GAO – A Framework for Managing Fraud Risks in Federal Programs

Posted on June 28, 2016 by David Tate, Esq.

A friend forwarded this to me – the GAO July 2015, materials “A Framework for Managing Fraud Risks in Federal Programs.” If you, and your executive officers, board and audit and risk committees are not up on these materials, and if you have involvement in federal programs or funding, now would be a good time to read this. But I also have to wonder if the federal government itself follows this framework? Immediately below is a snapshot of the first page of the materials, and then I have provided a link to the full materials just below the snapshot. Dave Tate, Esq.

GAO - A Framework for Managing Fraud Risks in Federal Programs

Click on the following link for the full materials: CLICK HERE

New California Case Discussing Whether The Business Judgment Rule Defense Exists Where There Might Have Been A Breach Of A Duty That Was Required By Governance Document Provisions

Posted on June 25, 2016 by David Tate, Esq.

I have linked below a pdf of a new California Appellate Court case (Palm Springs Villas II Homeowners Association, Inc. v. Erna Parth), discussing, under California law, whether the business judgment rule defense exists, at least for the purpose of a motion for summary judgment, when there is or might be evidence that the defendant director or officer did not satisfy duties required of her under the California statutory business judgment rule and entity governance document provisions. The decision is important for several reasons, at least including, that the decision, whether or not you agree with it, is well-written and contains good discussions about the requirements on a motion for summary judgment and other cases discussing the applicability of the California statutory business judgment rule and the related defense, and the decision should apply to both California corporate and nonprofit entities, and possibly also to California partnerships, unincorporated association entities, and religious entities.

In other words, if you are a California entity director or officer, you should read this decision, which will help to explain some of your duties and responsibilities, and that limitations might apply to your business judgment rule defense. And I should also say that it really should not come as a surprise that a California Appellate Court could hold that the business judgment rule defense might not apply in an appropriate factual situation where there might be evidence for example that a director or officer might not have sufficiently satisfied due diligence, investigation or authorization requirements prior to taking actions, even if there is no evidence of intentional wrongdoing or neglect.

Click on the following link for a pdf of the appellate decision in Palm Springs Villas II Homeowners Association, Inc. v. Parth, Palm Springs Villas v. Parth – discussing the business judgment rule defense in light of possible violations of governance documents – California law

You can also see similar discussions and issues in various cases out of Delaware and under the federal securities laws. Directors and officers really need to understand and satisfy the business judgment rule in addition to other duties, and understand and satisfy the applicable provisions that are in governance documents such as by-laws, charters and CC&Rs. You will find a further discussion about the business judgment rule in my detailed Tate’s Excellent Audit Committee Guide, updated January 2016, which you can view and print if you wish from the following blog post, at no cost and without having to provide any information about yourself – click on the following link for the post containing the link to the guide CLICK HERE

Best to you, Dave Tate, Esq., San Francisco Bay Area and throughout California

DTatePicture_Square Audit Committee 5 Lines of Defense 02132016 David W. Tate, Esq.

Director (Prudent) Note Taking, Discouraged or Not – Forward From Woodruff-Sawyer and Priya Cherian Huskins With Comments

Posted on May 25, 2016 by David Tate, Esq.

Here is a link to a good discussion by Priya Cherian Huskins, Esq. at Woodruff-Sawyer about director note taking (not minute taking, but note taking), which can also apply to note taking in general in many situations, CLICK HERE. I agree with Ms. Huskins.

There should be policies and procedures or guidelines to be followed, but a director should be allowed to take notes, and should not be told that he or she cannot take notes. It is a matter of the director performing his or her oversight function in the manner that he or she believes is prudent and necessary. If I was told that as a director or audit committee member that I could not take notes that I thought were necessary and helpful to me and my oversight, I would question that instruction or request, and consider declining the position if it was forced.

Best, Dave Tate, Esq. (San Francisco/California)

PCAOB Proposes Significant Changes to the Audit Report – From PWC

Posted on May 19, 2016 by David Tate, Esq.

The PCAOB has again proposed changes to the standard audit report in which the PCAOB proposes that the report disclose additional information, for example about communications to the audit committee and about judgment or estimate related issues. Here is the link to a discussion by PWC, CLICK HERE. Comments about the proposal are due by August 2016.

