Home Online Publications Online Issues TTA Home Table of Contents A Practical Guide to Sarbanes-Oxley (Part I) Search Feedback
Practice & Procedures

A Practical Guide to Sarbanes-Oxley (Part I)

Although the Sarbanes-Oxley Act of 2002 (SOA) is not tax legislation, it still affects a public companys tax departments and tax advisers. This article highlights substantive issues and compliance measures to help companies and clients comply with the SOA.

 

George Goodman, Esq.
Partner
Foley & Lardner
Chicago, IL

    

For more information about this article, contact Mr. Goodman at GRGoodman@foleylaw.com. Authors note: The author would like to thank Jonathan P. Biller, Senior Tax Counsel, Alcon Laboratories, Inc., and Brian H. Marron, Director of Taxes, Harley-Davidson Motor Company, Inc., for their help with this article. 2003 George Goodman. All Rights Reserved.

  

Executive Summary

  • An understanding of how the SOA affects a companys operations as a whole and its tax function in particular is essential to successful compliance.

  • The SOA raises possible tax issues in a number of areas, including SEC disclosure, internal financial controls and dealing with auditors.

  • Some provisions may influence popular tax-related transactions and require tax advice.

 

Congress enacted the Sarbanes-Oxley Act of 20021 (SOA) on July 30, 2002, to restore integrity and public confidence in corporate governance, financial statements and stock valuations. Although technically not tax legislation, the SOA affects public-company tax departments and tax advisers. Some of its provisions could be extended to nonpublic companies and individuals as well, through state or industry regulation or market forces,2 and a few can apply to any taxpayer or tax adviser.

Part I of this two-part article provides an overview of the SOA and focuses on measures public-company tax department personnel and tax advisers should consider to help their company or clients comply with its provisions. It also discusses substantive tax-related issues that may arise. Part II, in the November 2003 issue, will discuss restrictions on tax services from auditors and provisions that may apply to any taxpayer or tax adviser, and concludes with some specific recommendations.

 

Overview

An overview of the SOA is essential to understanding how it affects a companys operations as a whole and its tax function in particular. The principal provisions and requirements are summarized below.3

 

Audit Committee Standards

SOA Section 301 requires an issuer of securities listed on a national securities exchange to adopt standards governing its audit committee, including (1) making the audit committee directly responsible for the appointment, compensation and oversight of the auditor; (2) limiting audit committee membership to independent board members (with at least one member being a designated financial expert); and (3) requiring procedures for handling complaints and concerns about accounting or auditing matters.

 

Improper Influence on Audits

Public issuers are prohibited by SOA Section 303 from improperly influencing an auditor in the course of an audit.

 

Internal Financial Controls

SOA Section 404 requires a public issuer to establish internal financial controls to provide reasonable assurance on the reliability of financial reporting and the preparation of financial statements in accordance with GAAP, including policies and procedures that fulfill three objectives: (1) maintenance of records that accurately and fairly reflect the issuers transactions and asset dispositions; (2) proper recording of transactions permitting preparation of GAAP financial statements, and assurance that receipts and expenditures are properly authorized by management and directors; and (3) prevention or timely detection of unauthorized material transactions.

 

Code of Ethics

Under SOA Section 406, a public issuer has to adopt a code of ethics for senior financial officers to deter wrongdoing and to promote (1) honest and ethical conduct; (2) full, fair, accurate, timely and understandable disclosure in SEC filings; (3) compliance with governmental laws, rules and regulations; (4) prompt internal reporting of code violations; and (5) accountability for adherence to the code.

 

CEO and CFO Certification of Disclosure

Under SOA Section 302, chief executive officers (CEOs) and chief financial officers (CFOs) have to certify that reports filed with the SEC do not contain any materially untrue statements or omissions. They must also certify that:

  • The financial information therein fairly presents the issuers financial condition and results;

  • Internal controls and procedures to ensure timely disclosure are in place and have been evaluated; and

  • Any fraud involving management or other employees with a significant role in such internal controls has been reported to the issuers auditor and audit committee.

Separately, under SOA Section 906, the CEO and CFO also have to certify that each periodic SEC report containing financial statements fully complies with Section 13(a) or 15(d) of the 34 Act, and that the information therein fairly presents, in all material respects, the issuers financial condition and results of operations.

