Escolar Documentos
Profissional Documentos
Cultura Documentos
3rd Example- Peer manager- COSO (Committee on Sponsoring Organization)- ERM- Enterprise Risk
Management.
Describe 2 key aspects- Memo
Motivate- learn about ERM concepts
COSO- is the foundation of ERM
Presented clearly- memo
Internal environment is the foundation of ERM/ Ethics/ Organizational structure
State the obvious
No abbreviations unless you first define them
ERM- identify- is a comprehensive organizational approach to evaluate and accept risk and it all starts
with internal environment and setting the tone of the organization.
2nd paragraph- our commitment to integrity and ethical values. Ethical commitment of management
team.
Code of Ethics and Code of conduct- commitment influences decision to accept responsible risk
and compliance with laws and in a manner that represents mutual respect and fairness
3rd paragraph- commitment to ethical behavior is our comm to these individuals who are most
qualified.
Conclusion: I look forward to contributing to this effort with you and encourage you to meet
with me in person on this issue.
3. Audit committee- are to be members of the issuer's board of directors but are otherwise
independent - should not be an officer/ consultant/ employee/ no other relationship with the
company other than sitting on the board- cant be accountant/ lawyer/ underwriter- MUST BE
INDEPENDENT
4. Must create procedures to accept reports of complaints regarding audits, accounting, internal
control
a. good procedures- confidential, anonymous report by employees of issuer
B. Corporate Responsibility for Financial Reports1. CEO and CFO must sign reviewed all the reports
2. contain no untrue statements or omissions of material facts- civilly and criminally must sign
3. SEE COSO- designed to ensure material information has been made available. testing for
effectiveness as of a date 90 days prior to the report and conclusions- is it working the way it was
designed- conclusions regarding effectiveness of internal controls based upon their evaluation.
4. CEO and CFO signing report assert that they have made the following disclosures to the
issuer's auditor's and audit committee
5. Disclosures- to both auditor and audit committee- all significant deficiencies in the design or
operation of internal controls which might adversely affect the FS.
deficiency in internal control- there will be a material misstatement or material
omission of fact
any fraud- regardless of materiality- involves management or any other
employee with a significant role in internal controls
6. The CEO and CFO signing report must also represent whether there have been any significant
changes to internal controls
C. No improper influence on the conduct of audits: no officer/director/ any person acting under the
direction thereof- may take any action that would fraudulently influence/ coerce/ mislead or manipulate
the auditor in a manner that would make the FS materially misleading
D. Forfeiture of bonuses and profits--CEO / CFO pay for restatement
if- there was an omission material fact or material misstatement- restate financials- any bonus
or incentive based compensation will be taken away and given back to the company. Or if they sold
stock and got a gain on the sale- restate financials due to material noncompliance- bonus or incentive
based compensation must be returned to company or sold stock and had a gain on sale- must reimburse
company if there is a mistake
E. Title IV- Enhanced financial disclosures: internal controls and audit committee
certain disclosures must be made about internal controls and audit committee- in periodic
reports- quarterly or annually even though quarterly report is unaudited- cannot make fraud.
Disclosures in periodic reports- annual (10K) or quarterly (10Q)
Quarterly report is unaudited- make these disclosures whether in quarterly or annual report.
Why? Intended to insure that the company is applying GAAP- in accordance with GAAP
Certain transactions are transparent to the reader- all material correcting adjustments
identified by the auditor should be reflected in the FS.
more correcting adjusting entries the auditors find increases risks that not all were
caught.
All material off balance sheet transactions- better assess the risk of investing into the
company (outsiders) - DISCLOSED- operating leases, contingent obligations (lawsuits),
relationships with unconsolidated subsidiaries (related parties) and special purpose
entities
Conflict of Interest Provisions- The corporation (issuer) generally prohibited from
making personal loans to directors or executive officers (use money to generate
revenue not to give loans to directors)
Exception: in the ordinary course of business - no special discount rate
Related party: disclosure of transactions involving management and principal stockholdersmanagement + stockholder (executive management)- and a principal stockholder
Principal stockholder-anything more than 10% of any class of any equity security
4. SEE COSO: Management Assessment of Internal Controls- Section 404
Section 404: every annual report must contain a report that contains:
1. management is responsible for establishing and maintaining and testing IC not the auditor.
2. management must assess the effectiveness- test the internal controls
(created fine but testing the effectiveness)
3. The auditor: issues the opinion- attest- if management is fairly stated.
Certain Exemptions: Investment companies are exempted from this act
5. Code of Ethics for Senior Officers: Tone at the top- Disclosure whether or not the issuer
has adopted a code of conduct for senior officers (CEO, CFO, controller, chief accountant)must adhere to- senior management
NO CODE- disclose why. There should be!