This is a modified version of a prior PCAOB proposal. I’m not particularly convinced that the proposal requires a detailed discussion by me at this time as, similar to legislation, the proposal will change over time and whether or not it will ever be enacted is uncertain. However, given that this is a second serious attempt to enact a change in the audit report for audits performed and that are subject to PCAOB oversight, I must believe that this attempt will have an increased chance of being enacted.

I continue to believe that the current audit report suffers from significant limitations that reduce or limit its usefulness and relevancy for investors. I question the number of audits that would be performed if not for the statutory requirement? And we are seeing other efforts to increase discussions and disclosures that are thought to be useful to investors, such as the activities of the Sustainability Accounting Standards Board and other activities by the PCAOB.

In general, these activities also should benefit the external and internal audit professions as they will make their activities even more relevant, and also likely increase their workload.

One other thought: where are audit committees on this? I believe that in general they should support these efforts: on the one hand these activities might increase audit committee complexity and workload, but on the other hand, as the audit committee is significantly dependent on information that is provided by other people (because the audit committee is not involved in the day-to-day activities of the business, and its role is diligent and informed “oversight”), this information and these disclosures tend to provide the audit committee with additional information that might help in the audit committee member’s oversight effectiveness.

Best, Dave Tate, Esq. (San Francisco/California), and here is a link to my audit committee guide, CLICK HERE

PCAOB proposes changes to audit report

Third-Party Risks and Internal Audit – and Bring in Legal

Posted on May 18, 2016 by David Tate, Esq.

The following is a link to a short video discussion about auditing third-party risks from the Institute of Internal Auditors, CLICK HERE FOR THE VIDEO.

The discussion is interesting for what it says, and what it doesn’t say. Of course it’s only a short video and does not purport to cover anywhere near the entire topic, and the video also is only part I. The discussion also focuses only on negative risks, e.g., the risk of negative catastrophe such as from cyber breach, but what about a more positive risk such as a resulting shortage of product materials because new product demand surpasses the highest estimates?

Internal audit and other people who are involved in third-party risk need to avoid working in silos. The video doesn’t mention the audit committee, or internal audit’s charter, or the involvement of legal counsel, for example. What about the risk of faulty or dangerous product produced or materials used by a third-party vendor? The discussion does touch on evaluating whether to end or terminate the contract with a third-party vendor – how does internal audit do that – bring in legal right?

In any event, I’m just using the video to prompt some discussions, which certainly was the intent of the video.

Best, Dave Tate, Esq. (San Francisco / California), and click on the following link for my audit committee guide – and please tell other people who would be interested, CLICK HERE FOR A BLOG POST WITH A LINK TO THE GUIDE – JUST CLICK THE LINK – YOU DON’T NEED TO PROVIDE ANY INFORMATION

Comments on the DoJ Fraud Section Plan and Guidance

Posted on May 14, 2016 by David Tate, Esq.

Recently, on April 8, 2016, I wrote a post about the new DoJ Fraud Section’s Foreign Corrupt Practices Act Enforcement Plan and Guidance. Here is a link to that post and the Plan and Guidance CLICK HERE.

I did not at that time provide comments about the Plan and Guidance, which is only 9 pages in length. Whereas audit committees definitely should read and understand the Plan and Guidance, and take it into consideration for the purpose of pre-policies, processes and practices, and then also if an event or occurrence happens, my additional overview comments are as follows.

As you read through the Plan and Guidance, unfortunately I believe that you will find that for the most part it vaguely says that you should conduct an investigation of everything and everyone who might be relevant to the event or occurrence, that you should self report everything that you find (except for attorney-client information and materials, but of course the Fraud Section might argue about what qualifies as being attorney-client privileged), and that the Fraud Section will then consider what benefits it will grant, if any, to you for doing so. In that regard, I have to say that the Plan and Guidance is noncommittal, vague and overly broad, and might be considered heavy-handed, and as such isn’t particularly helpful or not nearly as helpful as it might have been.

