Directors Forum 2016 Keynote Address

Andrew Ceresney, Director, Division of Enforcement 

San Diego, California

Jan. 25, 2016

Introduction

Good evening and thank you for that very kind introduction.  It's a pleasure to speak with you all today.  Before I start, I must give our standard disclaimer that the views I express today are my own and do not necessarily reflect the views of the Commission or its staff.[1]

I am pleased to have the opportunity this evening to speak at this important conference, which is focused on three important business constituencies – directors, shareholders, and management.  This evening, I thought I would discuss our enforcement work in the past few years in the area of issuer reporting and disclosure, a topic that is sure to be of interest to all of you.  It also is an area that is near and dear to me.  Years ago, when I was an AUSA in the Southern District of New York, I was involved in a number of significant pre-Enron accounting fraud cases.  These issues were also a regular part of my work in private practice, and since I've been at the Commission, financial reporting has been a consistent area of focus for the Division.

I start with the proposition that the importance of aggressively pursuing financial reporting deficiencies cannot be overstated.  Comprehensive, accurate, and reliable financial reporting is the bedrock upon which our markets are based.  Materially false or incomplete financial reporting saps investor confidence and erodes the integrity of our markets.  The Commission is committed to holding accountable those whose actions prevent investors from receiving timely and reliable information that enables them to make informed investment decisions.

I thought I would start my remarks today with a discussion of the history and context of the Commission's activity in the issuer reporting and disclosure space, and then focus on the current enforcement landscape, including recent actions.  After that, I thought I would discuss our continuing focus on gatekeepers, including audit committee members and external auditors.  Finally, I will conclude with some remarks about our enhanced efforts to detect financial reporting misconduct.

History and Context of the Commission's Issuer Reporting and Disclosure Actions

The Commission's focus on issuer reporting and disclosure violations is certainly not new.  Pursuit of these violations has historically been a staple of the Commission's enforcement efforts.  However, the overall context in which violations have arisen, as well as their complexity, has changed over time.  For instance, in the mid-to-late-1980s and early 1990s, the Commission brought important accounting fraud actions but they generally did not involve large-cap companies.  For instance, the Commission brought an action in connection with the "Crazy Eddie" accounting scandal, which involved millions of dollars of fictitious revenue and overstated inventory valuation.[2]  It also charged Barry Minkow and other officers and directors of ZZZZ Best for their roles in falsely claiming that the company performed millions of dollars in insurance restoration work when, in reality, that work was nonexistent.[3]

In the late 1990s, then-SEC Chairman Arthur Levitt gave his "Numbers Game" speech, in which he aired his concerns about selective disclosure and the use of corporate accounting gimmicks at America's largest companies in order to manage earnings to meet Wall Street earnings estimates.[4]  In his speech, he characterized these practices as "a game among market participants . . . that, if not addressed soon, will have adverse consequences for America's financial reporting system," and warned against an "erosion in the quality of earnings, and therefore, the quality of financial reporting."[5]

In the years that followed, the Commission brought significant accounting fraud actions for earnings management and "cookie jar" reserves schemes involving household names – W.R. Grace, Sunbeam Corp. and Waste Management, to name a few.[6]  And then, massive accounting frauds at Enron, WorldCom, Adelphia and other well-known companies shocked the issuer world, followed soon thereafter by the options backdating cases.  The Commission brought very significant actions arising from these cases, often in parallel with the criminal authorities.

For example, the Commission collected over $450 million in monetary sanctions from 35 entities and individuals involved in the Enron fraud.[7]  The Commission charged seven of WorldCom's former executives for their roles in one of the largest financial frauds in history resulting in a $750 million civil penalty against the company – the largest civil penalty that the Commission has ever imposed.[8]  And, the Commission also charged 29 issuers and 76 former directors and senior corporate officers with conduct related to options backdating and obtained orders for monetary sanctions exceeding $650 million.[9]  These cases sent powerful messages about the Commission's commitment to combat financial reporting fraud.

In 2008, the country suffered the most significant financial crisis since the Great Depression.  And in the wake of this, the Division actively investigated and brought actions arising out of the crisis.  Most of these cases were not traditional financial reporting cases, though some did involve accounting and disclosure issues.[10]  Instead, these actions mostly focused on transactions in complex financial products like CDOs and RMBS that resulted in massive losses to investors.  Given the prominence of these types of cases and their connection to the crisis, we allocated resources to them and they became a primary focus.[11]

When Chair White came to the Commission in April 2013, she came with a plan to refocus the Enforcement staff on financial reporting cases now that financial crisis cases were coming to a close and more resources were available.  Given the importance of financial reporting and auditing to the integrity of our markets and the protection of investors, and the SEC's unique ability to do such complex cases, failures in that sphere must always be a high priority for the Division.  To implement the Chair's plan, the Chair, in consultation with the Division, directed the creation of the Financial Reporting and Audit Task Force, which I will discuss later, and we opened important financial reporting cases in every office, utilizing the over 100 skilled accountants in the Division and talented attorneys to build these cases.   

The good news is that we succeeded in significantly increasing the quality and number of financial reporting cases.  While the numbers only tell part of the story, from fiscal year 2013 through the end of last fiscal year, excluding follow-on proceedings, the Commission has more than doubled its actions in the issuer reporting and disclosure area – from 53 in fiscal year 2013 to 114 in fiscal year 2015.  We have made similar strides in the number of parties we have charged for such violations:  in the past two fiscal years, excluding follow-ons, we have charged 128 and 191 parties, respectively, with issuer reporting and disclosure violations, a significant increase over the prior years.  What's more, most of our actions in this area involve charges against individuals, often senior executives, as well as the corporate entity:  during the past two fiscal years, excluding follow-ons, the Commission has charged over 175 individuals in issuer reporting and disclosure matters.

Separate from the Commission's work in this area, there have been some signs of progress in the issuer reporting area more generally in recent years.  For example, restatement trends are flat over the last five years, and down significantly from last decade.  Specifically, across all public companies, over the past fourteen years, restatements fell from a peak of 1,842 in 2006 to a low of 761 in 2009.  Since then, restatements have remained relatively flat, in the range of approximately 800 to 850 annually.[12]

One reason for this is likely that since the accounting scandals of the early 2000s, the financial reporting regulatory landscape has changed significantly.  For example, Sarbanes-Oxley resulted in significant changes to audit oversight, including the creation of the PCAOB and its oversight regime which included inspections of audit firms;[13] the CEO and CFO financial statement certification requirements;[14] the requirement for evaluating and reporting on internal controls over financial reporting;[15] and enhancements to corporate governance and the role and responsibilities of audit committees.[16]  These reforms have been successfully implemented and have helped to bring renewed attention to the importance of reliable financial reporting, including the importance of maintaining effective internal controls in making disclosures. 

Boards, management, and auditors are now much more focused on the risks involved in the preparation of financial statements and of the mitigants necessary to control those risks.  Most companies now have an elaborate subcertification process requiring many of the employees involved in activities that impact financial reporting to certify that they are unaware of any material accounting misstatements or disclosure issues.  And audit committees are much more involved in evaluating financial reporting issues, including having responsibility for oversight of the issuer's accounting and financial reporting process and its external auditor, as well as responsibility for establishing procedures to resolve complaints regarding accounting, internal accounting controls, or auditing matters.[17]

Beyond these legislative, regulatory, and industry developments, the Commission's enforcement actions in this area, sometimes in partnership with the criminal authorities but often on our own, have also had a significant deterrent effect.  Financial executives recognize the immense dangers they face if they manipulate financial statements and fail to exercise due care. 

But despite some positive trends, we must continue to be very vigilant against misconduct because significant violations still occur, accounting frauds are still perpetrated, and gatekeepers still fail to comply with their legal and professional obligations.  What we have seen over the last few years is that the causes of today's financial reporting problems include many of the same causes as in the past.  These include:

·       Significant pressure to meet earnings and other performance expectations;

·       Excessive focus on short term performance rather than longer term success;

·       Poor oversight in units and subsidiaries;

·       Growth outpacing the reporting and accounting infrastructure; and

·       Management's over-reliance on processes and poor "tone at the top."

Those involved in the financial reporting process must be sensitive to detecting these issues and addressing them.

Looking more specifically at the types of cases we have brought over the last few years, some of the areas in which we have seen issues are ones that have traditionally been a focus of enforcement actions, although with some new twists.  Let me give some examples.

