On January 25, 2016, Andrew Ceresney, Director of the Division of Enforcement (the Division) of the Securities and Exchange Commission (SEC), gave the keynote address at the 2016 Directors Forum. His focus was on the Division’s enforcement efforts in the area of public company reporting and disclosure over the past few years. Ceresney highlighted the increased number and quality of financial reporting cases brought by the Division as a result, in part, of the work of the Financial Reporting and Audit Group (the FRAud Group). The FRAud Group is an outgrowth of the Financial Reporting and Audit Task Force announced by the SEC in 2013.1
Since its inception, the FRAud Group has increased in size by adding 35 attorneys and accountants as “liaisons.”2 The FRAud Group is not a formal unit within the SEC—it is a collective effort among offices and personnel coordinating and identifying issues and trends in financial reporting and disclosures on a proactive basis. With the increased resources and personnel, the FRAud Group has been able to assist the Division in bringing more enforcement actions in this area. Indeed, in his remarks at the Directors Forum, Ceresney indicated that, excluding follow-on proceedings, the SEC “more than doubled its actions in the issuer reporting and disclosure area—from 53 in fiscal year 2013 to 114 in fiscal year 2015.”3 He also indicated that, in fiscal years 2014 and 2015, the Division charged 128 and 191 parties, respectively, with issuer reporting and disclosure violations, “a significant increase over the prior years.”4 In addition, Ceresney noted “some signs of progress in the issuer reporting area” including that “restatement trends are flat over the last five years, and down significantly from [the] last decade.”5
Ceresney highlighted some traditional areas of focus of enforcement actions in the financial reporting and disclosure fraud area “with some new twists,” including revenue recognition, valuation and impairment issues, earnings management, missing or insufficient disclosures, internal accounting controls, and clawbacks of bonuses and incentive-based compensation.6
Some of these “new twists” include an increased focus on abuses of specialized accounting methods, including issues with percentage of completion accounting, valuation adjustments and management discretion as avenues for improperly enhancing reported financial results. He also noted aggressive use of the SEC’s authority under Section 304 of Sarbanes-Oxley (SOX) to claw back executive compensation.7 On February 17, 2016, the SEC announced that, in connection with settled charges brought against Marrone Bio Innovations and one of its former executives for inflating financial results to meet projections, the company’s CEO and former CFO voluntarily reimbursed the company $15,234 and $11,789, respectively, for incentive-based compensation received following the misstated financial statements.8 The CEO and former CFO were not charged with any misconduct, but this case is indicative of the SEC’s continued aggressive stance on clawbacks, given the small amounts involved.9
Ceresney also discussed the importance of gatekeepers in the financial reporting process, noting that “gatekeepers are critical to helping ensure that issuers make timely, comprehensive, and accurate disclosure[s].”10 Indeed, “[a]udit committee members and external auditors in particular are among the most important gatekeepers in this process, and each has a responsibility to foster high-quality, reliable financial reporting.”11 SEC Chair Mary Jo White also stressed the importance of gatekeepers in her Keynote Address at the 2015 AICPA National Conference. Chair White noted that her audience—preparers, auditors, audit committee members and their advisors—“is a very important one for the SEC. Investors, issuers, and the markets all depend on the work [these individuals] do and the judgments [they] make.”12
Chair White also noted that, since she became Chair, “the staff has reinvigorated its investigative and enforcement efforts” in the area of financial reporting and disclosures “with a focus on issuers and gatekeepers.”13 She noted that the SEC continues to closely scrutinize “the gatekeepers of financial reporting, continuing to hold accountants, auditors, and audit committees accountable in appropriate circumstances.”14
Both Ceresney and Chair White referenced two recent actions brought against national audit firms BDO and Grant Thornton, as well as individual auditors from those firms.
