National Cyber Security Awareness Month

NCSAM

October is National Cyber Security Awareness Month.

Check out the top tips to keep you safe online:

Fair Value Accounting: What Lawyers Need to Know

securitiesdocket

Bruce Carton of Securities Docket put together a great panel of securities and accounting experts to discuss the evolution of fair value accounting regulations and the impact of the guidelines in accounting and legal contexts.

Presenters

These are my notes from the webcast.

Fair value accounting records the estimated market value of many assets and liabilities on balance sheets. Although sometimes called “mark-to-market” but that is a misnomer. You need to estimate the value if there is no market for the asset. Fair value estimation methods were standardized by SFAS 157 (ASC Topic 820 –Fair Value Measurements and Disclosures) issued by FASB in 2007.

The standard came out just in time for the financial meltdown.

There are three types of measurement:

Level 1: Based on quoted prices in active markets for identical instruments.

  • Listed stocks, actively traded bonds.

Level 2: Based on observable (auditable) inputs used to estimate an exit value.

  • Two similarly situated buildings in a downtown real estate market.
  • OTC interest-rate swap, fair valued based on observable data such as the contract terms and the current LIBOR forward rate curve.
  • Contracts with option-like features, fair valued based on contract terms, observed volatility, interest rates.

Level 3: Based only on unobservable inputs and assumptions used by the company to estimate an exit value (i.e., where markets don’t exist or are illiquid).

  • CDOs, many financial derivatives, stock in unlisted companies.
  • Level 3 fair value estimates usually employ the company’s own models, notably variants of Discounted Cash Flow (Present Value) models.

Huge losses reported by financial firms on subprime assets led to a debate over the implementation of SFAS 157 when markets become illiquid and price inputs aren’t readily available. During the crisis, banks and investment banks were required to reduce the book value of mortgage-backed securities to reflect their current prices.Those prices declined severely with the collapse of credit markets as mortgage defaults escalated. Banks were forced to raise capital and quickly jettison some of thee securities to raise capital, further providing downward pressure on the values. So, banks and politicians have blamed fair value accounting for contributing to the crisis.

On the other side, fair value accounting gave a more realistic view of the financial health of an institution. One of the factors in the financial crisis was that parties did not trust the credit-worthiness of their counterparties. Fair value provides important information about the values of financial assets and liabilities, as compared to their historical costs (original price). There should be greater transparency allowed for better informed decisions. It also limits the ability to manipulate earnings by timing the sale of assets.

But there are downsides to fair value accounting. When markets are illiquid, fair value is a hypothetical transaction price that cannot be measured reliably. When fair values are provided by sources other than liquid markets, they are unverifiable and allow firms to engage in discretionary income management. By recognizing unrealized gains and losses, fair value accounting creates volatility in a company’s equity. This is particularly important for financial institutions because it affects their regulatory capital.

There is also the quirk of the fair value accounting for one’s own liabilities. Some banks reported gains because of a decline in quality of their debt. They recorded an income gain because they were more likely to default on their debt.

One of the issues in the financial crisis is that mortgage-back securities moved from Level 1 valuations to Level 3 valuations very quickly. Models were not established for valuations of these assets when they went toxic and cash flows dried up.

References:

Opportunities Exist to Improve DOD’s Oversight of Contractor Ethics Programs

hotline_poster

The Government Accounting Office released a report on the compliance and ethics programs of 57 government contractors each with yearly contracts over $500 million: Defense Contracting Integrity: Opportunities Exist to Improve DOD’s Oversight of Contractor Ethics Programspdf-icon

The report’s survey was conducted in September 2008, before the new Federal Acquisition Regulations were put in place to require compliance and ethics programs. As of December 2008, the government contractors are required to have a code of business ethics and conduct, an internal control system, and to disclose to the Government certain violations of criminal law, violations of the civil False Claims Act, or significant overpayments. In fiscal year 2008 alone, DOD’s hotline received nearly 14,000 contacts resulting in 2,000 cases referred for investigation.

