Speech by SEC Staff:
Lessons Learned from San Diego

by

Linda Chatman Thomsen

Director, Division of Enforcement
U.S. Securities and Exchange Commission

AICPA National Conference on Current SEC and PCAOB Developments
Washington, D.C.
December 11, 2007

Thank you for the kind introduction. I'm delighted to be here today. It isn't often that I have an opportunity to talk to a group of people who can have such a direct impact on the work that we in the Enforcement Division do as I have today before this audience of certified public accountants. What you do, every day, is critical to the integrity of the United States financial markets, and I want to applaud your efforts to make and keep the U.S. financial markets the strongest and most robust in the world.

Today, I would like to focus on a subset of our financial markets, specifically the market for municipal securities. The municipal securities market is a top priority for the SEC and I believe the SEC's attention to this market segment will increase. In July of this year, SEC Chairman Cox gave a Town Hall speech on Integrity in the Municipal Market, and also delivered a "white paper" to Congress calling for improvements in accounting and disclosure in the municipal securities market. The reason for this priority is simple-the market value of all outstanding municipal securities totals approximately $2.4 trillion, and over two-thirds of that amount is held, directly or indirectly, by individual investors.

Today, I want to share with you some of the lessons you can take away from two enforcement actions the SEC recently brought that should improve disclosures in municipal securities offerings. Both cases arose out of the SEC's ongoing investigation into municipal securities offerings by the City of San Diego.

The first was the SEC's action against the City of San Diego itself. On November 14, 2006, the SEC issued an administrative order that found that San Diego committed securities fraud in the offer and sale of over $260 million in municipal bonds in 2002 and 2003. In its settlement with the SEC, San Diego was ordered to cease and desist from future securities fraud. In addition-and this was a first in an SEC settlement with a municipality-the Order required remedial undertakings. Among other things, the SEC ordered San Diego to hire an independent consultant to review its disclosure practices and to follow the consultant's recommendations.

The second case, which came out only yesterday and which may be of particular interest to this group, was the SEC's settled federal court action against the independent auditor for San Diego and its pension plan, Calderon, Jaham & Osborn and the engagement partner on the San Diego audits, Thomas Saiz. This case is significant in a number of respects. First, Saiz and his firm were charged with primary violations of antifraud provisions--not aiding and abetting. Charging auditors with primary violations is somewhat rare, but in this case it was justified given the auditors' direct participation in the false and misleading statements to investors. Second, this is the first time that the Commission has obtained civil penalties against an independent auditor for a municipality.

From my perspective in the Enforcement Division, the lessons to be learned from these San Diego cases regarding securities offerings can be summarized as follows: (1) adopt written disclosure policies and procedures; (2) provide appropriate training to city officials and employees; (3) focus on the big picture issues facing the city; (4) disclose the bad with the good; and (5) (perhaps of most immediate importance to this group), hire auditors with the skills and resources necessary to adequately audit the municipality's financials in connection with its securities offerings.

The San Diego cases are sufficiently important that I would like take a few minutes to review the most salient facts here. In its Order finding that the city had committed securities fraud, the SEC found that at the time of its $260 million in municipal bond offerings in 2002 and 2003, San Diego knew that it had huge unfunded liabilities for pensions and retiree health care. San Diego's growing pension liability resulted, in part, from the City's deliberately under-funding its annual payment to the pension plan and from the City's increasing its employees' pension benefits over time. Given its ongoing underfunding and increasing obligations, San Diego knew that it would probably have difficulty in funding its future pension and health care obligations unless new revenues were obtained, pension and health care benefits were reduced, or services were cut. San Diego's pension issues were well known among city officials, and San Diego repeatedly had to deal with these pension issues. In other words, the pension issue was an elephant in San Diego's living room.

Despite the magnitude of the problem and the frequency with which San Diego officials confronted the pension issues, San Diego made five separate municipal bond offerings, made rating agency presentations and made continuing disclosure filings without adequately disclosing these problems to the investing public. San Diego was saying little or nothing-and, in any event, clearly not enough--about the elephant in its living room.

