Forwarding from Michael Peregrine: A ‘Twist’ On Top Ten Governance Trends For 2020 – It’s a Good Read

I have provided below a link to a Forbes and McDermott Will & Emery post by Michael Peregrine titled: A ‘Twist’ On Top Ten Governance Trends for 2020. It’s a good read. As Mr. Peregrine indicates, he writes a governance trends list that is in addition to shareholder activism, cybersecurity, climate risks, and SEC regulation.

Mr. Peregrine’s additional list includes the following headings (and I have added some comments with “DT”) – please read Mr. Peregrine’s article (see the link below) as the value is in the contents, not in the headings:

-Preparing for more volatility (DT: absolutely, always)

-Emphasis on board refreshment (DT: to what extent will it happen?)

-Corporate accountability returns (DT: to what extent will it happen?)

-Re-examining purpose (DT: to what extent will it happen?)

-Emphasis on business judgment rule (DT: I hope so, including processes and governance)

-A closer focus on innovation (DT: absolutely)

-Greater emphasis on human capital (DT: and culture)

-Pushing change with compliance programs (DT: yes)

-Retooling structure and process (DT: I hope so).

Here is a link to Mr. Peregrine’s discussion https://www.forbes.com/sites/michaelperegrine/2020/01/02/a-twist-on-top-ten-governance-trends-for-2020/#7b9276016a28

Consideration also should be given to industry, types of services and products produced and provided, size of entity (pre-micro-, micro-, small-, mid-, and large-cap), and type of entity including public, private, nonprofit, and governmental.

To be fair to any such discussion, of course each of us can add to or subtract from such a list, or expand upon the length and content of the discussions. I would add, for example, review of and improvements to risk and uncertainty management processes, additional discussions about the functions and performances of the board’s committees, reviewing and improving board and board committee self-evaluation processes, reviewing and improving crisis response processes, making sure that directors have the assistance, resources and information that they need to perform their diligence and oversight (possibly including, for example, legal counsel, internal and independent audit, and executive and mid-management involvement), and reviewing and improving internal reporting, investigation, and related disciplinary or “taking subsequent action” processes.

—————————————————————

Remember, every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this post. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly. And please also subscribe to this blog and my other blog (see below), and connect with me on LinkedIn and Twitter.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

My law practice primarily involves the following areas and issues:

Probate Court Disputes and Litigation

  • Trust and estate disputes and litigation, and contentious administrations representing fiduciaries and beneficiaries; elder abuse; power of attorney disputes; elder care and nursing home abuse; conservatorships; claims to real and personal property; and other related disputes and litigation.

Business and Business-Related Disputes and Litigation: Private, Closely Held, and Family Businesses; Public Companies; and Nonprofit Entities

  • Business v. business disputes including breach of contract; unlawful, unfair and fraudulent business practices; fraud, deceit and misrepresentation; unfair competition; licensing agreements, breach of the covenant of good faith and fair dealing; etc.
  • Misappropriation of trade secrets
  • M&A disputes
  • Founder, officer, director and board, investor, shareholder, creditor, VC, control, governance, decision making, fiduciary duty, conflict of interest, independence, voting, etc., disputes
  • Buy-sell disputes
  • Funding and share dilution disputes
  • Accounting, lost profits, and royalty disputes and damages
  • Access to corporate and business records disputes
  • Employee, employer and workplace disputes and processes, discrimination, whistleblower and retaliation, harassment, defamation, etc.

Investigations and Governance

  • Corporate and business internal investigations
  • Board, audit committee and special committee governance and processes, disputes, conflicts of interest, independence, culture, ethics, etc.

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

From a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read:

* * * * *

AUDIT COMMITTEE SELF-EVALUATION

David W. Tate

Attorney at Law

Certified Public Accountant (inactive California)

Copyright 2019 David W. Tate (however, you are authorized to download and print these materials for your use, and to also pass them to other people who would be interested)

BLOGS

D&O, Audit Committees, Risk Management, Compliance, Investigations & Governance: http://auditcommitteeupdate.com

Trust, Estate, Conservatorship & Elder Abuse Litigation: http://californiaestatetrust.com

Linkedin: http://www.linkedin.com/in/davetateesq

Twitter: http://twitter.com/davidtateesq

 

Self-evaluation is an important board and committee activity, and can be very helpful if done properly.

A.  Introduction and Overview

The following discussion covers audit committee self-evaluation and provides processes that you can use. As noted elsewhere in these materials, although many board and audit committee functions, responsibilities and tasks are specified by statute, regulation, rule or pronouncement, board and audit committee member standards of care remain significantly dependent on due diligence and prudent judgment.