 

Other Disclosure Enhancements

SOA Section 401 requires additional SEC disclosure of material (1) off-balance sheet transactions and commitments4 and (2) auditor-identified correcting adjustments to GAAP financial statements filed with the SEC. SOA Section 403 requires disclosure of any change in securities ownership of an issuer by an owner of 10% or more of a registered equity security, or any director or officer of an issuer thereof. SOA Section 409 requires disclosure of changes in an issuers financial condition or operations pursuant to SEC rules, in real time and in plain English.

 

Substantive Transactional Provisions

SOA Section 304 imposes certain substantive restrictions on transactions with or by senior management, including forfeiture by an issuers CEO and CFO of any bonuses, incentive compensation or profits on sales of issuer securities received during the 12-month period following the public issuance of a financial statement that is later restated due to the issuers material noncompliance, as a result of misconduct, with any financial reporting requirements under the securities laws.

SOA Section 306 prohibits trading in an issuers securities by its directors and executive officers during pension blackout periods; SOA Section 402 bars an issuers making personal loans to any director or executive officer.

 

PCAOB

The SOA establishes the Public Company Accounting Oversight Board (PCAOB) as a private, nonprofit District of Columbia corporation, to register, inspect and regulate public accounting firms that audit public companies, and to establish standards for audits of public issuers.

 

Auditor Independence Standards

The SOA (and the SEC and PCAOB regulations issued thereunder) establish auditor independence standards to prevent conflicts of interest and keep registered public accounting firms independent of their public audit clients (and in particular of their management), including:

  • A requirement that (1) an issuers audit committee preapprove all audit and nonaudit services from its auditor and (2) approval of and fees for nonaudit services be disclosed in periodic SEC reports (SOA Section 202);5

  • A prohibition on a registered public accounting firms performance of certain nonaudit services for a public audit client (SOA Section 201);

  • Required rotation of lead audit partners at least once every five years (SOA Section 203);

  • A one-year cooling off period before an employee of an auditor who participated in an audit of an issuer may become the issuers CEO, CFO, chief accounting officer or controller (SOA Section 206); and

  • A prohibition on an audit partners receipt of compensation based on selling nonaudit services to an audit client.6

 

Audit Paper Retention

Section 802 requires public-company auditors to retain audit workpapers for five to seven years.

 

Attorney Reporting Obligations

New SEC rules7 of professional conduct under SOA Section 307 require attorneys representing issuers before the SEC to report evidence of securities, fiduciary or similar violations to the issuers general counsel or board of directors.

 

Stock Analysts

SOA Section 501 directs the SEC to enhance the integrity of securities research and analyst recommendations, by issuing (or directing exchanges to issue) rules shielding securities analysts from conflicts of interest and requiring disclosure of conflicts of interest.

 

Financial Crimes

The SOA increases penalties for certain existing financial crimes and creates a number of new ones, including:

  • Fraud relating to a security of a company that is public or has any registered securities outstanding; the penalty is a fine and/or up to 25 years imprisonment (SOA Section 807);

  • Any attempt or conspiracy to commit any offense under Chapter 63 of 18 USC (including mail fraud, wire fraud, bank fraud, healthcare fraud, securities fraud and false CEO and CFO certifications) (SOA Section 902);

  • Corruptly tampering with or otherwise impeding an official proceeding, with a penalty of a fine and/or up to 20 years imprisonment (SOA Section 1102);

  • Knowingly altering, destroying, concealing or falsifying any record, document or tangible object with the intent of impeding, obstructing or influencing any matter within the jurisdiction of any U.S. department or agency or any Title 11 case, with a penalty of a fine and/or up to 20 years imprisonment (SOA Section 802);

  • Knowingly and willfully failing to retain audit workpapers in violation of the new audit workpaper retention requirements or SEC rules pertaining thereto, with a penalty of a fine and/or up to 10 years imprisonment (SOA Section 802);8

  • A CEOs or CFOs making a known false disclosure certification (that the periodic report filed with the SEC complies with 34 Act Section 13(a) or 15(d) and fairly presents the issuers financial condition), with a penalty of up to a $1 million fine and/or 10 years imprisonment, or up to a $5 million fine and/or 20 years imprisonment if done willfully (SOA Section 906(c)); and

  • Knowingly retaliating against an informant for providing to a law enforcement officer truthful information relating to a Federal offense, with a penalty of a fine and/or up to 10 years imprisonment (SOA Section 1107).

 

Tax Compliance and Issues

Public-company tax department personnel and tax advisers to such companies must recognize the ways in which the SOA may require compliance measures or raise substantive tax issues.

