PCAOB – SEC – Grant Thornton – ALC/Broadwind – Game Changers, If It Continues

The PCAOB is causing a change in the auditing profession, and for those in the auditing profession who aren’t changing, they really must change or eventually they will be out of a job. The change, however, will only continue as long as the PCAOB continues to seriously evaluate auditing firm practices and diligence, and publish its findings or opinions. In a very specific area, auditing firm practices and diligence in specific audits, the PCAOB has been very hard-hitting by traditional standards. While you might agree or disagree with some of the PCAOB’s findings or opinions in certain audits, it must be, or should be embarrassing for the auditing firms and the auditors involved and also career and business impacting.

After many years of being involved in lawsuits and issues relating to liability, litigation, duties and responsibilities, I have concluded that in most circumstances people simply don’t change their practices or the way in which they do things unless they are in some manner forced to change. For example, they might be forced to change because of the serious and actual possibility of punishment (jail time or high dollar liability), a new specific law, statute, regulation or rule change, a professional organization that sets a new specific leading standard, serious impact upon business getting, or strong public or community expectations (which also might cause a serious impact on business getting or personal reputation). Take risk management, for example, only relatively recently there are now requirements that boards, or audit committees, or other committees and people perform risk management, and there are starting to be public or community expectations in that regard. Yes, those are changes that have effect. On the other hand, the changes aren’t “specific,” and we haven’t seen the serious and actual possibility of punishment for failure to perform – the liability exposure is still for an accident that occurs, not for the specific failure to perform or try to perform reasonably prudent, business judgment rule, risk management.

Let me get back to the specific situation at hand, the recent SEC action against Grant Thornton and two of its partners for their audits of ALC and Broadwind. And to settle the matter the SEC obtained an admission of fault from Grant Thornton. That admission of fault is a big deal.

The SEC has not traditionally required an admission of fault. Typically the order or finding says something like “without admitting liability or fault . . . . “ I contend that the SEC really only should bring cases where they have sufficient evidence of significant wrongdoing and they really believe that they can obtain in settlement or at trial an admission or a finding of fault. This business of bringing and settling cases where the SEC extracts a settlement without fault, simply for payment of money or probation, is unimpressive and is a waste of governmental time and resources, as is also a finding that there was a violation of accounting or internal controls as that violation can be found or argued in every case that the SEC brings. It’s like the SEC is simply perpetuating its own existence, and isn’t really helping stockholders – instead, it’s just the SEC going through the paces. I would argue that the SEC much better overall serves stockholders by actively prosecuting serious cases, fully, on serious charges and evidence.

So, let me get back to the specific situation at hand. The PCAOB has set a new standard and tone with the manner in which it investigates and then publicly reports its findings and opinions. That new standard and tone will only continue, however, as long as the PCAOB continues with this approach. The SEC might now be setting a new standard if it concentrates its resources on bring cases where they have sufficient evidence of significant wrongdoing and they really believe that they can obtain in settlement or at trial an admission or finding of fault. That would force a game change. In addition to the actions of the PCAOB, the SEC would cause, or force, the auditors to up their game, significantly. The result will impact audit quality and reliability to the benefit of the investing public. Those actions also will or should cause boards and audit committees to up their games. Notice that I did not say that it will “force” boards and audit committees to up their games, and I also did not say that those actions will or should cause boards and audit committees to up their games “significantly.”

The obvious truth is that in the underlying facts in these cases there are many players who are, or who could be, or perhaps should be involved, including, for example, internal audit and the chief internal auditor, the board, the audit committee, the risk committee if there is one, in-house general counsel, the chief risk officer and the risk management function, the CFO, possibly the CEO, possibly the COO, the external auditor, possibility the regulators, possibly external legal counsel, et seq. And this is also why the SEC really should concentrate its resources on serious cases that will cause or force everyone to up their games. There will be an effect throughout, not simply for the direct entities involved.