The Report found two key areas where additional opportunities exist to improve DOD’s oversight. The first is in the area of verifying the existence of contractor ethics programs after contract award as part of contracting officers’ contract administration responsibility. Additional oversight of contractor ethics programs during contract administration could help ensure that contractor ethics programs are in place as intended. The second is in the area of DOD’s hotline program. The new FAR contractor ethics rules have the potential to make the DOD’s hotline program less effective by ultimately reducing contractor exposure to DOD hotline posters and diminishing the means by which fraud is reported under the protection of federal whistleblower laws. Nearly all of the major contractors surveyed in the report had in-house ethics and compliance programs that exempt them from displaying the DOD posters.

The GAO report ended with four recommendations to improve oversight of defense contractors’ ethics programs:

  1. Determine if other guidance is needed to clarify responsibility during contract administration responsibility for verifying the implementation of contractor ethics programs.
  2. Determine the need for displaying the DOD fraud hotline posters.
  3. Determine whether the hotline poster should inform contractor employees of their federal whistleblower protections.
  4. If there is a need for the DOD’s hotline posters, amend DFARS to require display posters regardless of whether contractor has its own posters.

References:

SEC’s Office of Compliance Inspections and Examinations Gets a Review

sec-ig

The SEC’s Division of Enforcement was not alone in getting a report from the SEC’s Inspector General: Improvements Needed Within the SEC’s Division of Enforcement. The Office of Compliance Inspections and Examinations also got a review from the Inspector General: Review and Analysis of OCIE Examinations of Bernard L. Madoff Investment Securities, LLC. pdf-icon

For this report, the Office of the Inspector General hired FTI Consulting, Inc. to help with the review. Not to be outdone by the report on the Division of Enforcement, FTI came up with 37 recommendations, topping the other report’s 21 recommendations.

So far that’s a total of three reports and 58 recommendations from the SEC’s Inspector General as a result of the Madoff incident.

References:

Improvements Needed Within the SEC’s Division of Enforcement

sec-ig

The SEC’s Inspector General, H. David Kotz, released his most recent report: Program Improvements Needed Within the SEC’s Division of Enforcement.pdf-icon

The report is sort of a follow-up to the Madoff Report. The Office of the Inspector General conducted a review “to identify systemic issues that would prevent Enforcement from accomplishing its mission to enforce the securities laws and protect investors and determine from discussions with staff and supervisors which programmatic improvements are needed.”

The Inspector General’s 21 recommendations are:

  1. Establish formal guidance for evaluating various types of complaints (e.g., Ponzi schemes) and train appropriate staff on the use of the guidance. The guidance should address the necessary steps and key information required to be collected when conducting preliminary inquiries of various types of complaints, specify what information should be documented, and list whom should be consulted in other offices within the SEC with relevant expertise in various subject matters and other pertinent data.
  2. Ensure the SEC’s tip and complaint handling system provides for data capture of relevant information relating to the vetting process to document why a complaint was or was not acted upon and who made that determination.
  3. Require tips and complaints to be reviewed by at least two individuals experienced in the subject matter prior to deciding not to take further action.
  4. Establish guidance to require that all complaints that appear on the surface to be credible and compelling be probed further by in-depth interviews with the sources to assess the complaints validity and to determine what issues need to be investigated. Such guidance should also require that staff obtain all relevant documentation related to such complaints.
  5. Provide training to staff to ensure they are aware of the guidelines contained in Section 3.2.5 of the Enforcement Manual and Title 17 of the Code of Federal Regulations, Section 202.10 for obtaining information from media sources.
  6. Annually review and test the effectiveness of its policies and procedures with regard to its new tip and complaint handling system. Enforcement should also modify these policies and procedures, where needed, to ensure adherence and adequacy.
  7. Put in place procedures to ensure that investigations are assigned to teams where at least one individual on the team has specific and sufficient knowledge of the subject matter (e.g. Ponzi schemes) and the team has access to at least one additional individual who also has such expertise or knowledge.
  8. Train staff on what resources and information is available from the national specialized units and when and how assistance from these units should be requested.
  9. Make it mandatory that planning memoranda be prepared during an investigation and that the plan includes a section identifying what type of expertise or assistance is needed from others within and outside the Commission. The plan should also be reviewed and approved by senior Enforcement personnel.
  10. Require that after the planning memorandum is drafted, it is circulated to all team members assigned to the investigation, and all team members then should meet to discuss the investigation approach, methodology and any concerns team members wish to raise.
  11. Establish procedures so that junior-level Enforcement attorneys who are having difficulty with obtaining timely assistance from outside offices are able to escalate their concerns to senior-level management within Enforcement.
  12. Conduct periodic internal reviews of any newly implemented policies and procedures related to information sharing with Divisions and Offices outside of Enforcement to ensure they are operating efficiently and effectively and necessary changes are made.
  13. Require that the planning memorandum and associated scope, methodology and timeframes be routinely reviewed by an investigator’s immediate supervisor to ensure investigations remain on track and determine whether adjustments in scope, etc. are necessary.
  14. Ensure that sufficient resources, both supervisory and support, are dedicated to investigations upfront to provide for adequate and thorough supervision of cases and effective handling of the investigations.
  15. Put in place policies and procedures or training mechanisms to ensure staff have an understanding of what types of information should be validated during investigations with independent parties such as the Financial Industry Regulatory Authority, Depository Trust Company, and Chicago Board Options Exchange.
  16. Include in its complaint handling guidance proper procedures for ensuring complaints received even if an investigation is pending closure, are properly vetted.
  17. Conduct periodic internal reviews to ensure that MUIs are opened in accordance with any newly developed Commission guidance and examine ways to streamline the case closing process. Enforcement should also ensure staff have adequate time in which to complete these types of administrative tasks.
  18. Put in place a process to periodically remind staff of their responsibilities regarding impartiality in the performance of official duties and instruct staff where they can find additional information regarding impartiality.
  19. Establish or utilize an existing working group to analyze the OIG survey information regarding staff concerns over communication of program priorities and make recommended improvements to the Director of Enforcement.
  20. Establish or utilize an existing working group to analyze the OIG survey information regarding staff concerns regarding case handling procedures within Enforcement and make recommended improvements to the Director of Enforcement.
  21. Establish or utilize an existing working group to analyze the OIG survey information regarding staff concerns over working relationships within Enforcement and make recommended improvements to the Director of Enforcement.

Robert Khuzami, Director of Enforcement, responded to the Inspector General’s report (The response is in Appendix IV of the report.) and concurred with all 21 recommendations.

References:

Facebook, Twitter, LinkedIn and Compliance: What Are Companies Doing?

SCCE policies

The Society of Corporate Compliance and Ethics and the Health Care Compliance Association conducted a survey among compliance and ethics professionals in late August 2009 to see what employers are doing about the use of these sites by their employees.

They got back almost 800 responses from their members using an online survey tool.

  • 50% of respondents reported that their company does not have a policy for employee online activity outside of the workplace
  • Of those companies that do have a policy, 34% include it in a general policy on online usage
  • Of those companies that do have a policy, just 10% specifically address the use of social network sites

“While the data indicates that many organizations have had to discipline employees for improper activity online, the fears may outweigh the actual risks. A survey asking about discipline regarding improper email usage would likely yield much higher numbers.”

Facebook, Twitter, LinkedIn and Compliance: What Are Companies Doing? pdf-icon

Managing Risk in the Financial Sector

managing-compliance

On Sept. 16, 2009, Compliance Week and Navigant Consulting presented an exclusive editorial roundtable about compliance practices at financial services firms at The Mandarin Oriental Hotel in Boston.

(Apparently not so exclusive, considering I was able to get in. I even made it into one of the article’s pictures. – That’s me eating my fingers in the background.)

