Thank you for sharing!

Your article was successfully shared with the contacts you provided.
The Recorder recently invited a distinguished group of securities law experts to discuss current developments of interest to practitioners. A recorded version of the full 90-minute discussion (which qualifies for California MCLE self-study credit) is available on audiocassette or compact disc as part of The Recorder Roundtable series of CLE programs. To obtain a copy of the recorded discussion, along with a 129-page coursebook, please call The Recorder at (800) 587-9288 or visit our Web site at www.therecorder.com. Fred Lambert: Let’s start off by focusing on the Sarbanes-Oxley Act, a wide-ranging piece of legislation that dramatically affects the practices of virtually everybody who deals in securities law. One of the new provisions requires chief financial officers and chief executive officers to certify the periodic reports that are filed with the Securities and Exchange Commission. What are some of the things we’ll see coming out of this new law? Katharine Martin: The Sarbanes-Oxley Act managed to get through Congress very quickly, and I think to many of us it was a surprise that one of the certification requirements, outlined in §906, took immediate effect. I don’t think we’d anticipated the two different provisions. We all understood there was a certification provision in there for CEOs and CFOs, contained in §302, on which we now have some guidance from the SEC. Section 906, given that it became effective immediately, was a little bit more complicated in terms of the initial questions that a lot of practitioners had and how we were going to advise our clients. As a result of that, there were a number of open debates going on in terms of whether you should add a knowledge qualifier or not and how you filed it. Lambert: Earlier this year, the SEC sent out a release to Fortune 1000 companies that required, entirely apart from this new law, a certification from officers by Aug. 14. How did that mesh with the new Sarbanes-Oxley law? Martin: The SEC order was a one-time certification. The commission provided very specific guidance, including a frequently asked question page on their Web site. They required that companies file it with the secretary. It had to be filed in paper format. It had to be notarized. They wanted it published on an 8-K. We were providing quite a bit of advice to clients in terms of what we thought CEOs and CFOs might want to be doing in order to get comfortable making that kind of a certification. Helane Morrison: That certification was backward looking. These new certifications included in Sarbanes-Oxley are forward looking. The Aug. 14 certification asked the CEOs and CFOs to certify that in the prior year, from the last 10-K to the present, the information they had filed, to the best of their knowledge, was complete and accurate. Lambert: The certification issues raise the question of a duty to update. Is that something that appears to be part of what the law now requires? David Bayless:I don’t think the law requires it, but I think it’s an issue over which the SEC enforcement people are going to be aggressive. Do you have a duty to update? The statute is unclear. Will the SEC issue rules on that issue? I doubt it. The SEC, for better or worse, usually makes law through enforcement actions rather than through rule-making. I think there are real concerns here in terms of the certification process. Let’s say you certify, and it was truthful at the time. But then a month later you find out about a foreign subsidiary where fraud was committed. What do you do? The law is very unclear. Morrison: As a general matter, if you find that a foreign subsidiary was committing fraud, you have to disclose that quickly anyway, regardless of the certification requirement. Bayless: Only if it’s material, right? That would be my position. I don’t think it’s necessarily discloseable. Lambert: There’s a provision in this law that requires a lawyer, upon discovering violations of the securities laws or breaches of fiduciary duty, to bring that information to the attention of the audit committee and, ultimately, to the board of directors. What’s the level of knowledge that lawyers have to have about their clients’ work? Bayless: I’m concerned about the effect of this on attorney-client communications and attorney-client privilege. It really affects in-house lawyers like Cary. Cary Klafter: Of course, lawyers should speak up. First the information goes to the general counsel, then it goes to the CEO, then it goes to the audit committee. Don’t forget that we’re talking about a possible violation of law here, matters that can potentially get companies into deep difficulties. I think this debate about privilege and so forth is more of an academic issue for the ABA to be concerned about than an actual practical concern. Lambert: So in terms of compliance as an internal lawyer, you’re not concerned about those borderline areas such as breach of fiduciary duty. Klafter: It should not be confusing to counsel that their client is the corporation as a whole, effectively meaning the board and the stockholders. This is only one part of the law that is intended to force out information concerning what’s going on in the corporation on a worldwide basis. Obviously the board is not privy to everything that is going on daily, nor is the general counsel. Much of the statute is based on pushing data up to higher