Revenue Recognition

Improper revenue recognition continues to be an area in which see manipulation and wrongdoing, largely because revenues are such a critical measure of performance.  But in addition to sham revenue transactions and invalid bill and holds, we are seeing abuses of specialized accounting methods, such as issues with percentage of completion accounting.  For example, in the fiscal year that just ended, the Commission charged Computer Sciences Corporation and eight of its former executives with manipulating financial results and concealing significant problems in the company's largest and highest-profile contract.[18]  CSC learned that its contract with the United Kingdom's National Health Service would have to be modified and, to avoid the large hit to earnings that CSC was required to record under its percentage of completion accounting, CSC took steps to avoid recording the significant reductions, including basing its models on assumptions that had no possibility of coming to fruition.  To settle the charges, CSC agreed to pay a $190 million penalty.

Valuation and Impairment Issues

In the last several years, valuation and impairment issues also have been a prominent theme in many of the Commission's financial reporting enforcement actions, in some cases relating to actions arising during the financial crisis which produced unusual impacts on assets.  For instance, in the past fiscal year, we obtained a $55 million penalty from Deutsche Bank for failing to incorporate the risk of potentially billions in losses in connection with the valuation of a portfolio of derivatives consisting of leveraged super senior trades, through which the bank purchased protection against credit default losses.[19]  The St. Joe Company and several of its executives collectively paid more than $3.7 million in monetary remedies for improperly accounting for the declining value of the company's residential real estate developments during the financial crisis and materially overstating earnings and assets in 2009 and 2010.[20]  Particularly in times of economic turmoil, when valuation adjustments and management discretion may be the last avenues for improperly enhancing performance, we look closely at these issues.

Earnings Management

Managing earnings and other financial targets was obviously a hallmark of some of the major accounting cases in the early 2000s.  And this is an area where the Commission has continued to see issues.  Recently, the Commission brought charges against Bankrate Inc., which paid a $15 million penalty, and three former executives, one of whom settled, for allegedly fraudulently manipulating the company's financial results to meet analyst expectations in a quarter.[21]  We also brought fraud charges against two former top executives at Assisted Living Concepts, Inc., who allegedly listed fake occupants at some senior residences in order to avoid breaching a covenant in a lease to operate certain facilities.[22]

Missing or Insufficient Disclosures

Next, missing or insufficient material disclosures hinder investors' ability to make informed investment decisions.  These deficient disclosures have ranged from executive perks to related party disclosures.  In the fiscal year that just ended, for example, the Commission charged MusclePharm Corp., a sports supplements and nutrition company, and a number of its executives, for failing to properly report perks provided to its executives as compensation.[23]  Our investigation found that MusclePharm either omitted or understated nearly a half-million dollars' worth of perks bestowed upon its executives, including approximately $244,000 paid to its CEO for automobiles, apparel, meals, golf club memberships, and his personal tax and legal services.  We also brought a litigated action against ITT Educational Services and two of its senior executives for allegedly fraudulently concealing from ITT's investors the poor performance and looming financial impact of two student loan programs that ITT financially guaranteed.[24]  Finally, we brought several actions where we alleged that related party disclosures were inadequate or incomplete.[25]

Internal Accounting Controls

In addition to financial statement and disclosure issues, we have also been focused on deficient internal accounting controls, which are foundational to reliable financial reporting.  On a number of occasions, we have brought charges for violations of the internal accounting controls provisions of the federal securities laws, even in the absence of fraud charges.  Deficient internal accounting controls can lay the groundwork or create opportunity for future misstatement or misconduct that goes undetected.[26]

Clawbacks of Bonuses and Incentive-based Compensation

Finally, where appropriate, we have aggressively used the authority under Section 304 of Sarbanes-Oxley to claw back compensation from executives of companies that have engaged in financial reporting misconduct which resulted in restatements.  This is a powerful remedy in our enforcement arsenal, enabling us to require executives to repay bonuses, incentive-based compensation, and stock sale profits, even when they are not charged with misconduct.  These actions serve the dual goals of ensuring that executives are not compensated for inaccurate performance and incentivizing them to focus on enhanced accounting controls to combat misconduct.  For instance, in our action against Saba Software, its CEO and two former CFOs collectively agreed to reimburse the company more than $3 million in bonuses and stock sale profits received while the fraud at the company occurred, even though they were not charged with involvement in the fraud.[27]

The Importance of Gatekeepers

Let me now turn to gatekeepers in the financial reporting process.  In the financial reporting area, like in many others, gatekeepers are critical to helping ensure that issuers make timely, comprehensive, and accurate disclosure.  Audit committee members and external auditors in particular are among the most important gatekeepers in this process, and each has a responsibility to foster high-quality, reliable financial reporting.[28]  We recognize that audit committee members and auditors exercise a significant amount of judgment on a day-to-day basis and we are not in the business of second-guessing good faith judgments.  However, audit committee members who fail to reasonably carry out their responsibilities, and auditors who unreasonably fail to comply with relevant auditing standards in their audit work, can expect to be in our focus.

Audit Committee Members

We have not frequently brought cases against audit committee members.  That is because in my experience, audit committee members in most cases carry out their duties with appropriate rigor.  But in the last couple of years, we have brought three cases against audit committee chairs that provide helpful guidance on the type of failures that will attract our attention.  In each case, the audit committee member approved public filings that they knew, were reckless in not knowing, or should have known were false because of other information available to them. 

In early 2014, for example, the Commission charged an animal feed company – AgFeed Industries – and top executives with allegedly conducting a massive accounting fraud in which they repeatedly reported fake revenues from their China operations in order to meet financial targets and prop up the stock price.  We alleged that, while the company was engaged in efforts to raise capital for expansion and acquisitions, the audit committee chair learned facts from a high level employee who had visited China suggesting that Chinese sales were inflated.  He then allegedly sought advice from a former director and company advisor, who noted that there was "not just smoke but fire" and recommended that AgFeed conduct a full internal investigation.  However, the audit committee chair ignored the recommendation and the red flags of fraud, and signed off on the public filing of the financial statements.[29]

In another recent case, we charged the issuer's former audit committee chair for signing an annual report that she knew or should have known contained a false Sarbanes-Oxley certification with the digital signature of a purporting acting CFO when, in fact the person selected for that role had rejected the offer to serve in the position.[30]

Finally, in a recent action, the Commission found that MusclePharm's former audit committee chair signed several filings that did not disclose the full extent of executive perks.[31]  He then learned through an internal review that certain perks had not been disclosed.  Yet, the audit committee chair substituted his wrong interpretation of SEC perk disclosure rules for the views of the independent consultant MusclePharm had hired, resulting in additional filings with incorrect perk disclosures.

The takeaway from these cases is straightforward:  when an audit committee member learns of information suggesting that company filings are materially inaccurate, it is critical that he or she take concrete steps to learn all relevant facts and cease annual and quarterly filings until he or she is satisfied with the accuracy of future filings.

External Auditors

This brings me to the second group of important gatekeepers – external auditors.  Auditors protect shareholders by applying auditing standards to evaluate whether financial statements are fairly stated in all material respects.[32]  In every potential financial fraud case, we closely scrutinize the work performed by auditors to determine whether their audits were conducted reasonably.  We look to see whether the auditors appropriately discharged their duties related to the full spectrum of issuer filings and auditor services.

While many of our cases involve individual auditors, in the past several months the Commission brought two important actions against national audit firms BDO and Grant Thornton, and individual auditors from those firms.[33]  These actions were the first cases against national audit firms for audit failures since 2009.[34]  They also were the first actions in which the audit firm admitted to wrongdoing.  As part of each settlement, the audit firms agreed to very detailed and extensive undertakings and remedial measures, including an independent consultant to evaluate the firms' policies.  I think it is worth highlighting a few key points from these cases because they have important lessons to teach.

In the Commission's charges against BDO and five of its partners, an audit client had a purported certificate of deposit, representing approximately half of its assets, which went missing.  The money ultimately was returned to the client under suspicious circumstances from parties other than the bank where the funds were purportedly held.  Management made inconsistent statements about the source of the money and there were some indications that the money came from related parties.  BDO demanded that the audit client conduct an independent investigation, which was the proper course.  But then about a week later, without receiving any real explanation or evidence explaining the prior inconsistencies or transactions, and with the concurrence of national office personnel, BDO withdrew its demand and issued an unqualified opinion on the client's financial statements.  The following year, BDO learned of a criminal complaint against the president and CEO of the bank alleging a wide ranging conspiracy that involved, among other things, the certificate of deposit at issue.  Despite the criminal complaint and a guilty plea by the bank's president and CEO, BDO failed to perform appropriate audit procedures to determine whether this new information had any impact on the client's financial statements.[35]

