Compliance Blog

SEC Commissioner Roel C. Campos: Remarks Before The IOSCO Annual Conference April 17th.

Commissioner has IFRS (International Financial Reporting Standards) on his mind:

"The good news is that the SEC is absolutely committed to doing what we can to facilitate meeting the goals of roadmap. To reiterate my theme, I think there has been increased focus on the roadmap given the fact that globalization issues have moved to the forefront over the past year. From the standpoint of the U.S., we hosted an IFRS roadmap roundtable at our SEC headquarters a few weeks ago. It was designed in large part to raise the profile of the roadmap in the U.S. At the roundtable, our Chairman Chris Cox and EU Internal Markets Commissioner Charlie McCreevy both affirmed their commitment to eliminating the need for reconciliation between IFRS and U.S. GAAP. So, the U.S. is serious about the roadmap and the timeline, and we're trying to make it work.

I should also point out some provocative new ideas that were bandied about at the roundtable. These ideas definitely moved beyond the main topic about when the SEC would accept IFRS financial statements without reconciliation. In particular, there was a discussion about whether U.S. companies — not just foreign private issuers — should be given a choice to use IFRS or U.S. GAAP. Given that the roadmap contemplates that foreign private issuers have such a choice, it certainly raises a legitimate question about whether U.S. companies should also have that choice. Interestingly, when the question was put to Don Nicolaisen, who was spurred on by Chairman Cox, he responded by stating that the SEC should consider requiring that all U.S. companies use the same standard as foreign companies, and not merely giving them a choice."

But they have been disappointed at the response from Foreign Private Issuers (FPIs):

"There has been a notable lack of foreign private issuers filing audited financial statements with the SEC that either use or are compliant with IFRS in the manner in which it is issued by the IASB. We had expected to see approximately 300 or so companies file their 2005 financial statements prepared using IFRS. Instead, we received only about 40 filings — hardly a critical mass. This fact is perplexing, given that the early goal is — to quote the roadmap itself — "to see convergence in action." So, the question is: why did only 40 companies so file?"

Possible answer:
"There are likely a number of different reasons, and I'll focus on just one here. That is, in many cases, financial statements prepared in accordance with home country adaptation of IFRS did not also contain a reference by both the company and its auditor that the financial statements also complied with IFRS in the form issued by the IASB. Indeed, the roadmap contemplated that we would see filings of financial statements prepared using IFRS as promulgated by the IASB. However, various jurisdictions have not accepted IFRS exactly as promulgated by the IASB, and have instead made various changes thereto. Consequently, we have seen filings containing financial statements based upon national jurisdictional adaptations of IFRS. These financial statements certainly fit within the SEC's filing requirements, but without the reference to IFRS as promulgated by the IASB, they do not appear to be financial statements that fit under the one set of global accounting standards that we wrote about in the roadmap.

Now, we certainly understand why a jurisdiction may wish to adopt its own version of IFRS. After all, we have U.S. GAAP. However, one goal of the roadmap was to allow the elimination of the reconciliation requirement, and as a consequence, have two versions of robust standards developed by independent standard setters in the U.S. capital markets, not thirty different versions. The question then occurs: how do we reach the "critical mass" — to use a term from the roadmap — of filers using IFRS as promulgated by the IASB?"

This is starting to sound like trade subsidies. Every country wants others to conform but maintain their own pet projects. No globalization will happen on accounting standards without convergence to one standard.

On another area that has a way to go...Auditing/PCAOB.

"the Commission unanimously approved the staff approach with respect to each of the four issues, and hopefully the respective staffs of the SEC and PCAOB can now work to finalize AS 5 and the SEC's Management Guidance in a way that promotes effective audits while improving efficiency. In short, the Commission directed the staff to focus on these four broad areas:

• 
  aligning AS 5 with Management Guidance, particularly with regard to the level of prescriptiveness in AS 5 and the inconsistent definitions and terms;
• 
  scaling the SOX 404 audit to account for the particular facts and circumstances of companies, particularly smaller companies;
• 
  encouraging auditors to use professional judgment in the SOX 404 process, particularly in using risk-assessment; and
• 
  following a principles-based approach to determining when and to what extent the auditor can use the work of others.

Please can we just get a standard published and reconcile SEC management guidance? Transparency is good and there is never going to be a perfect solution. But so many years of hand wringing has really diminished the value of this legislation. SOX 404 has gotten way more publicity than any real natural disaster in the world! At some point, we have to get the priorities straight. This is not war and peace. It is business. Let's get on with it.