levels so that more people are able to see what’s going on and make an informed decision as to whether it’s the right thing or the wrong thing. Morrison: The SEC has had this rule, 102(e), by which it can sanction either lawyers or accountants who engage in unprofessional conduct. We’ve used it very sparingly with respect to lawyers. The Sarbanes-Oxley legislation directs us to draft rules governing lawyer conduct. It has this provision about reporting, and we’re going to do what the law mandates us to do. Bayless: Helane, do you see an issue about coordinating the SEC’s rules with 50 sets of state bar association rules? Morrison: In the past the SEC left lawyer misconduct mostly to the state bars, and we would refer people there. But SEC Chairman Harvey Pitt said in a recent speech to the ABA that he was disappointed with the lack of responsiveness by the bars. He said that, given this law and the lack of responsiveness, we are going to become more active. Klafter: Pre-emption means you don’t have to coordinate with anybody. Bayless: But it could make it tough for the lawyers. Klafter: Or it could make it easier for the lawyers. If you’re in a national practice, you know what the rule is from Maine to California. Lambert: David, have you had people asking about their responsibilities when it comes to the requirement in Sarbanes-Oxley that an outside lawyer or an internal lawyer bring to the attention of the general counsel, audit committee or the board items of arguable corporate misconduct? Bayless: The questions we’ve gotten have been more along the lines of, “If this happens, then what do we do?” Some in-house lawyers have not been as sanguine as Cary has been about this. I think they’re concerned that the SEC, especially the enforcement group, may second-guess what they’ve done. They now feel that if any issue comes to them that could possibly be second-guessed, they have an obligation to push things up. And that may indeed be what the law intended, but there’s a concern that they’re just going to be pushing everything up, that there’s going to be too much information flowing up and no judgment on behalf of the lawyer about what really needs to go to the board and what doesn’t have to. Lawyers, ultimately, get paid for their judgment and now you’re going to have a federal administrative agency second-guessing lawyers’ legal judgments. I think that’s a real concern. Lambert: Cary, you seem to be suggesting that this is going to be fairly easy to comply with. What is the threshold of knowledge or awareness that’s going to prompt either an internal lawyer or an outside lawyer to go to the general counsel? Klafter: You should have structures in place for investigating issues that come up within the corporation, typically involving the legal department, internal audit, HR, whoever is involved in that sort of thing. As situations arise, various matters are going to wind up with the CFO or with the general counsel, and so you will hopefully have met your responsibilities just in the ordinary course of business. Lambert: Assuming that you have structural reporting systems in place that bring out this kind of information. Klafter: The greater issue involving Sarbanes-Oxley is what’s going to happen with a lot of companies that don’t have these structures in place? The big issue in certification is the internal controls review and the disclosure controls and procedures. That’s totally different than what the SEC certification had, totally unrelated to the 906 certification, but that really creates the necessity for a routinization within all corporations of the data flow. The SEC wants companies to have a disclosure committee of some nature to review arguably material items. And you have to do your CEO/CFO review of those controls each quarter. Lambert: I wonder, though, about a company that’s just gone public and that doesn’t have the same resources, experience or level of sophistication. Martin: There’s no doubt that these certification provisions will require all public companies, whether brand new or seasoned, to put together these disclosure controls and procedures when it comes to pulling information together and making sure you’ve complied. Even the newest companies or those with smaller infrastructures will need mechanisms for this information to bubble up to the top. I don’t see how you could satisfy your obligations with respect to all these other certifications if you’re not doing that. I don’t disagree that this is going to be a tough provision for law firms and in-house lawyers to deal with. I think we’re all going to have to reflect on this as time passes in terms of how we deal with it. But I think that fundamentally, with all the other things that are happening, it’s going to make it a little bit easier because information will, if we all do our jobs right, be bubbling up. Bayless: The whole issue here is cost. What the law mandates and what the SEC wants are these internal structures and procedures and processes, which they think, if implemented, will decrease and minimize problems. The analogy I make is to brokerage firms, which the SEC directly regulates. They’ve imposed all of these internal compliance procedures and mandates on brokerage firms. I see something similar going on here. That’s fine, but it’s real expensive. Companies are going to have to spend more money on lawyers, more money on accountants, more money on internal auditors, more money on external