TheCorporateCounsel.net

Here’s something I blogged yesterday on CompensationStandards.com: When the SEC adopted the pay ratio rule four years ago, it repeatedly stressed that company-to-company comparisons would be meaningless. The adopting release said:

As we noted in the Proposing Release, we do not believe that precise conformity or comparability of the pay ratio across companies is necessarily achievable given the variety of factors that could cause the ratio to differ. Factors that could cause pay ratio to differ from one company to the next include differences in business type, variations in the way the workforces are organized to accomplish similar tasks, differences in the geographical distribution of employees, reliance on outsourced workers, and the variations in methodology for calculating the median worker. Consequently, we believe the primary benefit of the pay ratio disclosure is to provide shareholders with a company-specific metric that they can use to evaluate the PEO’s compensation within the context of their company.

That message stuck: most people seemed to understand that the ratio would be company-specific, and there was a pretty “ho-hum” reaction to the first year of pay ratio disclosure. But, you might say, “What about tracking changes to a particular company’s ratio over time, to monitor how CEO pay increases compare to everyone else’s? Won’t that be useful?” More than a few people predict that pay ratio will garner more attention going forward, because shareholders & others will compare a company’s current year number to prior years.

The problem with that, as this WSJ article points out, is that the same factors that make comparisons among different companies meaningless are also things that can change from one year to the next at a single company. And as I’m sure you can guess, those changes cause big swings in the ratio. So for many companies, pay ratio doesn’t even provide meaningful year-over-year info (at least, about the relationship between CEO & employee pay). Here’s a couple of examples from the article:

Median pay at Jefferies Financial jumped to $150,000 last year from $44,584 in 2017 after the holding company sold most of its stake in its National Beef meat-processing unit in June 2018, cutting its workforce to about 4,600 from 12,600. The 2017 median employee at the company, formerly called Leucadia National, was an hourly line worker at National Beef, while last year’s was a senior research associate in the company’s Jefferies LLC financial-services operation.

Coca-Cola slashed its median pay figure by two-thirds after it finished shifting North American bottling operations to franchisees and acquired a controlling interest in African operations. The 2017 median worker was an hourly full-timer in the U.S. making $47,312, while last year’s made $16,440 as an hourly full-timer in South Africa. In its proxy statement, Coca-Cola said it intends to shed the African operation again after making improvements and offered an alternative median employee excluding that unit: an hourly full-timer in the U.S. making $35,878, about 25% less than his or her 2017 counterpart.

I will say, companies are making the most of what they have to work with (thanks in large part to the flexibility the SEC incorporated into the rule). And for better or worse, the “median employee” data point might illustrate to people how company policies & strategies play out in the workforce. But a single data point can’t tell the whole story – and the pay ratio itself remains pretty useless.

Internal Auditors Worry Boards Aren’t Using Them Enough

This survey of chief audit executives & directors, compiled by the Institute of Internal Auditors, suggests that enhancing internal audit’s role could help directors identify & mitigate emerging risks. Here’s a few of their recommendations (also see this and this CFO.com article and this Cooley blog):

– While cyber and IT issues have grown to represent nearly 20% of the average audit plan, CAOs still think there’s a shortage in the resources and skills that would allow them to protect the company from significant cyber incidents. Audit committees should ask about obstacles to internal audit’s performance in this area.

– At about 60% of companies, internal audit either never reviews board materials, or does so only for unusual situations. Copying the CAO on board materials would allow them to provide negative assurance on its accuracy, completeness, timeliness, transparency, and reliability. According to this WSJ article, the lack of corroboration worries auditors, who feel that audit committees aren’t exercising “professional skepticism,” and aren’t ensuring that necessary controls are in place.

– Organizational monitoring of third-party relationships is viewed by nearly half of CAOs as ad hoc or weak. CAOs must elevate concerns about weak controls on third-party risks to the audit committee. These relationships require the same level of risk management as any that affect the organization directly.

– 75% of CAOs report to the CFO – which is concerning because they may focus disproportionately on financial risks and overlook areas such as reputational & cyber risk. Internal audit can take on a greater role in oversight of emerging risks by monitoring “key risk indicators” for the company.

– Variances in audit committee structure and responsibility create the real possibility that in some organizations internal audit is not involved with committees that handle critical issues, such as cybersecurity and overall risk governance. For example, in many organizations, risk and IT committees, not audit committees, are tasked with overseeing cybersecurity and cyber preparedness. Such conditions could handicap internal audit’s ability to deliver perspectives about those vital risk domains. CAOs should be present and able to share information at these committee meetings.

“Changes in Accounting Estimates” Linked to Low-Quality Financial Reporting

Accounting isn’t as “black & white” as people sometimes think. This Audit Analytics blog highlights the tendency for people to overlook the significant judgment calls that are involved in financial reporting – and it takes a look at what it can mean when those judgments change. Here’s an excerpt:

Changes in Accounting Estimates (CAEs) are a normal part of periodic reviews of both current and future benefits and obligations. These estimates are recorded as new information appears. From an accounting perspective, the disclosure is governed by ASC 250, which requires all material changes in estimates to be disclosed.

The PCAOB proposed amendments to ASC 250 a couple of years ago, because it views this area as one of the riskiest parts of an audit. The blog walks through three studies that lend support to the PCAOB’s belief – and encourages auditors to be very skeptical of CAEs. Here’s the conclusion:

All three working papers found evidence that CAEs can lead to lower quality of financial reporting. Whether it may be from opinion shopping, managerial opportunism or an unintentional misstatement, these CAEs have been positively associated to subsequent restatements. This can lead to poorer financial quality which, in turn, can impede the assessment of earnings quality making it harder to accurately assess a company’s performance.

– Liz Dunshee