The PCAOB recently added a “Fraud Risk Resources” page to its website. While the materials on this page are intended to assist auditors in complying with their obligations to consider fraud during the course of an audit, the information the PCAOB provides there is also likely to be of assistance to audit committees in understanding those obligations and their implications for the audit process. Here’s an excerpt from the discussion of the auditor’s obligations with respect to the risk assessment process:
PCAOB standards require auditors to perform risk assessment procedures that are sufficient to provide a reasonable basis for assessing the risks of material misstatement, whether due to error or fraud, and designing further audit procedures. The risk assessment procedures required by PCAOB standards are intended to direct the auditor to identify external and company-specific factors that affect risks due to error or fraud, such as, fraud risk factors, for example, factors that create pressures to manipulate the financial statements.
Some required risk assessment procedures and procedures performed when identifying and assessing risks are directed specifically at risks of material misstatement due to fraud (“fraud risks”), such as:
– Conducting a discussion among the engagement team members of the potential for material misstatement due to fraud;
– Inquiring of the audit committee, management, internal auditors, and others about fraud risks;
– Performing analytical procedures relating to revenue for the purpose of identifying unusual or unexpected relationships involving revenue accounts that might indicate a material misstatement, including material misstatement due to fraud;
– Considering factors relevant to identifying fraud risks, including in particular, fraud risks related to improper revenue recognition, management override of controls, and risk that fraud could be perpetrated or concealed through omission of disclosures or presentation of incomplete or inaccurate disclosures; and
– Evaluating the design of controls that address fraud risks.
A substantial number of the other required risk assessment procedures also can provide information that is relevant to the auditor’s consideration of fraud.
Other topics addressed by the PCAOB here include acceptance and retention of audit engagements, audit planning, responses to the risk of material misstatements, and fraud considerations in ICFR audits.
I’m still a little jet lagged after returning from our conferences in San Francisco, and it’s been a slow news week, so I was delighted to find a recent Florida federal district court decision addressing one of my favorite topics – celebrities who get themselves sideways with the federal securities laws. In Harper v. O’Neal, (SD Fla. 8/24), the plaintiffs alleged that NBA Hall of Famer Shaquille O’Neal was liable for losses suffered by investors in the Astrals Project, a business venture involving an investment in NFTs that could be used in a virtual world in which users could socialize, play, and interact with other users (sounds similar to Method Man’s NFT project).
Anyway, after FTX blew up, the Astrals Project apparently fell apart, and the plaintiffs sued Shaq, who they allege was the “driving force” behind the project and was actively involved in promoting it through various social media channels. Shaq and the other defendants argued that this wasn’t enough for him to be considered a “seller” for purposes of Section 12(a) of the Securities Act, but the Court disagreed:
Defendants argue that the Amended Complaint fails to allege that Defendant O’Neal “successfully solicited” Astrals and Galaxy tokens to Plaintiffs, 1et alone that he did so to further his or the Astrals Project’s financial interests. Further, Defendants argue that Defendant O’Neal did not directly sell or persuade Plaintiffs to buy Astrals products. However, as cited above, the Wildes panel specifically clarified that solicitation need not be “personal” or “targeted” to trigger liability. See Wildes, 25 F.4th at 1346.
The Complaint alleges that O’Neal, in a video, claimed that the Astrals team would not’ stop until the price of Astrals NFTS reached thirty $SOL and urged investors to “[h]op on the wave before it’s (sic) too late.” Defendant O’Neal acted like the Wildes promotors that urged people to people to buy BitConnect coins in online videos. Wildes, 25 F.4th at 1346.
O’Neal also personally invited fans to an Astrals Discord channel, where he interacted directly with them on a daily basis, reassuring investors that the project would grow. Lastly, Defendant O’Neal’s own financial interests were in mind. The Complaint states that Defendant O’Neal was one of the founders of the Astrals Project. Further, the Astrals Project was his brainchild that he personally developed, and his son was named head of “Investor Relations.” Therefore, Plaintiffs have met the definition of a seller and thus alleged enough to state a Section 12 claim against Defendant.