A few important takeaways from this case.  First, like audit committee members, auditors need to demand objective evidence and investigation when they come across situations which suggest inaccuracies in the company filings.  Second, national office personnel need to be the bulwark against client pressure.  We charged three national office personnel in this case who failed in their roles.  And finally, audit firms must not retreat from demanding an internal investigation unless they obtain evidence that dispels the issues that led them to request such an investigation in the first place. 

The Commission's charges against Grant Thornton and two of its partners arose from the failure to heed numerous warnings and red flags concerning alleged frauds occurring at two audit clients – Assisted Living Concepts and Broadwind Energy – both of which eventually became the subjects of enforcement action by the Commission for improper financial reporting.  The firm had assigned a particular audit partner to oversee both audits and allowed the partner to continue on those audits despite having received numerous warnings of quality issues with her work.  The firm also failed to ensure that the rest of the audit team compensated for weaknesses in that partners' work, and that its audit procedures were rigorous enough to cover the key risk areas.[36]

The lesson from the Grant Thornton matter is that engagement partners need to be actively monitored to ensure that they are fully capable of fulfilling their critical role as gatekeepers.  And those of you who are board members should keep a close eye on the procedures that firms employ to monitor their partners' work. 

Detection of Financial Misconduct

Let me conclude today by focusing on early detection of financial misconduct.  Historically, our enforcement efforts have been reactive, arising from restatements or some other public disclosure.  We have attempted in recent years to be more proactive in our enforcement efforts, to try to detect misconduct before it becomes public.  One of the things we are doing is leveraging the data available to us.  Last year, the Commission's Division of Economic and Risk Analysis announced the Corporate Issuer Risk Assessment program or CIRA, which aggregates and organizes corporate issuer financial information.[37]  CIRA evolved from an earlier data-driven endeavor, the Accounting Quality Model, which was one of the first issuer-focused analytical tools built completely in house.  CIRA provides us with a comprehensive overview of the financial reporting environment of Commission registrants and assists our staff in detecting anomalous patterns in financial statements that may warrant additional inquiry.  CIRA's multiple dashboards enable the staff to compare a specific company to its peers in order to detect abnormal, relative results, focus on particular financial reporting anomalies, and generate lists of companies that meet the criteria for further analysis.  And, because this is a homegrown tool, we can customize the tool as needed, setting and refining different breakpoints, drilling down on particular corporate events.

The Financial Reporting and Audit Group, which we refer to as the "FRAud Group," an outgrowth from the similarly-named Task Force we announced about two years ago, is also part of our early detection efforts.[38]  The FRAud Group is focused on identifying cases that we otherwise would not find, finding new ways to utilize our resources and developing new resources, and building out a methodology for proactive identification of financial reporting and audit issues.  The FRAud Group is one of several initiatives throughout the Division to proactively detect financial reporting issues.

Finally, we are also focused on developing leads through our whistleblower and cooperation programs.  These programs provide us with the opportunity to glean valuable information regarding potential financial frauds from company insiders.  Since the inception of the whistleblower program, tips related to potential financial fraud have accounted for a significant volume of whistleblower reports; last fiscal year, whistleblowers identified approximately 18 percent of their tips as related to corporate financial and disclosure matters.[39]  Whistleblowers are indispensable to our efforts to find wrongdoing.

Separately, a significant number of cooperating witnesses, who help us build our cases as well as provide us with potential leads on new matters, have come forward in investigations where alleged financial fraud is a focus.  Since the inception of our cooperation program, we have entered into 102 agreements with cooperating witnesses, of which 30 involve a financial fraud investigation.  I expect that both the whistleblower and cooperation programs will be significant components in our case generation efforts in the future.

In closing, our markets depend on comprehensive and accurate disclosure to investors.  As the Commission's actions in this space over the past several years show, companies and their executives will face enforcement action if they mislead investors.  We hope this aggressive posture will deter misconduct and ensure that companies report accurate and reliable financial information.

Thank you for the opportunity to speak with you today.