In September 2015, the SEC alleged that BDO and five of its partners dismissed or ignored various red flags and issued false and misleading unqualified audit opinions about the financial statements of one of BDO’s audit clients.15
The allegations against Grant Thornton and two of its partners also arose from the firm’s disregard of numerous red flags and other warnings concerning alleged fraud at two publicly traded audit clients, both of which became the subject of subsequent SEC enforcement actions for improper financial reporting.16 The SEC alleged that the Grant Thornton engagement partner overseeing both audits had previously received warnings regarding the quality of her work, and further alleged that Grant Thornton and the engagement partners “repeatedly violated professional standards.”17
Ceresney noted a few “important takeaways” and lessons from these two cases: (i) “auditors need to demand objective evidence and investigation when they come across situations which suggest inaccuracies in the company filings”; (ii) “national office personnel need to be the bulwark against client pressure”; (iii) “audit firms must not retreat from demanding an internal investigation unless they obtain evidence that dispels the issues that led them to request such an investigation in the first place”; and (iv) “engagement partners need to be actively monitored to ensure that they are fully capable of fulfilling their critical role as gatekeepers.”18
External auditors are not the only gatekeepers that have fallen under the scrutiny of the SEC in the past few years. Ceresney also discussed the three cases brought against audit committee chairs, which he noted “provide helpful guidance on the type of failures that will attract our attention.”19
In early 2014, the SEC charged AgFeed Industries, Inc. and its top executives with allegedly conducting a massive accounting fraud scheme involving reporting fake revenues from its China operations in order to meet financial targets and inflate its stock price.20 The SEC alleged that the company’s audit committee chair learned facts that suggested that the Chinese sales were inflated but, rather than conduct an internal investigation, he ignored the red flags of fraud and signed off on the publicly filed financial statements.21
In another recent case, the SEC charged an issuer’s former audit committee chair for signing the Form 10-K annual report that she knew or should have known contained a false SOX certification.22 Finally, the SEC found that the former audit committee chair of MusclePharm Corporation signed off on several filings that did not fully or accurately disclose the extent of executive perks.23
Ceresney noted that “[t]he takeaway from these cases is straightforward: when an audit committee member learns of information suggesting that company filings are materially inaccurate, it is critical that he or she take concrete steps to learn all relevant facts and cease annual and quarterly filings until he or she is satisfied with the accuracy of future filings.”24
Ceresney closed his remarks by highlighting some of the technological advances the FRAud Group and others within the SEC are using to detect possible financial misconduct, noting that, “[h]istorically, [the Division’s] enforcement efforts have been reactive, arising from restatements or some other public disclosure. We have attempted in recent years to be more proactive in our enforcement efforts, to try to detect misconduct before it becomes public.”25 One key way the Division is doing this is by “leveraging data available” to it.26 Last year, the Division of Economic and Risk Analysis (DERA) announced the Corporate Issuer Risk Assessment program (CIRA), a tool that aggregates and organizes corporate issuer financial information.27 CIRA expands upon the “accounting quality model” (AQM) previously developed by the SEC. According to Mark J. Flannery, Chief Economist and Director of DERA, the tools developed under CIRA “seek to identify situations or activities at corporate filers that warrant further inquiry. The original (AQM) effort focused on estimates of earnings quality and indications of inappropriate managerial discretion in the use of accruals.”28 With the development of CIRA, earnings quality and discretion in the use of accruals are only two of more than 100 custom metrics provided to the SEC.29 For example, the SEC can look at how inventory is moving relative to sales, various performance metrics such as stock price or total shareholder return, and dozens of standard financial ratios such as return on assets and return on equity.30
Ceresney noted that “CIRA’s multiple dashboards enable the staff to compare a specific company to its peers in order to detect abnormal, relative results, focus on particular financial reporting anomalies, and generate lists of companies that meet the criteria for further analysis.”31 Indeed, as a result of this “homegrown” tool, the FRAud Group is focused on identifying cases it would not otherwise find, “finding new ways to utilize [its] resources and developing new resources, and building out a methodology for proactive identification of financial reporting and audit issues.”32 At the annual SEC Speaks conference, held in Washington, D.C. on February 19 and 20, 2016, Margaret McGuire, the chair of the FRAud Group, highlighted the value of CIRA, noting that a significant benefit to CIRA is that the program can be tailored and refined to suit their needs, and it allows the FRAud Group and the staff to do things with the “click of a mouse” whereas, prior to the development of CIRA, it would have taken months.
While the Division remains focused on more traditional areas of financial fraud such as revenue recognition and earnings management, it is also clear that, with the assistance and cooperation of the FRAud Group, the Division is being more proactive, instead of reactive, with respect to possible financial and disclosure fraud. They are not waiting for the next restatement to occur or material event to be announced. The Division, in conjunction with the FRAud Group, is taking a risk-based approach to identifying potential areas of financial misconduct through the use of sophisticated technology and, as a result, reporting companies can expect to see an increase in the number of subpoenas issued by the SEC in this area.