However, the news wasn’t all bad for Shaq. Despite his status as an alleged founder of the Astrals Project, the Court held that he should not be regarded as a control person under Section 15 of the Securities Act, because the plaintiffs failed to plead how or in what way he used that status to direct the management and policies of the Astrals Project.
Okay, I know this is supposed to be a blog devoted to securities law and corporate governance topics, but there’s a 0% chance that I’m not going to blog about last night’s ALCS game, also known as “The Greatest Baseball Game I’ve Ever Seen.” I can’t come up with adequate words to describe the Cleveland Guardians’ incredible extra innings victory over the New York Yankees, so I’ll just let the great Tom Hamilton do the talking for me:
Yes, Yankee fans (and your $300+ million payroll), I know they’re still down 2-1, and like every Cleveland fan, I know that Heywood Broun was right when he wrote that “the tragedy of life is not that man loses, but that he almost wins.” Still, whatever happens, we’ll always have Game 3.
A recent letter from Sen. Elizabeth Warren (D-Mass) and Sen. Sheldon Whitehouse (D-RI) indicates that those two senators believe that the PCAOB is “all hat and no cattle” when it comes to addressing the problem of audit deficiencies. In 2023, PCAOB Chair Erica Williams blasted the approximately 40% audit deficiency rate found in a PCAOB staff report as “completely unacceptable” and highlighted the PCAOB’s efforts to address the problem. Earlier this year, in response to a new report indicating that audit deficiencies among Big 4 firms had stabilized, Williams observed that while the inspection results were still unacceptable, they “point to some small signs of movement in the right direction.”
An excerpt from the senators’ letter indicates that this response – and comments from another PCAOB board member concerning the most recent inspection report – didn’t sit too well with them:
In a statement upon the release of the report, Chair Williams commented that: “These inspection results point to some small signs of movement in the right direction.” This is the wrong conclusion to draw from an embarrassing and intolerable set of findings. Even more troubling is the PCAOB’s attribution of these systemically high failure rates—which appears to affect virtually all auditors—to “more isolated incidents” and outliers.
And at least one other PCAOB board member appears to be focused on downplaying and misdirecting attention from these atrocious findings. Last month, Board Member Christina Ho denied that the inspection results were a problem, instead claiming that “there is another side to the story,” and that “PCAOB has become overzealous in its enforcement program,” falsely claiming that the inspection results “lump[] all deficiencies together without a qualitative assessment of their severity.”
The letter says that the most recent inspection results on audit deficiencies “raise fresh questions about the accuracy and utility of public company audits and about the PCAOB’s ability to carry out its statutory role as auditor of the auditors.” It goes on to allege that either the standards established by the PCAOB are inadequate or the PCAOB is “failing to establish accountability for firms that do not meet them.” The senators’ letter then poses a series of pointed questions concerning the PCAOB’s efforts to hold firms accountable and seeking specific information on its enforcement program by October 23rd.
It’s worth noting that the last time Sen. Warren and her colleagues looked under the hood at the PCAOB, they ended up persuading SEC Chair Gary Gensler to clean house, so stay tuned. As we blogged at the time of that shakeup, the PCAOB had already proven to be a durable political football, and it appears that little has changed since then.
Last week, Liz blogged about the SEC’s recent enforcement action targeting a former CEO & director who did not disclose a close personal friendship with a company executive that the SEC contended resulted in misleading proxy disclosures concerning his independence. In a recent blog, Gunster’s Bob Lamm raises some concerns about this proceeding:
Why does this case concern me? Of course, once the board learned of the actions taken by the director/former CEO, it had every right to determine that he was not independent. However, it’s not at all clear to me that the actions in question violated the proxy rules. There have been many cases over the years in which directors were alleged – often by investors and/or the media – to have lacked independence because they belonged to the same country club, served on the same boards (including boards of charitable organizations), or generally hung out in the same social circles. Some of these cases generated calls for SEC rulemaking that would require disclosure of these informal relationships and thereby disqualify directors in such cases from being described as independent. However, for whatever reason (and I can think of a few), the SEC never took such action.