 

SEC Disclosure

Under the SOA, an issuers CEO and CFO have to certify that reports filed with the SEC do not contain any material untrue statements or omissions and that the financial information therein fairly presents the issuers financial condition and results. In making these certifications, the CEO and CFO may require subordinates to render mirror certifications to them. Thus, the tax department head may have to certify the accuracy of returns and tax provisions to his or her supervisor, or the CEO or CFO may want to hold discussions with tax department personnel as part of due diligence.

 Tax department personnel may be asked to explain questionable tax positions, tax-motivated transactions, the determination and adequacy of the tax provision, book-tax differences and other tax matters. In addition, according to the SEC, the certification requirement that the financial statements fairly present the issuers financial condition is not necessarily met by compliance with GAAP,9 and the GAAP treatment of tax items may vary depending on the underlying assumptions. Thus, it may be appropriate to discuss different accounting treatments and the assumptions underlying GAAP treatment (such as nonrecording of U.S. tax expense on permanently deferred foreign subsidiary earnings, or full valuation of net operating losses). In sum, tax department personnel may become involved in certification and may want to develop procedures to facilitate that process.

Internal disclosure controls and procedures ensure that a public company timely and properly discloses material information. Tax department personnel can help design these controls and procedures. In particular, they can help develop standards (such as materiality) and procedures for determining when and how to report tax problems to the appropriate senior officers in charge of disclosure determinations.

The SOA also requires a public issuer to disclose in its reported financial statements all material correcting adjustments that the issuers auditor identified. No tax department wants a correcting adjustment in tax accounting or reserves to be highlighted in this manner, although in most instances adjustments are likely to be absorbed in the cushion analysis. When a proposed transaction or tax position involves significant tax uncertainty, the tax department may want to confirm its proposed tax treatment with the auditor before it undertakes the transaction or position.

  

Internal Financial Controls and Procedures

As noted, the SOA requires a public company to have in place internal controls over financial reporting (i.e., controls to provide reasonable assurance on the reliability of financial reporting, the preparation of financial statements in accordance with GAAP and authorization of transactions).

How do these financial controls relate to the tax department? What would happen if a company had zero tax controls (i.e., had no tax department and completely disregarded its tax obligations)? First, there would be no way to prepare GAAP financial statements, as there would be no tax returns from which to determine the companys tax liability. Second, there would be a dissipation of assets, as the company would incur penalties, interest and perhaps excessive taxes. Thus, a company clearly needs controls to ensure that its tax compliance is properly handled and that its tax expense and other tax items are properly reflected on the financial statements in accordance with GAAP.

Tax department personnel should participate in the development or formalization of these controls, and the manner in which they will test and evaluate effectiveness. These controls should cover return compliance, to ensure that (1) good numbers are entered into returns; (2) return preparation software is adequate and accurate; (3) designated staff review the return; (4) a designated person signs the return; and (5) elections and filing deadlines are not overlooked.

Another possible control measure may be an evaluation and approval of the companys participation in any listed transaction, tax product or other tax shelter by certain designated tax officers or a committee. This will ensure that the company does not commit to any tax products through its treasury or controller without proper vetting. Although this requirement may create an audit trail for the IRS, the company now has to disclose many of those transactions on its return anyway.

 The company should also have controls ensuring that tax expense and other tax items are properly mapped into and reflected in the financial statements in accordance with GAAP, including those to ensure (1) determination of tax items in accordance with Financial Accounting Standards Board (FASB) Statement No. 109, Accounting for Income Taxes; (2) adequacy and accuracy of any software; (3) review of reserves and cushion; and (4) review by designated persons.

In addition, although perhaps not technically financial controls, the company may find it useful to include the tax departments other compliance requirements in the same control materials, so as to have the requirements all in one place. Other such controls may include procedures to (1) ensure that tax problems are reported to the appropriate officers in charge of SEC disclosure and (2) secure audit committee approval for retaining the auditor to perform tax services and ensure proper disclosure of the services and fees.

 

Code of Ethics

A public company may wish to extend and apply its code of ethics to the tax department. The code may contain such mandates as compliance with all Federal and state laws, and disclosure of all relevant information to government agencies. However, tax department personnel may already be subject to their own ethics standards, such as Circular 230,10 the AICPAs Statements on Standards for Tax Services for CPAs, and the American Bar Associations and state ethics codes and opinions for attorneys.