auditors. They’re going to have to set up these internal control groups. Executives are going to have to spend time every quarter going over internal controls as well as disclosure controls. Insurance is going to be more expensive. Companies will have to pay their auditors more and they’re going to have to pay their audit committee members a lot more. I just think everybody needs to understand that this is going to cost companies a lot more money. Lambert: Cary, will those functions largely be internalized at Intel? Will you do this principally in-house or will it increase your outside counsel fees and things like that? Klafter: I don’t honestly know the answer to that. Much of this we do in-house from the legal point of view. It will clearly increase auditing expenses simply because the auditors are going to have to attest to the internal controls every year, which means they’re going to have to do more testing of routine data systems over the course of the year. With respect to non-audit services, everybody’s going to have to do more thinking about whether we want to give it to the auditors or whether we want to give it to other people. If we give it to other people it might very well be more expensive because there’s going to be a learning curve with respect to that. But you might do it anyway. So there will clearly be expenses at the margin. Lambert: Helane, there are provision in Sarbanes-Oxley that give the SEC enforcement division the power, for example, to freeze assets. Has that enhanced the commission’s enforcement position? Morrison: The new law lets us freeze assets before we file a lawsuit. Previously, we’d go in for a temporary restraining order and asset freeze when we filed the lawsuit. Now we could do it beforehand for 45 days or get an extension for a total of 90 days. Lambert: What’s the general sense of how you view this new law? Morrison: We welcome the increased enforcement measures. One of the things the law did was reduce the standard to make it easier for us to get an officer and director barred. Previously we would have to show that the officer or director was substantially unfit to serve in those positions. Now we just have to show that they were unfit. Also we’re now able to get that in an administrative proceeding rather than only in district court. Lambert: That’s a civil proceeding, right? It doesn’t require the Department of Justice to get involved? Bayless: Exactly. You don’t have the buffer of an independent federal judge but rather an administrative law judge who works for the SEC. I think that’s a big deal, and I think you’ll see the enforcement group making more and more applications for an officer and director bar. Lambert: What does the new statute mean for private actions in terms of the implied remedies under §10(b) and rule 10b-5. Here, Congress has spoken in a fairly definitive and wide-ranging way. I guess there is no specific intent to broaden the implied rights of action, but will this effectively make it easier to bring private actions? Bayless: I think it will certainly make private litigation easier from the statute of limitations perspective. Under the old law, you had to bring the claim within one year of discovery or three years of the event that underlies the cause of action. That’s been changed to two years of discovery or five years from the actual event. Plaintiffs now have a much longer period of time in which to bring a claim. That’s a significant change. I also think that the scope of the new statute imposes new liability on audit committee members, auditors, CEOs, CFOs and perhaps controllers in terms of their companies’ internal controls and disclosure controls. I think the liability exposure of all these parties has been enhanced tremendously. There’s also protection for whistle-blowers, which hasn’t received a lot of attention and probably will get more attention from the employment bar. If you blow the whistle and then you’re retaliated against, you have a private cause of action. Morrison: That is helpful to the regulators and law enforcement. People who work at companies see things. They’re afraid for their jobs, and this law gives them a little bit more security to feel that they can come forward and say something. Lambert: Cary, you’re a director of the American Society of Corporate Secretaries. What’s the reaction among a group like that whose members are really at the heart of compliance at American corporations? Klafter: We have a broad cross-section of small companies and large companies, and for some compliance is going to be easier than it will be for others. Some are already there; they don’t have to reinvent their board in regard to its independence quotient, for example. But for others, there’s a tremendous amount of work to be done. This law basically constitutes the federalization of a fair amount of corporate governance by imposing a tremendous amount of substantive requirements. Previously, the securities laws at the federal level were primarily disclosure-oriented. The new approach also feeds into the ability to create a large number of additional causes of action. You violated this, you didn’t do that, this guy didn’t tell you something, you didn’t have this meeting, you didn’t have this evaluation, you didn’t go here, you didn’t go there. There’s a lot to be done. Lambert: And it’s a direction that’s entirely different from the Private Securities Litigation Reform Act of 1995, which limited the ability to bring