Similar situations have also resulted in judicial decisions disqualifying such directors from serving on committees of independent directors. Perhaps the most famous of these cases is a Delaware Chancery Court opinion, written by Leo Strine, in which two directors of Oracle were disqualified from serving on an independent committee due to their ties to Stanford University, which had received substantial donations from Oracle and/or certain of its directors.
However, to my knowledge, none of the cases referred to above resulted in an SEC enforcement action. In fact, the two Oracle directors continued to be listed as “independent” in Oracle’s proxy statements, and, to my knowledge, the SEC never brought a case against them or objected to the characterization in the proxy statements.
In light of this background, Bob goes on to say that this proceeding looks a lot like regulation by enforcement. In the SEC’s defense, in this action it not only alleges a failure to disclose the relationship, but also alleges that the director actively encouraged the executive to conceal its existence. That seems to me to be a meaningful difference between this situation and the ones that Bob references in his blog.
So, I’m not sure I agree with Bob here, but I think he is right to raise this issue. Regulation by enforcement is an increasing concern in an environment where the courts are becoming ever less deferential to SEC rulemaking. If the SEC can’t make new rules to address conduct it concludes is problematic, it will be tempted to push the envelope when it comes to the kind conduct that it contends violates existing rules. At some point, those efforts may call into question whether the due process rights of enforcement targets are being adequately protected.
The latest issue of The Corporate Counsel newsletter has been sent to the printer. It is also available now online to members of The CorporateCounsel.net who subscribe to the electronic format. The issue includes the following articles:
– Time for an Insider Trading Policy Tune-Up: Public Disclosure Is Here!
– ATMs: More Certainty for Baby Shelf Filers
Here’s a snippet from Dave’s insider trading piece with his thoughts on the treatment of gifts under insider trading policies in light of the SEC’s recent interpretive guidance:
For those companies that have not yet revisited the treatment of gifts in their insider trading policies in light of the Commission’s interpretive guidance over the past few years, now is a good opportunity to review the approaches taken by the early filers and determine which approach is best suited for addressing these types of transactions going forward.
While there is no one “right” approach to dealing with this issue, it is one that the Commission has particularly highlighted as an area for concern. A company may take the more conservative approach that we suggest in the Model Policy, or a more moderate approach as demonstrated by some of the early filers. In any event, it is important to address the issue directly to help the company avoid controlling person liability should an insider trading issue with a gift transaction ever arise for a person covered by the policy.
Please email sales@ccrcorp.com to subscribe to this essential resource if you are not already receiving the important updates we provide in The Corporate Counsel newsletter.
Over on Cooley’s “Governance Beat”, Broc recently blogged advice from in-house professionals on effective shareholder engagement practices. Here’s an excerpt with some of their recommendations:
– “To be an active listener. On some of these calls, you often go in with an agenda – particularly if you have specific things you’re trying to address on the call or if you’ve got your chair on the phone and they have things that they want to talk about. I think it’s critical to pause and hear what the investors are saying. Are you responding to what is being said as opposed to just sticking to the script that you went in with?”
– “Recognizing the differences among shareholders. An active manager may have very different interests and priorities than a passive manager. Speaking to an active manager as if they are a passive one is not going to go over well.”
– “Be very precise with your language. You may be having a terrific engagement and suddenly one thing is said that gives the impression that you’re not in tune with good governance practices. Recognize if that happens and rectify it. Every word matters. Having said that, tone is key and if you’re new to engagement, make it clear you are just dipping your toe into the engagement waters. You will find many investors to be polite and forgiving.