The Plan and Guidance also only applies to the Fraud Section – thus, it does not apply to any of the other numbers of governmental entities, divisions, departments or sections that might also be looking into the event or occurrence. But, please do read and understand the Plan and Guidance anyway.

And the following is a link to my Excellent Audit Committee Guide – read it and pass it around, CLICK HERE.

Best, Dave Tate, Esq. (San Francisco/California)

PCAOB Rules to Improve Transparency by Disclosing Engagement Partner Name and Information about Other Audit Firms are Approved by SEC

Posted on May 14, 2016 by David Tate, Esq.

Short and brief, the following is a link to the PCAOB site if you want to read more about this new change (Click Here), but in truth, I just don’t see why this took so much effort and time to approve. I don’t see this as a big deal. Do you? Am I missing something? In any event, I’m passing this along.

Best, Dave Tate, Esq. (San Francisco / California)

Auditors – Derivatives – Auditing v. Risk Management, Big Difference – Reporting v. Evaluation

Posted on May 3, 2016 by David Tate, Esq.

I have been reading an email thread by some very good auditors and risk management professionals. It struck a chord with me. The discussion was about derivatives in general.

One participant posted recent comments or possible comments by Warren Buffett about the difficulties of evaluating derivative transactions and banks and companies that hold derivative contracts or instruments.

Another participant differentiated auditing and risk management in the context of derivatives – stating that the external auditor audits to determine whether the derivative transaction has been properly accounted for within the context of generally accepted accounting principles.

But the auditor’s clean opinion really doesn’t tell management, or the board, or the audit committee, or the investor how the derivative will behave or react in different situations, or the risk associated with the derivative. Of course, that audit weakness also is true with respect to all audited transactions – the auditor is only telling you that within GAAP and GAAS, and the determined level of materiality, the transactions have been properly recorded. Although proper accounting is important, the risk associated is equally and perhaps more important.

A few of my other posts have discussed derivatives – here is a link to a post about derivatives and audit committees http://wp.me/p75iWX-h.

And, as audit committees have oversight of risk management or certain aspects of risk management (which is too vague of a term (i.e., risk management), and lacking in specifics for my liking, see also http://wp.me/p75iWX-1F re risk management, audit committees, and AC charters ), as an audit committee member should you evaluate whether you and your committee, and management, are sufficiently on top of the derivative issue and the risks that they might present to your entity and its shareholders, and to you and your reputation? I’m not anti-derivative – they can be helpful and prudent – I’m simply saying that as part of your oversight and diligence you should consider whether you and your organization are sufficiently on top of the issue and understand the risks that the different derivative instruments and transactions present.

And here is a link to my audit committee guide, updated January 2016, http://wp.me/p75iWX-q

Thanks for reading. Dave Tate, Esq. (San Francisco/California)

DTatePicture_Square

New 9-Page Letter Guidance From The US DoJ On FCPA Enhanced Enforcement, Self-Reporting And Cooperation

Posted on April 8, 2016 by David Tate, Esq.

The following is a link to a new 9-page letter from the US Department of Justice providing guidance about enhanced Foreign Corrupt Practices Act enforcement, self-reporting, and the actions that are necessary for individuals and businesses to obtain cooperation status. The letter is only 9-pages – in this post I’m not going to summarize the letter because you can (and should) read the letter in about the same amount of time. Audit committee members need to read and understand this letter, and then be sure that the company has proper policies and procedures in place.

Here is the letter, April 5, 2016, US Dept. of Justice New FCPA Enforcement Plan and Guidance, and https://www.justice.gov/opa/file/838386/download.

Enjoy. Dave Tate, Esq. (San Francisco/California), and see also Tate’s Excellent Audit Committee Guide at Tate’s Excellent Audit Committee Guide 01032016 with Appendix A Final

Who Acts For The Board Of Directors On Arranging D&O Coverage – A Disturbing Discussion

Posted on April 7, 2016 by David Tate, Esq.

The following is a link to a short, disturbing video discussion about D&O insurance coverage, who arranges that coverage, and the director’s input into that process and purchase. If this is the typical after-the-fact scenario . . . CLICK HERE FOR THE VIDEO DISCUSSION AND THEN CLICK ON THE VIDEO START BUTTON

Who speaks for the board on D&O coverage

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: