Title: Jeffrey Thomson, Acting President and CEO
1Accounting Control Assessment Standards The
Missing Piece in the Restatement Puzzle
- Presented by
- Jeffrey Thomson, (Acting) President and CEO
- May 9, 2008
2About your Speaker
- Jeff Thomson
- (Acting) President and CEO - IMA
- Prior to his IMA assignment (2005), worked at
ATT for over two decades where he served in
various financial, strategic, and operational
roles including CFO of a multi-billion dollar
business. - Considered a global thought leader in emerging
area of GRC - governance, risk and compliance. - Has provided testimony to the U. S. Congress on
internal controls and risk management as it
relates to Sarbanes-Oxley implementation. Also
appeared before the SEC on critical regulatory
matters impacting U.S. global competitiveness. - COSO (Committee of Sponsoring Organizations)
Board Member. - Executive Education/Certificates from Columbia
Business School, Wharton and MIT/Sloan. - a
3About the Institute of Management Accountants
www.imanet.org
Mission To provide a dynamic forum for
management accounting and finance professionals
to develop and advance their careers through
certification, research and practice development,
education, networking, and advocacy of the
highest ethical and professional
practices. Certification Certified Management
Accountant (CMA). Global Reach Members in
over 100 countries. Research Practices
Leadership Strategies Strategic Cost Management
Business Performance Management Technology
Enablement and, (NEW) Finance GRC (Governance,
Risk and Compliance).
4Agenda- Todays Session
- Supply Chain View of Financial Reporting
- The Missing Piece in the Restatement Puzzle
- Emphasis on risk and controls sub-optimization
- IMA Resources
- Panel Discussion
5The Financial / Information Supply Chain
External Financial Reporting
Business Operations
Internal Financial Reporting / DSS
Investment, Lending, Regulation
Economic Policy Making
Processes
XBRL
XBRL-FR
XBRL
XBRL
Participants
Companies
Financial Publishers and Data Aggregators /
Brokers / Analysts
Investors
Central Banks
Auditors
Management Accountants and Finance Professionals
Trading Partners
Regulators
Software Vendors
6Management Accountants Roles Responsibilities
Decision Support Planning
Internal Controls
Financial Systems
Financial Information Supply Chain
Design
Implement
Manage
Report
Audit
Public Accounting
Management Accounting
To achieve clean audits and produce relevant
financial information for stakeholders, the
professionals inside the financial/information
supply chain who design, implement and manage
business processes must be properly trained,
educated and certified. This includes a new
core competency risk management and internal
controls.
7IMA Oral Input to SEC CIFiR Panel 4 Delivery of
Financial Information (2/15/08)
1) Strategic Business Partner
2) Financial Governance, Risk, and Compliance
3) Performance Management, Decision Support,
Planning and Budgeting
4) Design, Implement, Manage, and Report on the
transactions of the business
Foundation
5) Develop finance and accounting professionals
with appropriate education, certification, and
experience to work inside organizations
Recommendation 1 SEC recognition that
integration of financial with non- financial
performance measures reporting is the domain of
management accountants and finance professionals
inside the CFO organization
8Take-Away It ALL Depends on Human Capital!
- Professionalization of corporate finance function
and accounting staff critical to assure right,
relevant, and reliable financial statements - Deployment of principles-based standards depends
on professional judgment of inside corporate
finance and accounting professionals - Production of financial and non-financial/CSR
measures dependent on properly trained corporate
finance and accounting professionals - XBRL deployment depends on properly prepared
corporate finance and accounting professionals
Recommendation 2 SEC should influence the
development of properly educated and certified
finance function professionals inside CFO
functions, (similar to SEC influence in advancing
XBRL and GAAP/IFRS convergence). Recommendation
3 SEC should encourage registrants to furnish
pertinent non financial data, BUT only when
significant level of professionalization of
finance functions inside corporations is achieved
9U.S. Sarbanes-Oxley (SOX) in Relation to
Financial Restatements
- Internal Controls over Financial Reporting and
their impact on material financial restatements
are linked. More than 1 in 10 U.S. firms
restate, and yet many attest to the markets that
they had an effective system of internal controls
to prevent material restatements. What gives??
10 11Financial Restatements Is a 10-13 Error Rate
Acceptable??(source Audit Analytics)
12Audit Analytics Restatements Update Feb. 2008
- Calendar 2007 experienced the first decline in
restatement disclosures since 2001 (30). - However, the proportion of restatements remains
high ( of total filers). - In addition, in 2007, some analysts would argue
that the drop in restatements could be largely
attributed to the FIN 48/SAB 108 alternative
(adjustment to beginning balance RE). - Finally, academic studies are indicating that
accounting complexity is not the major driver
of financial restatements.
13Academic Research on Restatements (Plumlee and
Yohn, March 2008)
14 SOX's Overarching Objective
- "to protect investors by improving the
accuracy and reliability of corporate disclosures
made pursuant to securities laws, and other
purposes" or, stated more bluntly, "to
protect investors by reducing the frequency of
material errors in financial disclosures issued
by SEC registrants"
15SOX Progress Report February 2008 (source Glass,
Lewis Co. February 2007)
2,931 U.S. companies, about 23, filed at least
one restatement during the last four years 683
companies restated two or more times
16SOX Progress Report February 2008 (Glass, Lewis
Co., The Errors of Their Ways, 2007)
"Companies take note If you restated, you must
have had a material weakness. We still have a
hard time figuring out how so many companies that
restated also could have reasonably concluded
that their internal controls are effective and
they have no material weaknesses - or that no
material weaknesses even existed at the time of
the errors.