To the extent the company code of ethics is applied to the tax department, tax personnel should review the code and determine whether the provisions applied to the tax function are appropriate. In some instances, modification or qualifying language may be in order, to avoid inconsistency or take into account the realities of tax practice. Generally, when applicable standards differ, tax department personnel would be subjected to the stricter rule.

   

Conduct of Financial Audits

A new SEC regulation,11 issued under SOA Section 303, directly addresses dealings with auditors. It makes it illegal for directors, officers and persons acting under their direction to mislead or coerce auditors, as follows:

(a) No director or officer of an issuer shall, directly or indirectly:

(1) Make or cause to be made a materially false or misleading statement to an accountant in connection with; or

(2) Omit to state, or cause another person to omit to state, any material fact necessary in order to make statements made, in light of the circumstances under which such statements were made, not misleading, to an accountant in connection with:

(i) Any audit, review or examination of the financial statements of the issuer required to be made pursuant to this subpart; or

(ii) The preparation or filing of any document or report required to be filed with the Commission pursuant to this subpart or otherwise.

(b)(1) No officer or director of an issuer, or any other person acting under the direction thereof, shall directly or indirectly take any action to coerce, manipulate, mislead, or fraudulently influence any independent public or certified public accountant engaged in the performance of an audit or review of the financial statements of that issuer that are required to be filed with the Commission pursuant to this subpart or otherwise if that person knew or should have known that such action, if successful, could result in rendering the issuers financial statements materially misleading.

Further, the scope of persons acting under the direction of an officer or director in section (b) reaches beyond subordinates to include, in appropriate circumstances, outside parties, such as attorneys or other advisers.12 Moreover, it has stated that the fraudulent intent limit in that section applies only to influence, and that mere negligence in misleading an auditor may constitute a violation.

These rules apply when an auditor consults with a director, officer, tax department personnel or other person acting under the direction of an officer or director, concerning a material tax item. Under section (b), such person has to exercise at least reasonable care in providing accurate information to the auditor to avoid a violation.13 Moreover, section (a), applicable to officers and directors, on its face appears to be absolute in nature, such that any material misstatement or omission as to taxes could be a violation, even if there was reasonable care. Thus, officers and directors may be subject to an even higher standard.

The SOA may also spur more stringent auditor review of the companys tax positions on audit. To the extent a material tax position was not previously advanced or reviewed by the auditor (due perhaps to the SOAs restrictions on the auditors provision of nonaudit services), the auditor will have to carefully review and scrutinize that position on audit. Even when the audit firm provided the tax advice, the SOAs emphasis on auditor independence can make the audit partners more inclined to question or double-check the work than in the past, or the company may wish to have a second firm review some of the work. Thus, the tax provision review process can become more substantive and contentious. To avoid problems on audit when someone other than the auditor is providing the tax advice on a transaction having uncertain tax consequences, the company may want its auditor to review and sign off on the transaction before carrying it out, rather than awaiting the audit, only to find that the auditor will not accept the desired tax or accounting treatment.

Finally, the audit committees responsibilities under the SOA may cause its committee members to become more involved and ask more questions about tax matters. Thus, tax department personnel may have to explain, for example, the determination and adequacy of the companys tax provision and any questionable tax positions or tax-motivated transactions to the audit committee.

 

Conduct of Tax Audits and Tax Cases

The SOA imposes stiff criminal penalties on malfeasance in connection with Federal matters and official proceedings. These provisions can apply to anyone and will be discussed more fully in Part II, in the November 2003 issue.

With the SOAs emphasis on disclosure and recordkeeping, perhaps new archives of potential tax problems will be created. Companies should consider the tax audit implications of the new disclosure enhancements, internal financial controls and associated recordkeeping.

 

Whistleblowers

The SOA contains several provisions for situations in which a company employee believes that the companys treatment of a tax item is improper, perhaps with material financial effect. As was noted, SOA Section 301 re-quires audit committees to create procedures for handling complaints and concerns on accounting or auditing matters. The companys code of ethics or other internal policies and procedures may cover such complaints as well.

In addition, two SOA provisions bar retaliation against whistleblowers. First, a new provision,14 added by SOA Section 806, prohibits a company that has any registered securities or  required to file reports under 34 Act Section 12 or 15(d) from discharging, demoting, suspending, threatening, harassing or otherwise discriminating against an em-ployee because of whistleblowing. This includes any lawful act done by the employee to provide information or assistance concerning possible mail fraud,15 wire fraud,16 bank fraud,17 securities fraud18 or violation of any SEC rule or regulation or any Federal law relating to fraud against investors to (1) Federal regulatory or law enforcement agencies; (2) Congressional members or committees; or (3) company supervisors or other persons working for the employer to root out misconduct. An employee who alleges discharge or other discrimination in violation of this provision may sue for compensatory damages and any other relief necessary to make the employee whole. There are already reported cases19 involving employees who have asserted these protections in disputes over the handling of tax matters. 

