Basel II framework for banks, notably to address transitional issues and minimize differences of implementation between the EU and United States.

SEC Commissioner Casey Praises PWG Hedge Fund Guidance

By James Hamilton, J.D., LL.M.

In one of her first public speeches, SEC Commissioner Kathleen Casey commended to the attention of market regulators the President's Working Group on Financial Markets recently-issued principles addressing the activities of hedge funds. The principles properly focus on three main areas: investor protection, operational risk, and potential for systemic risk, said the commissioner in remarks delivered at a global finance seminar hosted by the New York Federal Reserve and the European Commission.

The commissioner believes that the role of the PWG is of particular value in the EU-U.S. dialogue in that it presents a constructive forum to address comprehensively financial market issues that cross regulatory authorities within the United States. She urged the PWG to continue to examine the role and risks of hedge funds in the financial markets. Similarly, through its members, the working group should consider appropriate actions to ensure that investor protection, operational risk and systemic risk are adequately addressed and managed in the market.

The principles acknowledge the significant benefits that private capital pools bring to the financial markets, she continued, while recognizing the risks they present, in part due to a lack of transparency. They generally view market discipline by creditors, counterparties and investors as the most effective way to limit systemic risk and maintain appropriate investor protection standards. The PWG is composed of the chairs of the SEC, CFTC, Federal Reserve Board, and the Treasury Secretary.