private actions and limited discovery while motions to dismiss were pending. Will there be a reaction to the breadth of the new law, perhaps some retrenchment when people see how expensive it is and how difficult it is to comply with? Klafter: In this environment, neither the SEC nor Congress is going to be interested in cutting back in the near future. Who’s going to raise their hand and say, “We think we’ve gone too far, and corporate America is actually better than we had originally considered to be the case. Therefore we’re going to reduce this or that.” That is simply not going to happen. Bayless: Corporate governance has always been governed by state law, and, as Cary said, this begins the process of federalizing it, for better or worse. This is not going to get repealed. If anything there will be increasing regulation in this area by the federal government. Companies are just going to have to learn to live with it. Martin: The law requires an enormous amount of work for a lot of companies. We’ve all had to come together, not just at the general counsel level or in-house lawyer level, but also at the accounting staff level, the board level, the CEO, the CFO. At all levels people have had to step up in terms of what they’re doing. There are so many different topics that are covered, either by Sarbanes-Oxley or by the New York Stock Exchange and Nasdaq rules, that it’s entirely changing the way companies run their businesses. Lambert: What’s your experience been so far in advising clients in this new realm? Martin: I think the most important thing now is just increasing awareness of what the new rules are and making sure people understand them. There’s a lot of confusion right now. You have to remind them that such-and-such provision has already taken effect, but these other provisions will take effect a little down the road. One of the next rounds of SEC rule-making will address the definition of financial experts. There’s been some confusion about whether a company is required to have a financial expert on its board or if you just have to disclose whether or not you have a financial expert. I think most people understand that it’s only a matter of disclosing whether or not you have one. Even so, some companies now feel that they should have one. A number of companies right now are out there looking for board members. Bayless: Have you seen any resistance to people serving on boards or, more specifically, serving on audit committees? Martin: I haven’t seen or heard of a single instance where someone has resigned. I think, more than anything, directors want to know what the new law means. They want better education, they want to understand what their roles and responsibilities are. They recognize that the bar has been raised, and my sense of it right now is that they actually all want to do what they’re supposed to be doing. They’re really looking for guidance. But I think in the back of everybody’s mind, ultimately there is some concern about what is the real exposure here. Over time, there may be some impact on who’s willing to serve. Lambert: In looking at some of the recent cases of alleged corporate fraud, there’s the issue of whether the accounting statements complied with generally accepted accounting principles (GAAP). Specifically, some companies have argued that compliance with GAAP is sufficient to satisfy SEC disclosure requirements. Helane, what’s the reaction of the SEC to that argument? Morrison: The SEC doesn’t agree with that position. Along those lines, we brought a case earlier this year against a company, Edison Schools, that operates schools on a for-profit basis. The case was based on the theory that, even though they complied with GAAP, their disclosure was still misleading. It was non-fraud case that was brought as a settled case. Bayless: As a defense lawyer, I find that whole theory really sort of ominous. You comply with GAAP, those are the rules and everybody says those are the rules. But then the SEC enforcement people say, “Yeah, you comply with the rules but you’ve still got to disclose something.” To me, it’s unclear what it is you’re supposed to disclose. I’m concerned about the more general point that you can be in compliance with GAAP and yet the SEC could still bring a fraud case. Now, as Helane said, Edison was a non-fraud case. But I assume the next step is to bring a fraud case against a company even though it’s in compliance with GAAP. Morrison: GAAP is not a set of rules. GAAP is this huge, vague collection of principles and discussions. You can be on the edge of GAAP on every single thing you’re doing, and if you’re on the very edge of GAAP with every single thing you’re doing, you could report something that gives a misleading picture of what’s going on at the company. Bayless: If you’re a controller or CFO or the chief accounting officer, you think in terms of GAAP. That’s your universe. And if you’re in compliance with GAAP and then all of the sudden the SEC comes back and second-guesses you for either causing or aiding and abetting some violation of the company vis-a-vis a disclosure, you’re now thinking, “Wait a minute, I’ve got GAAP. It’s taken me a long time to understand it. I comply with it. What more do you want? And if you don’t like the result, maybe change the rules on GAAP, but don’t get me on this loose-ended materiality standard that nobody can really understand.” Morrison: From our experience, that scenario is not the way