Second, another provision,20 added by SOA Section 1107, makes it a crime for anyone to knowingly take any action harmful to any person, including interference with his or her lawful employment or livelihood, with the intent to retaliate for providing truthful information relating to the commission or possible commission of any Federal offense to a law enforcement officer. The punishment is a fine and/or up to 10 years imprisonment.

A tax department member could potentially be on either side of these provisions. Such member may be the person with the concern or complaint; in such case, these provisions may afford some relief and protection. Under some circumstances, such a person might be well-advised to consult an attorney. Alternatively, the member may be a superior to a subordinate who has a concern or complaint. In that case, the superior should be sensitive to the subordinates rights under these provisions and may wish to consult the human resources (HR) or legal department for guidance. Thus, tax department personnel should be aware of these provisions.

 

Substantive Transactions and Tax Issues

Certain SOA provisions may impede some popular tax-related transactions, primarily transactions involving management. The SOA may also spawn other transactions and undertakings. Thus, tax department personnel should recognize these developments and be prepared to offer guidance and determine tax consequences.

One provision,21 added by SOA Section 402, bars an issuer from extending credit (directly or indirectly) in the form of a personal loan to or for any of its directors or executive officers. This prohibition could be interpreted to bar transactions such as equity split-dollar life insurance programs, cashless option-exercise programs, loan guarantees, travel expense advances and home-equity advances and bridge loans for relocating executives. Future guidance may clarify the permissibility of these transactions; in the meantime, caution seems advised.

Tax advisers could also be confronted with questions on the treatment of compensation forfeitures under the SOA. The statute mandates that an issuers CEO and CFO forfeit any bonuses or profits on sales of issuer securities received during the 12-month period following the issuance of a financial statement later restated due to issuer misconduct. This could raise a number of questions. For example, if the CEO or CFO received the bonus or profits in a tax year preceding the year in which the funds are repaid, how are the initial payment and subsequent forfeiture treated, at both the corporate and employee levels?

The SOA also prohibits the sale of employer stock by a director or executive officer during any period of more than three consecutive days over which the ability of at least 50% of employees under all of the issuers defined contribution plans to trade employer securities through the plan is restricted (i.e., a blackout period), to the extent that the stock was acquired via the directors or officers performance of services for the issuer. The tax department may have to assist HR or management with questions about whether particular shares were acquired in connection with services and to keep management apprised of any such blackout periods.

The SOAs mandate of disclosure of material off-balance-sheet transactions, and the FASBs recent expansion of consolidation requirements, may make such transactions less attractive. As a result, there may be fewer such transactions requiring tax analysis and reporting in the future, and the analysis for new transactions may have to be modified. Existing arrangements may be unwound or restructured, requiring analysis and reporting of the tax consequences.

Finally, a public company may incur substantial costs to comply with the SOA, such as to implement audit committee standards and procedures, internal controls over financial reporting, a code of ethics and disclosure controls and procedures. The tax department would have to determine whether such costs are currently deductible or subject to capitalization. Alternatively, compliance costs under the SOA may be a factor prompting a public company to go private, in a transaction that may require much tax analysis.

  

Conclusion

Tax department personnel should help design and develop internal controls and procedures to assist CEOs and CFOs in complying with the new disclosure certification requirements, to ensure that tax compliance is properly handled, tax expense and tax items are properly recorded and reflected on the financial statements and material tax problems are properly and timely disclosed. They must be mindful of the SOAs conduct standards in dealing with financial auditors and in handling tax audits and proceedings. The SOA could spawn whistleblower rights and proceedings, and tax departments should be equipped to properly respond. The SOA may impede some heretofore common tax-related transactions, principally involving transactions with senior management, and prompt other transactions and undertakings, including costs to comply with the SOA; tax department personnel should be prepared to provide substantive guidance or determine tax treatment.

Part II, in the November 2003 issue, will examine restrictions on tax services from auditors, describe some provisions that may apply to any taxpayer or tax adviser and make some recommendations. 

Back
2003 AICPA