If your company has to comply with SOX 404 or NI 52-109, and wants to do it in a sensible and cost effective way, contact http://www.issuescentral.com/ for more information on Compliance Playbook® for companies based outside of Canada. For Canadian based companies, see http://www.compliancepartner.ca/ for more information on Compliance Partner™ from Thomson Carswell.

John Carchrae, CA, Chief Accountant at the Ontario Securities Commission gave a good speech to the Financial Executives Institute in Toronto on April 12th.

The topic was Revised National Instrument 52-109 "Certification of Disclosure in Issuers' Annual and Interim Filings". Mr. Carchrae was an informed speaker who imparted a great deal of information. This was time well spent.

NI 52-109 was released for comment March 30, 2007. Mr. Carchrae emphasized the request for formal comments on NI 52-109.

Some interesting statistics were quoted by Carchrae regarding Canadian market size, listings, etc.

• of the approximately 3600 of companies listed on Canadian exchanges (TSX and TSX-V), 98% of the market cap is on the TSX and 2% is on the TSX-V
• 65% of the market cap on Canadian exchanges (240 on the TSX and 79 on the TSX-V) is dual listed on US exchanges.

While NI 52-109 has its origin in Sarbanes-Oxley s. 302 and s. 404, there are some major differences being proposed:

1. No external auditor attestation required for internal control over financial reporting
2. Issuers do not have to declare a framework for their evaluation
3. Venture issuers can scope out potential areas that have "Reportable Deficiencies" (more on that later) that they believe cannot be resolved but must disclose this in MD&A.

Carchrae went on to say that the idea behind not requiring a framework was that the existing frameworks did not seem to work for smaller companies.

My experience is that when a framework is principles based and the existing frameworks ARE, ( COSO, Turnbull and COCO), it is pretty hard to accept the assertion that the frameworks are not scalable to smaller companies. Does that mean that smaller companies cannot figure out a principles based way to run their companies? Unrealistic in my book.

Carchrae indicated that the CSA wants it understood that the Board and Audit Committee are responsible for MD&A disclosures and transparency of internal controls. A new requirement under the proposal is that certifying officers must report to auditors,the board and audit committee if fraud has involved management personnel or others who have a significant role in the issuer's ICFR.

It was pointed out that the Foreign Corrupt Practices Act passed in the US in 1977 and amended in 1978 requires public companies listed on US exchanges to document internal controls. Carchrae made the point that there has been no such requirement in Canada. I guess the point was that if you are dual listed in the US, your company was supposed to have done this work already.

Ok, but we know how well that worked! That is why SOX was passed.

Proposed accommodations for Venture Issuers were discussed. Venture issuers would disclose that they cannot reasonably remediate a reportable deficiency but must disclose it in the MD&A.

Other points of discussion were around the scoping limitations for certain investments as well as companies purchased, IPO's & RTO'S within 90 days of fiscal year end.

"Reportable Deficiency" - hmmm. The idea here was that they did not want to use the baggage laden term "Material Weakness" from SOX. Hmmm. The thought was that there was so much bad press from the US that beginning with another unexplainable term would be better. Interesting.

Then there was the explanation that "reasonable person" was a legal term with its genesis on the English bus system. So the audience went stock still thinking Wow! We have to figure out what some guy who rides the bus in London would think of a Reportable Deficiency to understand if it is one. This sounds so much better than Material Weakness. Thank goodness we have our own term! Whew! Dodged that nasty SOX Material Weakness bullet.

The reality is that if something is as technical as financial reporting is, then no matter what you call it, everyone is going to have their own opinion. So there will be no more clarity on Reportable Deficiency than there is on Material Weakness. Further, since there is no audit standard, it makes this judgment even more variant between issuers.

An even more interesting piece of logic seems to surround the CSA's view of remediation of deficiencies: Since an issuer could choose to disclose a reportable deficiency in the operation of a control but chose not to correct it, the CSA believes that markets will punish the issuer for this in increased cost of capital etc. So are the markets going to get on the bus and investigate "Reportable Deficiency". Not a chance! But if this approach is taken, there is a good chance that litigators will see this as great territory to define a "Reportable Deficiency" in a very broad way.

Regulators have to control the definitions and implementation of regulations. If they do not, someone will and it may not be the best party for the role.

The CSA is holding focus groups to speak with smaller issuers to understand their concerns on this proposed legislation. This is a great idea. Up until now, there has been very little formal educational outreach from regulators to issuers. If you ask questions of issuers, you will get answers.