Compliance Week Editor-in-Chief Matt Kelly moderated the session, which featured Daniel Bender and John Schneider of Navigant Consulting. The full roster of participants is in the article’s sidebar.

You can read more about what we discussed during the roundtable in an article in Compliance Week: Managing Risk in the Financial Sector. (Subscription Required)

A few of my favorite quotes from the article:

Lou Iglesias, chief compliance officer of PanAgora Asset Management: Part of the role of a compliance and risk officer is “being a student of history” and learning from past industry mistakes. “And you don’t have to look back too far to find them.”

James Bone, founder of GlobalComplianceAdvisors LLC: Because there is no school for compliance, continually developing new staff to keep up with regulations is also a challenge. Even if you have an unlimited budget to hire talent, “finding people who have the right skill-set to do the things that you need to get done” isn’t always easy.

Governing Corporate Compliance and New Governance

Miriam-Baer

Miriam Baer of the Brooklyn Law School published an interesting article on “New Governance”: Governing Corporate Compliance. The professor rejects the notion that adversarial relationships produce good regulation. She looks towards the “theory of regulation characterized by a collaborative tone between regulator and regulated entity, a problem-solving orientation, continuous assessment and revision of both expected outcomes and implementation processes, pooling of information by and among regulated entities and regulators, and inter-agency cooperation.”

She views compliance programs as “instrumentalities of hard law: formal regimes designed to supply internal monitoring and punishment, so that the firm can then assist the government in fulfilling its duties of external monitoring and punishment.” Of course you are not going to get a cooperative method of regulation when the primary response to corporate wrongdoing is the prosecution and punishment of individuals. Executives put compliance programs in place because it is good business. They also implemented them because they don’t want to go to jail. Executives are increasingly being punished for the bad acts of their frontline employees.

The professor advocates a model in which “regulators and regulated entities would treat compliance problems—even large scale violations of criminal law—as a symptom of a continuing problem to be addressed over time, rather than as a cultural failure that could be “cured” by some combination of prosecutorial threat and internal ethics remediation.”

Thanks to Ellen S. Podgor of the White Collar Crime Prof Blog for pointing out the article: .

References:

Workplace Challenges of Influenza (Seasonal and H1N1)

h1n1-virus

Have you gotten your flu shot yet?

I noticed the leaves changing colors in my backyard. That means the annual influenza season is approaching. This year we also get the second round of the Swine Flu. (The pork industry prefers that we use the H1N1 designation instead.) It looks like this second round of H1N1 will be more of a problem than the spring outbreak.

The Centers for Disease Control and Prevention has released its Guidance for Business and Employers to Plan and Respond to the 2009-2010 Flu Season and the Department of Homeland Security has released its Planning for 2009 H1N1 Influenza: A Preparedness Guide for Small Businesses.

You should review your policies designed to protect their healthy employees, guard the privacy of sick employees, and comply with applicable legal requirements. That means you need to be familiar with the Family and Medical Leave Act, the Americans with Disabilities Act, the Fair Labor Standards Act, the Health Insurance Portability and Accountability Act, the Occupational Safety and Health Act, as well as your own internal attendance policies, collective bargaining obligations, employee benefits, and insurance law. Throw some state and local laws into the mix.

The key will be to encourage your sick workers to stay home and not punish them for staying out sick.

References:

Corporate Responsibility Weathering the Economic Storm

State of Corporate Citizenship in the United States

The Boston College Center for Corporate Citizenship released their findings in the 2009 State of Corporate Citizenship in the United States.

Despite the upheaval in the economy, a majority of U.S. companies are not making major changes in their corporate citizenship practices. Of those who made changes: 38% reduced philanthropy/giving, 27% increased layoffs, and 19% reduced R&D for sustainable products.

The State of Corporate Citizenship in the United States 2009 is a joint project of the Boston College Center and The Hitachi Foundation. The report is free, but requires registration.