TOP TEN SOx AND RELATED ISSUES FOR PRIVATE COMPANIES AND THEIR DIRECTORS What private companies should be doing to avoid potential pitfalls arising from The Sarbanes-Oxley Act and recent Governance Rules.
Background of the New Rules Enron/Tyco The Sarbanes-Oxley Act adopted July 30, 2002 SEC has adopted (and continues) to adopt various rules implementing SOx NASDAQ and NYSE have adopted and proposed rules for improved corporate governance Recent courts rulings challenge traditional Board duties of care and loyalty and definition of an independent director
Top Five Reasons why Directors may want to IGNORE the New Rules??? You always wanted to do more community service You needed time to catch up on your summer reading You like wearing bright orange jumpsuits, especially on Saturday and Sunday mornings You always wanted to meet Sam Waskal You always wanted to read about yourself in the middle column of the Wall Street Journal
Common Myths SOx, NASD,NYSE and SEC rules only apply to public companies. Directors of private companies are not exposed to plaintiff shareholder litigation risk. Company indemnification and D&O insurance will cover us for any liability.
The Reality Certain SOx Rules do apply to private companies and states like California are proposing laws similar to SOx to cover private companies. Directors of private companies can be sued for breach of fiduciary duties from shareholders (and in certain cases creditors) just like public company directors. Indemnification and D&O Insurance may not be available due to exclusion (i.e., Disney Case) or even failure of the company.
Additional Reasons Why Private Companies Must be Evaluating SOx Rules IPO will trigger compliance with all SOx rules. (Advice: Try to be compliant 12 months in advance) Acquisition of the company by a public company will trigger SOx compliance. Failure to comply could kill deal or reduce price. Director duties of care and corporate governance standards are expected to follow best practices causing potential legal exposure for companies (and their directors) who fail to comply with certain aspects of the new rules.
Failure to Comply with Certain SOx Rules May Affect a Public Exit Bearing Point s recent disclosure regarding inadequate internal controls of a private company it acquired sent its stock price tumbling down. Findwhat.Com s acquisition of Espotting on hold until SOx compliant.
Certain SOx Rules Already Apply to Private Companies Penalties for retaliation against whistleblowers Penalties for destroying or tampering with documents Extension of the statute of limitations for securities fraud Bankruptcy does not discharge debts arising from securities law violations Increased criminal penalties for mail and wire fraud Potential officer and director bars for securities law violations
States May Want to Expand SOx Rules CA AB 55 (Enacted Law 2002) Added Disclosure. CA SB 523 (Enacted Law 2003) Added Disclosure and Reporting to the AG. CA SB 777 (Enacted Law 2003 Applies to Private Companies) Added Whistleblower protection CA AB 1031 (Enacted Law 2003) Enhanced penalties for securities law violations CA AB 664 (Introduced into CA assembly-applies to private companies) applies much of SOx
SOx Rules Will Breed Best Practices and Higher Standards of Conduct Board has fiduciary duties to manage the company in the best interest of the shareholders (and in certain cases the creditors). Duties include duties of care (making informed business decisions) and duties of loyalty (no-self dealing). Business Judgment rule generally will protect a director from a bad business decision if the director acted: on an informed basis, in good faith, in a manner that he or she reasonable believes to be in the best interests of the corporation and the shareholders, and without fraud or self-dealing.
VC and Affiliated Directors Need to be Aware of Conflicts of Interests All Directors have fiduciary duties to the Company and all Shareholders. Down round financings and mergers to affiliated portfolio companies create risk of claims of breach of fiduciary duties. (See Benchmark vs. Juniper Financial and Emerald Partners v. Berlin case.)
New Cases Already Indicate Higher Or Changing Standards Disney Case (Del) Duty of Care and Bad Faith President Compensation Cogan Case (NY) Duty of Care CEO Compensation and Loans. Directors held personally liable. Oracle Case (Del) Definition of Independent Director Abbott Labs (7 th Circuit) (Breach of Fiduciary Duty in failing to manage business)
What Board s Should Be Doing to Protect Themselves Board should focus on and approve all important matters (Abott Labs). Identify and minimize conflicts of interests (Oracle). Act on an informed basis (Ovitz). Rely on Experts.
Proposed New Corporate Accountability Sentencing Guidelines Apply to All Companies Board responsible for creating policies and a culture of legal compliance. Companies need to adopt legal compliance standards and procedures. Companies should appoint an officer with authority to enforce legal compliance standards. Companies should adopt anonymous reporting system for misconduct. Failure to comply will lead to potentially higher fines and no credit for sentencing points.
New Cases Show SEC Targeting Facilitators The customer who signs a side letter to help a vendor to improperly record revenue. Side letter included secret right to return products. Logicam Insurer AIG charged with helping Brightpoint to overstate earnings by paying premiums or income statement smoothing insurance. AIG paid $10 million fine. E&YAuditor was arrested for tampering with NextCard s books and accounting records.
Practical Tip: Corporate Compliance Program Board of Directors Board Audit Committee Corporate Compliance Committee Coordinator Functional Officers Subject Matter Experts Reporting Units Audit Committee(s) Compliance Personnel Corporation Auditing
Number 10: Loans to Insiders SOx prohibits loans to insiders. Private companies should not offer top management a right to purchase capital stock through promissory notes. No relocation loans. Need to provide for repayment in full upon SOx trigger. Grandfather of pre July 02 loans
Number 9: Adequate Stock Option Plans NYSE and NASDAQ require stock option plans (and changes and increases) to be approved by shareholders (and not just the Board). It will now be critical that an adequate and flexible stock option plan be adopted prior to an IPO. Potential FASB rule requiring expensing of options is possible in 2004.