Carchrae indicated that the CSA is not trying to set a lower or higher standard than the US. Without auditor attestation, Canada has elected a lower standard.

Additionally, by allowing issuers to decide not to declare a framework there is no standard for that "reasonable person" to judge against. Additionally, the ability to not use a framework, according to Carchrae will require more disclosure about how judgments were made. So isn't this then a form of a framework (standard?).

The idea is for management to make judgements. I am all for this, but a judgement must be made with some sort of guidelines. Running businesses is done with standards and guidelines. For public companies and disclosures, this is the job of regulators.

You cannot have "Let the child emerge" regulations, a la the 1960's. We have regulations because companies are not exhibiting strong transparency in internal controls and disclosure controls. The verdict is in already.

See CSA 52-316 to see how many errors and omissions have been made on disclosure control reporting by issuers already. The CSA has made on comments for months about the errors by issuers on 52-109 forms. Let's hope that when this legislation is final, June 30, 2007, the errors will be back on the website. There needs to be some noise made to assure that issuers are listening and know that regulators are watching. We do not want litigators making the rules.

If your company has to comply with SOX 404 or NI 52-109, and wants to do it in a sensible and cost effective way, contact http://www.issuescentral.com/ for more information on Compliance Playbook® for companies based outside of Canada. For Canadian based companies, see http://www.compliancepartner.ca/ for more information on Compliance Partner™ from Thomson Carswell.

I was speaking to a public company board member the other day and the board member expressed concern over whether the company in fact was really in compliance with disclosure control and internal control over financial reporting requirements.

As a Board Member, your CFO and Finance Team should allow you to "Ecce Signum" or Behold the Proof.

You should not have to "Trust" people that these projects are OK!

As the SEC daily issues complaints against companies for various infractions and as Canada's team at the Ontario Securities Commission is now headed up by a litigator, David Wilson, Boards have to be more and more "hands-on" and be concerned about key areas such as internal control over financial reporting (ICFR) in which they have liability.

Here are Five Questions to ask the Finance Team in your Company about your ICFR project and how to "Behold the Proof"

1.) Ask what financial compliance framework they are using to evaluate internal control over financial reporting.
2. )Ask to see sample documentation of a key process such as financial reporting and entity level controls.
3. )Ask if the company is doing sub-certifications and if so, ask to see some samples.
4. )Ask what approach/methods the company is using to test the effectiveness of internal controls.
5. )Ask about the certification documents that have been signed (US s.302 or s. 404; Canada MI 52-109F1) to see what detail there is to back-up these certifications could be provided to the Board if required.

The answers to these questions should be readily available if ICFR projects are on track.

What is of concern to many board members is that they asking and receiving a short report on the topic. Ask more questions. Many CFOs know that Boards are not really interested in these topics. The Audit Committee is responsible for ICFR, but liability for incorrect public disclosures falls on the entire board as well as CFO and CEO.

If your company has to comply with SOX 404 or NI 52-109, and wants to do it in a sensible and cost effective way, contact http://www.issuescentral.com/ for more information on Compliance Playbook® for companies based outside of Canada. For Canadian based companies, see http://www.compliancepartner.ca/ for more information on Compliance Partner™ from Thomson Carswell.

March 30th the Canadian Securities Administrators (CSA) issued National Instrument 52-109 or NI 52-109. The previously issued Multi-Lateral 52-109 had been out for comment and is now cancelled. So it is official, MI 52-109 is now NI 52-109 and is out for public comment.

NI 52-109 and NI 52-109CP have provided a lot more guidance to issuers on every aspect of the Disclosure Controls and Internal Control over Financial Reporting. They have taken what is helpful in the Sarbanes-Oxley 302 and 404 and added and deleted to make this a truly Canadian version of transparency.

Of course many people will criticize the NI 52-109 and want more guidance. But this is meant to be judgement oriented and principals based and it is.

NI 52-109 provides enough guidance for a company to do the right job but enough room for judgement by a company's CFO and CEO to take responsibility for their own disclosure controls and internal control over financial reporting.

Great job CSA!

If your company has to comply with SOX 404 or NI 52-109, and wants to do it in a sensible and cost effective way, contact http://www.issuescentral.com/ for more information on Compliance Playbook® for companies based outside of Canada. For Canadian based companies, see http://www.compliancepartner.ca/ for more information on Compliance Partner™ from Thomson Carswell.