17The Missing Piece in the Restatement Puzzle
Control Assessment Standards
- Congress delegated responsibility to define
control assessment standards to - the SEC.
- The SEC must have concluded that COSO 1992 was a
"suitable" - set of guidance.
- The PCAOB concluded COSO 1992 by itself wasn't
enough and created AS2. - AS2, by default, became the first generally
accepted control assessment - standard and produced high control
effectiveness opinion error rates. - AS5, while better, suffers from many of the same
"fatal flaws. See April 2008 - edition of Compliance Week (Gains on Key
Controls May Stall ), p. 1.
18The Missing Pieces in the Restatement Puzzle
Inadequate focus on systematic error reduction
19The Missing Pieces in the Restatement Puzzle
Inadequate focus on identifying the real risks
Identifying Real Risks
20 Inadequate focus on identifying the real risks
Finally, the management and boards of
directors of these financial services firms
failed to put in place adequate risk management
systems. Moreover, the Fed, SEC and the Office
of the Comptroller of the Currency did not take
any meaningful, proactive regulatory action to
require improvements in risk management and
public disclosure ... Arthur Levitt, Wall
Street Journal, March 21, 2008.
Identifying Real Risks
21Failures in Enterprise Risk Management
Once Again, Risk Protection Fails
Suddenly, Risk Managers are all the Rage
Banks High-Tech Security Cant Keep Up with
Traders
22Summary Losses Write Downs
- Write downs in mortgage-related securities
- Morgan Stanley - 9.4 billion (in 4th quarter of
2007) - Merrill Lynch - 7.9 billion (in 3rd quarter of
2007) - UBS 11.4 billion loss in 4th quarter
full-year net loss of 4 billion - Citigroup - 18.1 billion (in 4th quarter of
2007) - Bear Stearns was defrauded out of 6.8 million
- Société Générale 7.2 billion loss on series of
fraudulent trades
23ERM Failures Why Was it Missed?
- Smartest Men in the Room Phenomenon Continues
- Michael Lewis on the Black Scholes Model for
valuing Securities The math was too advanced, - the theorists too smart, the debate for
- anyone not in mathematics was bound to
- end badly. Bottom line You cannot sell
- at a good price when everyone else is
- selling. (March 2008 Conde Naste
- Portfolio)
24ERM Failures Why Was it Missed?
- Need to Understand Management Compensation
Schemes - Need to understand at all levels,
- Some methods can be dysfunctional
- Stock Options
- Various Performance Measures
- Compensation grew without performance as the
market increased. - Sub-Prime Crisis No one had to assume the
responsibility for the risk.
25ERM Failures Why Was it Missed?
- Complexity
- Financial Transactions
- Organizational Arrangements
- Identifying who holds the risk
- Identifying Risk Factors is Often Based on Our
Past History - Research, starting with children, point out that
from an early age, we learn about risk by
encountering it. - We had a long period of a stable market, thus we
assumed it would last forever.
26The Missing Pieces in the Restatement Puzzle
Sub-optimal GACAS standard setting (Generally
Accepted Control Assessment Standards)
Identifying Real Risks
Sub-optimal GACAS Standard Setting
27The Missing Pieces in the Restatement Puzzle
U.S. litigious legal system presents major
challenges
U.S. Litigious Legal System
Identifying Real Risks
Sub-optimal GACAS Standard Setting
28The Missing Pieces in the Restatement Puzzle
Absence of fact-based research
U.S. Litigious Legal System
Identifying Real Risks
Absence of fact-based research
Sub-optimal GACAS Standard Setting
29(No Transcript)
30IMA FGRC Resources Available NOW!!
- SMAs (Statements on Management Accounting) on
Enterprise Risk Management. - Research studies (e.g., COSO study), global
discussion papers, comment letters filed with SEC
and PCAOB, Congressional testimony. - Webinars (live and for re-broadcast),
conferences, Strategic Finance articles. - New FGRC Research Advisory Committee formed
Global members being sought!! - Visit www.imanet.org/fgrc for current FGRC
resources
31(No Transcript)
32IMA FGRC Resources Coming Soon!
- On-line educational resources and learning
modules being created to improve individual and
organizational performance (focus on improving
the quality of internal and external financial
reporting using a true risk-based approach). - First capabilities delivered in calendar 2008.
33About your Panel Member
- Andre Van Hoek
- Vice President, Corporate Controller and Chief
Accounting Officer Celgene Corporation - Prior to joining Celgene (2007), was Assistant
Corporate Controller at Johnson Johnson. - Member of Financial Reporting Committee of IMA.
- Past Member of Internal Auditing Standards Board
IIA and Past President of IIA Benelux. - Member of Industry Organizations Pharma
Accounting and Reporting Principles Committee
BioNJ CFO Committee. - Member of COSO Task Force on Monitoring.
- Guest speaker at various Universities and
Conferences. - a
34- Graham Gal, Ph.D.
- Faculty Isenberg School of Management
- Department of Accounting and Information Systems
- Member of ACM and AAA.
- Past President of the Information Systems
Section. - ISACA Faculty Liaison.
- Visited at RSA Security (2004).
- Invited Speaker on issues related to Continuous
- Reporting and Monitoring.
35J. Donald Warren Jr., Ph.D. Assistant Professor,
Accounting and Information Systems Director,
Masters of Accountancy in Financial Accounting
- Retired from PricewaterhouseCoopers LLP after a
career of 31 years. - PWCs liaison to the SEC.
-
- Co-authored PWCs third edition of the Handbook
of IT Auditing and the firms SEC Manual. - Held positions at US General Accounting Office
and the Financial Accounting Standards Board. - Area of ExpertiseAuditing, Financial
Accounting, Managerial Accounting, Information
Systems