6. Disclosure of Audit committee Financial Expert: they select the auditor, they settle
disputes (auditor vs management)- must be a board member, but you should be otherwise
independent and one member on that committee must meet the requirements of being a
financial expert.
a. Must resolve disputes between management and auditor
b. Must be familiar with accounting requirements
c. If you do not have one- why not?
d. What makes you an expert- PhD, experience, CPA, liberal, understanding of audit
committee functions.
7. Enhanced Review of Periodic Disclosures by Issuers by SEC- PUBLIC
a. not testing for accuracy- that is the job of the auditor for an opinion on fairly stated
b. test for completeness- are you providing the investing public
c. regular and systematic basis- for deciding which company are red flagged because
there is increased risk- when scheduling reviews- there has to be a logic
issuers that have issued material restatements of Financial results- increased risk
Issuer experience significant volatility in stock price- increase motivation to
fraudulently misstate financials
Issuers with largest market capitalization- large- material to the market
emerging companies with disparities in Price to Earnings- unusually high multiple
Material or significantly affect sector of the economy- large banks/ insurance
8. SOX: Addresses FRAUD- Title VIII- Corporate and Criminal Fraud Accountability- Civil liability,
corporate liability (paying fines) and personal liability (criminal- jail).
a. up to 10 or 20 yrs in jail- significant criminal penalties if you violate the act
b. criminal penalties for altering documents- destroy/ alter/impede/ obstruct justicestop investigation- up to 20 yrs in jail
c. Auditors must keep audit and review work papers for at least 7 yrs- or else 10 yrs in
jail
d. Statute of Limitations- 2 and 5 years - no later than the earlier of 2 yrs after the
discovery of facts constituting the violation or 5 yrs after the violation
e. Whistle- Blower Protection: any employee who lawfully provides evidence of fraud
may not be discharged, demoted, suspended, threatened- not absolute duty of loyalty- restate
you, compensate for damages
f. Criminal penalties for securities fraud-- fined, imprisoned for not more than 25 yrs
(knowingly or attempts to execute)
9. Title IX- White Collar Crime Penalty Enhancements- any attempt to conspire to commit
securities fraud is a white collar offense- or ERISA (employee retirement income securities act)unethical with pension funds.
1. Sentencing guidelines: sentencing commission- can review or amend what those
sentencing guidelines are- look for trends in offenses.
2. trend- make it harsher than it was before.
3. Aggravating or mitigating circumstances: could justify an exception to the existing
sentencing ranges
3. Failure of Corporate Officers to Certify Financial reports- CEO and CFO
a. refuse to do so: penalties- CEO or CFO- sign off knowing that it doesn't satisfy all the
requirements- know that the internal controls are deficient and dont report it, FS are misstated- up t 10
yrs in jail
b. wilfully- intentionally deceive the investing public- 20 yrs in jail
4. Title XI- Corporate Fraud Accountability
a. tampering with record or impeding an official proceeding- not more than 20 yr prison
b. Temporary freeze authority for the SEC- likely that the issuer will be required to make penalty
payments- freeze assets escrow the payments in an interest bearing account for 45 days
c. authority of the SEC to prohibit persons from serving as officers or directors- if that individual
has violated securities rules and regulations.
d. Retaliation against informants: if you try to retaliate against someone who blew the whistle10 yrs in jail- whistle blower protection
III- Internal Control- COSO- avoid financial reporting "CRIME"
The committee sponsoring organization COSO - independent private sector initiative. Was
initially established in the mid 1980s to study factors that lead to fraudulent financial reporting. The
private Factors that lead to financial reporting fraud. 1992- best practices- what is the standard for best
reporting standards? What is adequate?
a. Internal Control- Integrated Framework (Framework) on internal control
effectiveness- into 17 principles and 5 major internal control components. COSO framework is widely
regarded as an appropriate and comprehensive basis to document the assessment of IC over financial
reporting. Good internal controls helps to do other things besides just adequate financial reporting.
D. 5 components of IC CRIME: all integrated components of IC- these components are needed to
achieve the 3 objectives of IC- ORC
CONTROL ENIRONMENT (C)= RIME
Risk Assessment by Management
Information and Communication Systems
Monitoring
Existing Control activities
Applies to all 3 categories of entity objectives ORC1. Control Environment- tone at the top- ethics
2. Risk assessment- risk that FS are misstated or has fraud- emphasis of COSO
3. Information and Communication- internally/ externally fair, accurate, complete, timely- FACT
4. Monitoring- efficiencies of IC, report deficiencies- test the IC
5. E- Existing Control Activities- policies and procedures to mitigate risks
5 components apply to 3 objectives- our focus in COSO is how it relates to accurate financial reporting.
Effectiveness- test IC and report deficiencies and correct it.
1. Control Environment: CRIME- EBOCA- tone at the top- the process, structure, and standards that
provide the foundation for an entity to establish a system of IC.
a. Commitment to Ethics and Integrity
b. Board Independence and Oversight
c. Organizational Structure
d. Commitment to Competence
e. Accountability
Ethics
Board Indepe