Today, the Co-Directors of the SEC Division of Enforcement, Stephanie Avakian and Steven Peikin, issued a brief cautionary statement regarding market integrity in the era of the COVID-19 pandemic. The statement acknowledged the unprecedented impact of COVID-19 on the securities markets and emphasized the importance of “maintaining market integrity and following corporate controls and procedures.”
Now back to work, SEC Enforcement once again takes up the issue of internal control over financial reporting. In this instance, the SEC announced settled charges against four public companies for failing to remediate internal control weaknesses—for years! We’re talking seven to ten years. The companies seemed to be under the misimpression that, as long as they disclosed the material weaknesses, they were in the clear. But they learned the hard way that that was not the case. According to Melissa Hodgman, an Associate Director in Enforcement, “Companies cannot hide behind disclosures as a way to meet their ICFR obligations. Disclosure of material weaknesses is not enough without meaningful remediation. We are committed to holding corporations accountable for failing to timely remediate material weaknesses.”
In case you were questioning whether the SEC continues (assuming it reopens at some point) to address the inappropriate use of non-GAAP financial measures with the same level of gravity as in prior years, you might take note of this recent (cusp of SEC shutdown) enforcement action against ADT. In the proceeding, the SEC sought a cease-and-desist order, alleging that the company violated the non-GAAP disclosure requirements. Interestingly, however, the allegations did not involve any of the more thorny issues regarding individually tailored recognition measures that the SEC sometimes considers misleading, but rather the more prosaic “equal or greater prominence” requirements.
SEC issues Section 21(a) investigative report regarding the implications of cyberscams for internal controls
Today, the SEC issued an investigative report under Section 21(a) that advises public companies subject to the internal accounting controls requirements of Exchange Act Section 13(b)(2)(B) of the need to consider cyber threats when implementing internal accounting controls. The report investigated whether a number of defrauded public companies “may have violated the federal securities laws by failing to have a sufficient system of internal accounting controls.” Although the SEC decided not to take any enforcement action against the nine companies investigated, the SEC determined to issue the report “to make issuers and other market participants aware that these cyber-related threats of spoofed or manipulated electronic communications exist and should be considered when devising and maintaining a system of internal accounting controls as required by the federal securities laws. Having sufficient internal accounting controls plays an important role in an issuer’s risk management approach to external cyber-related threats, and, ultimately, in the protection of investors.”
Here’s a reminder from the SEC: interim financial statements included in Forms 10-Q are required to be “reviewed” by outside auditors. On Friday, in a first enforcement proceeding of its kind, the SEC announced charges against five companies that had filed their 10-Qs with their quarterly financial statements prior to review by their independent external auditors.
SEC enforcement action for materially misleading projections in the face of red flags and other actions
In case anyone needed a reminder from the SEC, this case against Sonus Networks, its CFO and VP of Sales may well serve as one: per the SEC’s Associate Director of Enforcement, a company needs to have a “reasonable basis” if it makes public projections or estimates about future financial results: “The investing community expects that when companies choose to provide public financial projections, there is a reasonable basis underpinning those projections….When a company ignores red flags or takes steps to make public financial projections inaccurate we will take appropriate action.”
This SEC Order, In the Matter of The Dow Chemical Company, is a great refresher—at Dow’s expense, unfortunately for Dow—on the analysis required to determine whether or not certain expenses and benefits are perquisites or personal benefits that must be disclosed in the Summary Comp Table in the proxy statement. As you probably know, the analysis for determining whether an item is a disclosable “perk” can be very tricky to apply, especially when it involves the use of corporate jets by executives and their friends and families. The SEC claims that Dow applied the wrong standard altogether in its analysis, failing to disclose over a five-year period $3M in CEO perks and understating the CEO’s disclosed perks by an average of 59%. Dow settled the charges for a fine of $1.75M and also undertook to engage an independent consultant that would perform a review of Dow’s policies, procedures and controls and conduct training related to the determination of perks.