The Sarbanes-Oxley Corporate Fraud Accountability Act of 2002 ushered in a new era of corporate governance and changed the regulatory landscape within which public companies and their in-house counsel operate. In-house counsel face mounting pressure to comply and keep current with the new governance rules. Collaboration with outside counsel can provide the crucial support needed to sift through and implement the multitude of new standards at a time when the stakes are higher than ever.
In a recent survey of corporate executives conducted by Corporate Legal Times, more than 40 percent ranked legal risk management as the area where in-house counsel contribute the most value. More than 60 percent surveyed indicated the desire to have in-house counsel spend more time on risk management, corporate governance and compliance issues.
The act’s requirement that CEOs and CFOs certify the accuracy and completeness of a company’s financial statements is one example of the need for risk management by the company and its counsel. Although executive officers undoubtedly assumed responsibility for the integrity of this information in the past, the new certification requirements increase the associated risks as well as the penalties if the executive officers err. There are criminal penalties of up to $1 million and 10 years in prison for knowing violations of the certification requirements. As a result, some executives require “cascading” certifications from those subordinates involved in the preparation of the reports and the individuals who work for the subordinates and contribute to the data input on which the certifications are based. In-house counsel must expect that CEOs and CFOs will look to them for further comfort in complying with these certification requirements.
Companies subject to the act also are required to disclose their codes of ethics for senior executive management. Although the rules do not require a company to adopt a code of ethics, if a company does not have the required code of ethics it must disclose the reasons why. Many companies choose to either adopt codes of ethics or review and revise their existing codes. If, however, a company is listed on the New York Stock Exchange or quoted on Nasdaq, the company will be required to adopt a code of ethics for all directors, officers and employees or risk being delisted.
The act also requires companies to establish policies and procedures for the confidential and anonymous receipt and retention of employee concerns or complaints concerning accounting matters.
Arguably the most arduous task of compliance for those companies subject to the act is the responsibility of management to 1. establish and maintain adequate controls over financial reporting; and 2. assess as of the end of a company’s fiscal year the effectiveness of the company’s internal controls and procedures for financial reporting. Although for most companies compliance is not required until the end of 2005, if a company has not begun implementing the process of documenting its controls and procedures it is well advised to do so now.
In preparing and reviewing the numerous codes, policies and procedures required by the act, the SEC and the national exchanges, companies must determine how formal or informal their policies should be. Companies should follow any governance procedure or policy sincerely and effectively. If a rule is not yet effective, companies also should weigh the pros and cons of early compliance. Early compliance can bolster a company’s reputation by providing clear articulation of its “best practices” and ethical behavior, as well as serve to mitigate the consequences of shareholder litigation or an SEC investigation.
Companies must be mindful, however, not to set standards too high when complying early. In the past, the SEC has made significant changes to proposed rules that make the rules less strenuous in their final form. The SEC also has provided interpretive guidance and responded to frequently asked questions shortly after a rule’s adoption, both of which often reduce the benefits of early compliance.
Outside counsel will have the advantage of having prepared and reviewed codes, policies and procedures for different clients with varying structures and in varying industries. In addition, outside counsel will have experienced clients that are facing claims for noncompliance or inadequate compliance. As a result, outside counsel should be able to contribute insight about the range of options available and different tactical perspectives that in-house counsel might employ. In-house counsel has the advantage of knowing its company better than anyone else.
When the insights of outside counsel combine with in-house counsel’s insight into the operations, objectives and ethical underpinnings of a company, the collaboration in the analysis and preparation of these new or revised codes, policies and procedures should result in a superior product at a reduced cost.
Timothy R. Brown is a senior partner in the business transactions department of Thompson & Knight in Houston. Christi Hollingsworth is a member of the corporate and securities department of the firm.