Other recommendations include the importance of keeping management in the loop about the results of engagement, being willing to take advice from your investors, and using shareholder engagement as part of your disclosure drafting process.
Listening to your shareholders ranked pretty high on the list of advice from investor relations professions set forth in Broc’s “Governance Beat” blog, and this excerpt from Glass-Lewis’s blog on the results of the recent proxy season provides some insight into the downside of not listening to the messages shareholders are sending:
Insufficient response to shareholder dissent grew to be the second most popular driver for an against recommendation from Glass Lewis. Despite the years in which the advisory vote on executive compensation has been part of the lexicon in U.S. corporate governance, there are still companies that pay little heed to shareholders’ display of disapproval. These are joined by companies who seem to believe any change to their pay programs demonstrates adequate response to the drivers of higher disapproval. For instance, companies such as Transdigm reported the adoption of a basic clawback policy as part of their attempt to address shareholder feedback while ignoring the 2023 recoupment policy mandated by NYSE and Nasdaq listing requirements.
Earlier this month, Dave blogged about the perils of companies voluntarily assuming responsibility for their insiders’ SEC reporting obligations & offered some suggestions on controls and procedures that companies should consider implementing to mitigate those risks. WilmerHale’s Greg Wiessner has a suggestion to add to Dave’s list:
Regarding Dave’s comment about further advice for managing Section 16 reporting, the one item I relied on while in-house is creating a strong, two-way relationship with any captive broker team. By establishing a trusting, close communication process, you will know when an insider is considering a transaction. This helped the company (and me!) so that I could head-off a forgetful insider or one who is getting too close to the line of trading while in possession of MNPI. While my experience is that brokers have automated reporting, I went beyond that system by asking the person executing the trades to include me early.
This is good advice – and reminds me of something similar that my former colleagues & I also found to be helpful. Most corporate bigwigs have experienced and smart assistants, and many rely on them to provide order to a large portion of their lives. If you’re the poor soul who is stuck with the task of beneficial ownership reporting compliance, it’s very helpful to ingratiate yourself to these folks and let them know that you need to be contacted before the insider purchases, sells or otherwise transfers any shares.
You can register to attend today’s conference online and receive access to the archive of yesterday’s program by visiting our online store or by calling us at 800-737-1271. Our conferences are bundled together into a single two-day event for registration and pricing, so your purchase will cover both events.
– How to Attend Online: Our conferences are hosted online through the RingCentral Events platform. When you register for the conferences, you’ll receive a registration confirmation email that will contain your personalized “Magic Link.” Just click on that link to be instantly directed to the event. The Magic Link acts as an “access pass” into the event. It is unique to you and cannot be shared with others. It bypasses the need for registered users to sign into RingCentral Events and brings you directly into your RingCentral Events account and into the event.
Once in the event, click the “Stage” button from the menu on the left of the webpage. In order to view the session currently playing on stage, you will need to press the play button on the video. If you need technical assistance, members of our team will be available via email at info@ccrcorp.com to assist you throughout the conferences.
– Access to Archives & On-Demand CLE: Your registration includes access to the conference archives, which will be available until October 15, 2025 – but you’ll need your confirmation email to access them so be sure to retain it! One big reason to make sure you do that is that if you can’t attend the conferences live, you may earn on-demand CLE credit by viewing the archives. See these “CLE FAQs for Archived Conference Sessions (ON DEMAND)” for more information.
– Thanks to Our Sponsors! A huge “thank you” to our sponsors who have helped make these events possible. Our platinum sponsor for this year’s conferences is Goodwin, our gold sponsors are Fredrikson and Kirkland & Ellis, our silver sponsors are Alliance Advisors, Cooley, Fintool, King & Spalding, Latham & Watkins, Morrison & Foerster, The Nuvo Group, and Wilson Sonsini. Our digital partner is Aon. Our media partner is Newsfile, and those of you who are attending in-person should be sure to check out our exhibitor, DragonGC. We are extremely grateful for the support of our sponsors!