Some people won’t like what I am suggesting, i.e., that the SEC should expand the players that it looks at, but in fact I’m also advocating for the SEC to stop with the patsy or less serious cases, and instead concentrate on the serious ones and then really look at the involvement of lack thereof of everyone. That also doesn’t mean that everyone is at fault or liable, or that an admission can be or should be obtained by everyone. That would be a ridiculous position – of course not everyone is at fault. But, there should be a discussion about more of the players and what they did or did not do. Ok, Grant Thornton admits that it did not properly perform the two audits in question – Grant Thornton is a good auditing firm, and you can bet that they will up their game – but Grant Thornton is only the external auditor, it had no involvement in the actual wrongdoing – so the SEC should also be looking at the extended list of players that I have listed above, and by doing so the SEC, and the PCAOB, will cause or force everyone to up their game. No one in those positions wants to be embarrassed or liable for wrongdoing. You can bet that if I’m on a board, or on an audit committee, if something unexpected occurs, and, yes, things that are unexpected do occur even without fault, I don’t, however, want to be embarrassed in hindsight if it looks like I did not perform or try to perform prudent oversight, or prudent business judgment, processes and practices.

 

Advertisements

Critical Thinking Is So Important – It Needs To Be Taught And Discussed

Do you get a feeling sometimes or even overall generally that you really aren’t sure whether you can trust what someone is telling you? I’m actually past that point – except for good friends that I have known for some time and who I trust and respect, I either don’t believe what I am hearing or I certainly question its basis. This makes decision making more difficult and time intensive.

Some people simply without any discomfort lie as a matter of course – these people are missing a personality gene or trait – you may have seen survey results that seek to quantify how many times a person on average is lied to each day. The numbers are stunning. But I’m not even talking about that. At a different lower level you have things like the speaker’s spin, overstatement or exaggeration, intent to persuade, the speakers omission to state other important information, alternative or contrary information, preconceived belief or prejudice, lack of reliable factual support, and false, contrived or erroneously limited possible choices or explanations, et al. Defending on the severity these might be considered intentional fraud, constructive fraud, deceit, negligent or innocent misstatement or misrepresentation, or some other form of dishonesty.

Your only option or defense is to critically think about, consider, and evaluate what you are hearing. Alternatively, you might say that you need to actively question what you are hearing or being told. But it takes time, effort and interest – it isn’t the easy approach.

Can you critically think about something if you have little background or personal experience with that issue or topic? Sometimes I hear people say that you cannot comment about something because you haven’t experienced it. I specifically disagree, although the point has some relevance. Lack of information or personal experience makes critical thinking and evaluation more difficult. But you certainly can still use your own good judgment, consider possible alternatives to what you are being told, gather additional information including alternative or contrary information, and question the speaker about his or her position, alternatives, and basis for statement or opinion.

Frankly, I have to say that listening to the news, or salespeople, or politicians, just as examples, tends to drive me crazy sometimes as their information and statements can almost always be rebutted or at least questioned. Who has the time for that? And maybe that’s their point – you don’t have the time.

From my audit committee guide, the following is a summary of the business judgement rule for board directors – you will note that it’s significantly based on informed, critical thinking:

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the committee member believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position would use under similar circumstances.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. The director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

You can find more information including Tate’s Excellent Audit Committee Guide on my blog at http://directorofficernews.com, and also on my trust, estate, conservatorship and elder abuse litigation blog at http://californiaestatetrust.com.

 

Meet R.I.S.K.: Why your next Chief Risk Officer will be a “Smart” Robot

Click on the following link for the article: www.linkedin.com

Dave Tate, Esq. comments. An interesting article, although it overstates the issue. I also don’t agree with the following unsupported comment:

 

“Risk professionals spend 80% or more of their time focused on high frequency, low impact risks because it is easy to capture yet only creates a false sense of security. The phenomenon is called cognitive overload and creates a distraction from the true risks that threaten organizations. This is the primary reason organizations are “surprised” when a major control failure disrupts business or security professionals fail to keep up with cyber threats. Conventional risk practice is not enough! Unfortunately, risk professionals cling to ineffective risk practice without questioning outcomes or seeking alternatives.”

 

Nevertheless, it does make sense to have informatics or analytics assist with topic areas, possibly such as risk management, in situations where that assistance would be beneficial. But garbage in is garbage out, and knowledgeable involvement is needed in both the design and evaluation. The next CRO will not be a robot or a computer, but it might be helpful.

 

Interesting also, if computerized risk evaluation is used, will people be more likely to trust and act upon that information. I believe in many cases the answer would be “yes,” and the CRO might be heavily criticized, or perhaps even liable, if he or she doesn’t act upon that information and then a negative risk that had been identified occurs.