it happens. What happens is the CFO or someone says, “We want to count this. We’re going to count this.” And the auditor says, “You really shouldn’t count it as revenue.” The CFO then says something like, “Well, it doesn’t exactly violate GAAP because GAAP doesn’t exactly say you can’t do that.” Lambert: The chief financial officer doesn’t single-handedly draft the disclosure in an SEC filed document. You’ve got lawyers involved. A chief financial officer is going to be aware of the general existence of a materiality standard and the requirement that investors be provided with information that’s materially correct. So the question becomes, “OK, lawyer, what is my responsibility?” Klafter: The certification release from the SEC specifically adopted the Edison Schools analysis, which says that “fairly presents” doesn’t mean GAAP. “Fairly presents” means the gestalt of what it is that we do and how it is that we do it. Lambert: Does this law lead to a greater volume of disclosure and the potential to bury things that otherwise might have been more prominent under the previous regime? Martin: I think the new law has caused companies to refocus on their MD&A, and I think that companies are being more careful about the completeness of the disclosure there. The known trends and uncertainties have always been in the MD&A. There has always been some forward-looking aspect to it so that part is not new. Now we’ve got the SEC asking us to voluntarily report critical accounting policies and any potential alternative accounting treatments that you can make. And, of course, if the SEC adopts their release, as proposed, it’s going to get even more complicated because they’re going to require qualitative and quantitative disclosure. Sarbanes-Oxley requires the accounting firms to make reports to audit committees of what the alternatives are. The new law probably will result in more disclosure. Hopefully that means better, more meaningful disclosure. Maybe not just more words but more complete disclosure. Morrison: When we file an enforcement proceeding, our goal is to win in court so we’re governed by the legal standard of materiality. We put out a release a couple of years ago that said that materiality should not just be looked at as a number. There are also qualitative aspects to it. For example, if a relatively small bit of difference would have changed whether a company meets analysts’ expectations or not or would have made the difference between a loss and a profit. In cases like that, something could be material even though the number is small. But we felt that was not a new principle but rather just a reminder to everybody of what materiality is. Lambert: David, as you advise clients under this new law, what are you saying in terms of the increase or decrease in exposure as well as the range of problems that might arise? Bayless: This statute really is revolutionary, and I don’t use that word lightly. It’s the largest change in federal securities laws since the 1930s. In terms of potential exposure to issuers and individuals, especially senior executives and, I think, audit committee members, the liability exposure has increased dramatically, along with the sanctions. We haven’t talked about the forfeiture of bonuses and other payments that top senior executives have received. Under the new law, if there’s a restatement, and it’s due to misconduct, the CEO and the CFO may have to disgorge profits. Lambert: Helane, what’s happening in terms of the caseload of investigations going on within your office? Morrison: Revenue-recognition fraud still comprises about half of our financial-fraud caseload. We’ve seen it forever, we still see it. That’s why, as we’re talking about these provisions, I’m thinking these are good. We’ve been referring cases to the criminal authorities for several years. We’ve been bringing these lawsuits for a long time, and people are still doing this. What’s going to cause them to stop? Maybe it will be this new law. David Bayless is a partner in the San Francisco office of Morrison & Foerster, where he specializes in SEC enforcement work, private securities class action litigation and counseling clients regarding SEC rules and regulations. He formerly served as district administrator in the SEC’s San Francisco office. Cary Klafter is director of corporate affairs in the legal department at Intel Corporation in Santa Clara. He is responsible for the company’s dealings with the SEC, mergers and acquisitions, investor relations and other corporate governance matters. He is a former partner at Morrison & Foerster. Katharine Martin is a partner in the Palo Alto office of Wilson Sonsini Goodrich & Rosati, where she specializes in corporate and securities law. Her practice includes all aspects of public and private company representation, with a particular emphasis on technology companies. Helane Morrison is the district administrator of the SEC’s San Francisco district office. She is responsible for enforcement and regulatory matters in Northern California, Oregon, Washington, Alaska, Montana and Idaho. She is a former partner at Howard, Rice, Nemerovski, Canady, Falk & Rabkin in San Francisco. Frederick Lambert (moderator) is a professor at Hastings College of the Law in San Francisco. He teaches courses on corporations, securities regulation and bankruptcy and is a former partner at Adams, Duque & Hazeltine in Los Angeles.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.