The SEC ordered San Diego to cease and desist from future securities fraud. In addition, the SEC ordered San Diego to undertake certain remedial actions. This is the first time that such remedial undertakings have been included in a settlement with a municipality. The order requires San Diego to hire an independent consultant to review and recommend improvements to its disclosure practices, it requires San Diego to follow them and it requires the Consultant to perform two annual follow up reviews.

The fallout to San Diego for its disclosure deficiencies has been significant. The City's credit rating was lowered; it has not been able to issue bonds in the public market since mid-2003 because it has not had current audited financial statements; it has had to borrow from private lenders at a higher interest rate. In addition, the mayor resigned, and the city has reportedly spent over $26 million for internal investigations to determine what happened and who was responsible.

The Commission's case against the independent auditor for San Diego and its pension plan also turned on important and interesting facts, notably the obvious inadequacy of the independent audit firm in terms of the skills and resources necessary to meet its auditing obligations, and the independent auditor's direct participation in the misrepresentations. At the time of the audits, San Diego was the seventh largest city in the United States and had revenues exceeding $1 billion per year and assets in excess of $10 billion. San Diego's pension plan had net assets of $2.5 billion and additions to the plan of over $85 million. In contrast, as alleged in the SEC's complaint, the independent auditor, Saiz, was the sole shareholder of Calderon, Jaham, and Osborn, and the firm had a total of only approximately 30 employees.

The Commission's complaint alleged that Saiz played two key roles in San Diego's bond offerings. First, he drafted, subject to San Diego's review and approval, the disclosures in footnotes to the city's financial statements. These footnotes disclosed that San Diego was under-funding its annual pension contribution but also included positive statements indicating that the city was properly funding and reserving for its pension obligations. The footnotes indicated, among other things: that the city's funding method included a provision to ensure that the pension's funded level would not drop below a certain level to protect the pension plan's financial integrity; that the pension plan's actuary believed that the city's pension funding method was an excellent method for the city; and that the total amount that the city had under-funded its annual pension contribution, or net pension obligation, was funded in a reserve.

The complaint alleges that these positive statements were false and misleading because the City did not disclose negative information indicating that the city was not properly funding and reserving for its pension obligations. In fact, as alleged in the complaint, the city's net pension obligation was not funded in a reserve and in 2002, the pension plan had fallen below a funded level that the actuary deemed appropriate and the actuary no longer supported the city's funding method. The complaint further alleges that Saiz knew or was reckless in not knowing that the disclosure was false and misleading as a result of information Saiz received from his audits of the city and its pension plan and his review of the city's bond offering documents.

Saiz also drafted footnotes that disclosed that the city provided health benefits to retirees at a cost of $7 to $9 million per year and that the expenses for such benefits were recognized as they were paid. The complaint alleges that Saiz knew or was reckless in not knowing that this disclosure was misleading because it failed to disclose, as Saiz knew from auditing the city and its pension plan, that the retiree health care expense was being paid with earnings from the pension plan and that the city would soon have to begin paying this substantial expense out of its own budget.

Saiz and his firm, CJO, are also alleged to have played a second key role in San Diego's bond offerings: They consented to the city's inclusion of their audit reports in its bond offering documents. The audit reports stated that the financial statements were fairly presented in conformity with generally accepted accounting principles ("GAAP") and that the audits were performed in accordance with generally accepted auditing standards ("GAAS"). In fact, as alleged in the complaint, the financial statements were not in conformity with GAAP because of the false and misleading statements regarding the city's pension obligations.

As also alleged in the complaint, during the audit, Saiz and CJO failed to comply with GAAS because they did not have sufficient auditing proficiency, were not knowledgeable about San Diego, failed to obtain sufficient competent evidential matter, and failed to exercise due professional care. The complaint also alleges that at the time they consented to San Diego's including the audit report in the 2003 offering documents, Saiz also failed to inquire into the recent substantial increase in the city's obligations to its pension, as required by GAAS, to determine whether the financial statements or the audit report required revision. Saiz and his firm settled with the Commission by agreeing to be enjoined from committing future securities fraud. Saiz agreed to pay a $15,000 penalty.