The House of Risk

Let me share a metaphor that illustrates my thinking about risk management – and how many only practice it partially.   Imagine a house. On a regular basis, inspections are conducted to identi…

Click on the following link for Norman’s discussion: normanmarks.wordpress.com

Dave Tate, Esq. comment.

Norman talks about risk management in everyday terms, bringing the discussion closer to home. In fact, risk management is almost in everything. Audit committee or board compliance with the business judgment rule, or with statutes, rules and regulations, for example, aren’t those also topics in risk management. Personal safety and safety processes – yes, those are risk management. Environmental safety and contamination – yes, those are risk management. Terrorism and related practices and processes to protect against and respond to – yes, those are risk management.

You can find several discussions about risk management in this blog, and in Tate’s Excellent Audit Committee Guide which you can find at the following link: Tate’s Excellent Audit Committee Guide 10242015

And, I have also pasted below a few of the comments that people have made to Norman’s post (with names redacted of course) – yes, risk management is not just adverse situations – instead it is uncertainty or risk that a situation or expected situation may or may not occur, including, for example, what if there are more people who want to buy your product than you have capacity or resources to produce:

These are all downside hazard/depreciation risks. What about the house as an asset/business enabler. Use for business leverage perhaps the existing triple play technology, provide customer entertainment and use tax laws in place for many years. Business is virtual and digital. Think outside the walls!

——————————

I would always define a risk as resulting in a loss when it occurs. So, in your example I would say that the householder has an objective of maximizing the house’s value (in addition to the unstated objective of keeping the occupants safe). This brings new risks into play, such as ‘new business objectives are not identified’, ‘not all tax benefits are claimed’, ‘customers are bored and go elsewhere’.

—————————–

I respect your view of risk but agree with ______ that risk is the effect of uncertainty on objectives. It is not limited to adverse situations.

—————————–

A good analogy. The only problem is that more often than not the house people are too engrossed with day to day running of the house that an all-around check does not appear in the priority list. Even if somebody else does this reality check and presents the laundry list, the house people takes it as fault-finding and may not fix it until the roof starts really falling down.

 

Increasing Board Performance – Nonprofit Information

Often nonprofit board members are tasked with going out into the world and be ambassadors, helping to promote and brand the nonprofit.

Click on the following link for the article: nonprofitinformation.com

Dave Tate, Esq. comment. This is a well-written article and very useful, always timely, for nonprofit and for-profit boards. As a board member who also likes to blog and network, I want help and suggestions to promote and market.

Click on my updated Audit Committee Guide – 172 pages – includes SSARS 21 discussion – Free PDF – dtd Oct. 24, 2015

Below I have provided a link to a pdf of my updated Audit Committee Guide, 172 pages, includes a SSARS 21 discussion, dated Oct. 24, 2015. Please do pass the guide to anyone who would be interested. And I will continue to update and add to the guide in the future. Here is the link to the Guide, Tate’s Excellent Audit Committee Guide 10242015

Dave Tate, Esq., San Francisco and throughout California, civil and trust, estate, conservatorship and elder abuse litigation; contentious administrations; business, D&O, real estate and audit committees, http://californiaestatetrust.com and http://directorofficernews.com

Ethical imperatives for every board | Listed Magazine

I recently moderated an address by Andrew Fastow, the former CFO of Enron, and followed up by delivering a keynote on the role of the board in ethics, tying in aspects of Mr. Fastow’s speech. What f

Click on the following link for the article: listedmag.com

Dave Tate, Esq. comments. I usually don’t find lists useful – there are just too many of them that lack detail. For unknown reason, nevertheless, I decided to real this article by Richard Leblanc. I recommend that you also read the article, at least for the purpose of stimulating serious thought. You might also consider providing the article to your executive officers, board, audit committee, internal audit and legal counsel.

“Ethics” is kind of one of those vague areas that lacks specifics. It is easier to focus on prudent business judgment (including the business judgment rule) and legal and regulatory mandatory requirements. Factually, Richard’s 10 points actually do that, but under the heading of “ethics.” Also consider the comments at various of the 10 areas about the need for independent evaluation and representation, the ability to obtain independent outside assistance, and the use, oversight and hiring of the internal audit function – these comments are all very worthwhile for consideration.

Thank you for reading. Dave Tate, Esq., San Francisco and throughout California, civil, trust, estate, conservatorship and elder abuse litigation, and contentious administrations, blogs: http://directorofficernews.com and http://californiaestatetrust.com