Number 8: Use of Off-Balance Sheet Transactions Enron disaster was triggered by off-balance sheet financings. Synthetic Leases and similar transactions may be covered. SOx requires disclosure of all off-balance sheet transactions, including disclosure of contingent liabilities. Private companies need to be cautious in using this form of financing.
Number 7: D&O Insurance Risks and No Bankruptcy Discharge of Securities Law Violations D&O insurance premiums have increased and companies policies are being cancelled. D&O exclusions growing (securities law claims may not be covered -beware of Disney case). D&O carriers viability need to be reviewed. No bankruptcy discharge of securities law violations.
Number 6: Auditor Independence Companies (Audit Committees) need to evaluate qualification of auditors as well as independence. SOx restricts non-audit services to be conducted by the companies auditors: SOx prohibits HR, appraisal and valuation services, system designs and implementation, book-keeping, audit outsourcing, management functions; Audit committee needs to pre-approve all audit and permitted non-audit services and compensation; and Auditors need to report directly to audit committee. Private companies should monitor auditor services so company can be compliant when going public.
Number 5-3: Corporate Governance Overhauls Internal Controls Codes of Ethics Independent and Competent Audit Committees Independent Compensation and Nominating Committees Corporate Governance Committees New Corporate Governance Ratings (in addition to Credit Ratings)
Number 5: Internal Controls SOx will require CEOs and CFOs to certify to the adequacy of their internal controls (i.e. financial accounting and proper procedures). SOx will require auditors to opine to the adequacy of the internal controls. Private companies will need to review and implement proper controls in advance of an IPO or sale to public company. Bearing Point Case and Findwhat.com.
What are Internal Controls? Management must provide reasonable assurance regarding the reliability of financial reporting, including policies and procedures which: Pertain to the maintenance of records; Proper recording of transactions; Receipts and expenditures are made only in accordance with appropriate management or board authorization; and Prevention or timely detection of unauthorized acquisition, use or sale of Company assets.
Number 4: Codes of Ethics and Whistleblower Procedures SOx, NASD and NYSE require issuers to adopt Codes of Ethics and whistleblower protections. State laws require protection for whistleblowers. Audit Committee must adopt resolutions approving the Code of Ethics. Audit Committee must adopt procedures for the confidential and anonymous receiving, retaining and addressing of complaints relating to accounting or auditing matters. CA AB 777 will require all beginning 1-1-04 companies to post a hot -line number to the CA Attorney General s office for whistleblowers.
Number 3: Expanded Duties of an Independent Audit Committee Composition of the Committee SOx requires disclosure whether a company has at least one financial expert on its audit committee and All members must be independent. NYSE proposed rules require a financial expert. NASDAQ: all members must be financially literate and one must be financially sophisticated.
Definition of Independent NASDAQ and NYSE proposed rules expand the criteria for a director to be deemed independent. Courts are looking to the new standards (See Disney). Under proposed rules, criteria for independent directors include: Neither the director nor any immediate family member is currently employed as an executive officer, or has been employed by the company for the last 3 years. Neither the director nor a family member accepted payment in excess of $60K (NASD) or $100K (NYSE) during the current year or during the prior 3 years other than compensation for Board service or investments in the company s securities.
Definition of Independence (Continued) is or was employed as an executive officer of another entity where any of the company s executive officers serve on the compensation committee during the prior 3 years. is or whose immediate family member is a partner, director, officer, controlling shareholder of any organization to which the company made, or from which the company received payments that exceeds 5% (NASD) or 2% (NYSE) of the recipient s gross revenues or $200K (NASD) or $1 million (NYSE), whichever is more in the current year or each of the prior 3 years.
Audit Committee Expanded Duties Audit Committee directly responsible for appointment, compensation and oversight of the outside auditors. Audit Committee responsible for adoption of whistleblower procedures. Audit Committee responsible for adoption of polices on non-tampering or influence of auditors. Audit Committee must have power to retain independent counsel and advisors. [ Executive Sessions at least annually of nonmanagement directors].
Number 2: No Tampering or Improper Influence of Audits or Audit Documents/Obstruction of Justice Both SOx and State laws are expanding penalties for improper influence of audits or tampering of documents. Audit Committee of Board responsible for establishing policies. Actions May Lead to Criminal Exposure. Andersen, Quattrone, Next Card Auditor, Rite Aid General Counsel.
Number 1: CEO and CFO s Certifications and Forfeiture of Bonus and Equity Compensation SOx exposes CEOs and CFOs for personal liability for compliance and securities and accounting fraud through certifications. SOx requires or will require CEOs and CFOs to certify to the accuracy of the Company s financial statements and adequacy of the Company s disclosure controls and internal controls over financial reporting. Rules require that internal controls be designed under the supervision of the CEO and CFO.
CEO and CFO Certifications (Continued) CEOs and CFOs forfeit bonus and equity compensation if the company is required to restate its financials due to material noncompliance, as a result of misconduct, with financial reporting requirements under the securities laws.
Recommendations for Private Companies Form Audit and Compensation Committees. Review Composition of Committees in Advance of SOx Trigger Event. Review Auditor Relationship and Internal Controls. Review and Adopt Code of Ethics and Whistleblower Procedures. Review and Adopt Overall Legal Compliance Procedures. Train Executives and Employees.
Conclusion Directors at private companies must learn SOx to position the company for a public company exit Directors need to be aware of best practices so as to avoid liability for breach of duties of care