What should the municipal securities markets take away from these actions? I can tell you that the Enforcement Division believes there are five critical lessons that municipalities should learn from our recent actions:

• One-cities should consider whether their internal controls and systems produce financial reports and disclosure documents that are accurate and complete. By internal controls and systems, I mean, among other things, written policies and procedures that, at a minimum:
  • clearly identify who is responsible for what;
  • clearly state the process by which the disclosure is drafted and reviewed; and
  • provide checks and balances so there is adequate supervision and reasonable disbursement of responsibilities so that too much power and information is not placed with just one person.
  
   
• Two-cities should provide training to their officials and employees regarding the applicable disclosure requirements of the federal securities laws and GASB financial reporting provisions. The SEC has repeatedly said that the ultimate responsibility for preparing disclosure documents cannot be assigned to the independent auditor, disclosure counsel, or other professionals. The ultimate responsibility rests with the issuer and its officials. Since the buck stops with municipalities and their officials, it essential to provide training. By training, I mean:
  • practical training on the disclosure and financial reporting requirements of the federal securities laws and GASB;
  • specific training on the particular person's role and responsibilities in the disclosure and financial reporting process; and
  • training for everyone involved in the disclosure process-from the city council members to the staff members who are involved in the initial drafting of the disclosure documents.
  
   
• Three-issuers, their auditors and their counsel should also keep the big picture in mind. Don't let completing a disclosure process checklist become the goal unto itself. Some of you are surely thinking, "but didn't you just say that it was important to have procedures." It is important to have procedures, but the overarching goal has to be providing full and fair disclosure to the investors buying the bonds. So how does the team working on disclosures for a municipal securities offering avoid the proverbial conundrum of failing to see the forest for the trees? Among other things, I would suggest that the disclosure team have brainstorming sessions devoted to the larger issues and not to the specifics.
  • The team should first identify the financial problems and issues that the municipality is struggling with, or worse yet avoiding. In other words, like San Diego, does the municipality have an elephant in its living room?
  • The team and its members should conduct their own due diligence regarding the city and the issues it is facing to see if the city officials have brought everything to the team's attention-review council minutes, check local news reports.
  • Next, the team should carefully scrutinize the disclosure documents themselves. Are the financial issues and problems the team has identified fairly disclosed in the documents and expressed in language that can easily be understood? To continue the analogy, could the average investor read the disclosure documents and identify the animal as an elephant, know the size of the elephant, how the elephant was having a negative effect on the house, and how the issuer planned to get the elephant out of the house?
  
   
• Four-disclose bad news. Politicians and government employees are often extremely reluctant to acknowledge that anything bad happened under their watch. The same can be said for officers and directors of public companies. But the securities laws require disclosure of both the good and the bad in order to avoid painting a misleading picture. Investors are entitled to both and in the long run it will probably be cheaper than being caught not providing proper disclosure.
   
• Finally-hire auditors that have the skills and resources to do the job. Too often, cities seem to place too much emphasis on other factors-political connections, going with the lowest bid, or giving business to local business persons. The number one priority has to be hiring auditors who have the technical skills and resources to do the job.

We expect that the Enforcement Division's vigilance in the municipal securities market will continue to grow as the market grows. What we learned from San Diego was important and deserves close attention from all participants in the municipal securities markets. Since San Diego was the seventh largest city in the U.S. during these offerings, it's fair to assume that other cities and municipalities could encounter the same kinds of disclosure and audit problems-unless they take affirmative steps to avoid what happened in San Diego. Applying the lessons learned from the San Diego cases should ensure that investors get full and fair disclosure from municipal issuers, which in turn should ensure the integrity and efficiency of the municipal securities markets.