Boards and audit committees of various entities are required by law, regulation or rule to conduct annual committee self-evaluations; however, it is worthwhile for boards and audit committees of all public and private companies and nonprofit entities to conduct self-evaluations. Board and audit committee jobs are challenging, ongoing, and technical in nature, and require the members to significantly interact with many people in different capacities within and outside of the entity. It only makes sense that both boards and audit committees should at least once each year take time to step back and review, evaluate and make improvements to their manners of operation, and also consider helpful actions that can be taken by other people with whom the boards and audit committees interact. Self-evaluation will be worthwhile even if it results in improving only one area of operation.

Board and audit committee responsibilities originate from several different sources at least including (1) activities and responsibilities that boards or audit committees voluntarily undertake or that are delegated to them; (2) the business judgment rule; (3) the specific laws, regulations and rules that are applicable to the entity’s directors and audit committee members; (4) the wording of the board and audit committee charters, if there are charters; (5) shareholder and stakeholder expectations, and (6) for audit committees, accounting and auditing pronouncements relating to the outside auditor’s activities.

Prudent board and audit committee processes and diligence are also important to reduce member and entity liability and reputation risk. An increasing number of cases hold that board and audit committee members can be liable for failure to exercise sufficient diligence, failure to spot and respond to red flags, and failure to take action. Active board, committee and corporate diligence tend to demonstrate prudent business judgment and negate allegations of recklessness, improper intent, intentional wrongdoing, or “scienter” such as in the context of securities litigation, thus reducing the risk of securities liability and damages. In the context of audit committee activities, potential entity, board, and audit committee member liability typically arises in the context of alleged improper accounting practices, written and oral public misrepresentations (such as with respect to financial matters), and improper employment practices.

Although not required, there can be advantages to having a facilitator conduct an interactive interview approach to the self-evaluation process, but without performance grading or rating: it can be difficult to construct a questionnaire with standardized questions that would be similarly understood by each of the participants in the self-evaluation process; different people use different rating scales; different people express responses in different manners; and certain important issues will change from year to year. A facilitated approach may encourage better discussion and comment, compilation, continuity, explanation, and follow-up. Contact me if you are interested in committee self-evaluation assistance at a reasonable fixed fee.

Issues and topic areas to consider during the self-evaluation process will naturally vary from entity to entity, and from board and audit committee to board and audit committee. Thus, to stimulate discussion, below for both boards and audit committees I have provided lists of potential broad issues or topic areas to consider for discussion and evaluation, including both successes and possible improvements; and I have also outlined processes to assist your board and audit committee self-evaluation processes.

B.  Audit Committee Self-Evaluation

1.  Sample List of Issues and Topics to Consider for Audit Committee Self-Evaluation

The following is a list of issues and topic areas to consider for discussion and evaluation. The list is intended to help trigger thought processes, but, of course, is not exhaustive as areas of discussion and evaluation will vary from entity to entity, and from committee to committee. The following list is not intended to and does not suggest that each or any of the below issues and topics must be considered or covered and is not a checklist – instead, if your audit committee is required to conduct a specific evaluation process or to cover certain specific issues and topics, you will need to separately consider the specific requirements, if any, for your audit committee and its evaluation process pursuant to law, regulation or rule. In that regard, please also see the disclaimer and limitations at the beginning of these materials.

-Audit committee meeting agenda preparation and dissemination process.

-Committee member independence and situational independence, financial literacy, experience and expertise.

-Committee member access to information and/or education pertinent to the functions and responsibilities of the audit committee. Are the needs of the committee members being met, so that they are sufficiently knowledgeable and educated about the company or nonprofit and its industry; relevant significant accounting and auditing issues; relevant legal matters; internal controls, risk assessment and management; governance; and new developments in those and other areas?

-Committee and committee member interactions, including interaction between committee members, and between the committee and the board, the CEO, the CFO, the outside auditor, the internal auditor, legal counsel, compliance and ethics, HR, consultants, and other people.

-The committee’s processes for identifying and spotting issues, evaluation and decision making.

-The contents of the audit committee charter, and a mutual understanding of the audit committee’s responsibilities and tasks. The charter is a requirement for public companies, and is a good idea for many private companies and nonprofit entities. The charter is a prudent document to identify and clarify the audit committee’s responsibilities. In addition to the committee itself, it is important for the board, the executive officers, and other stakeholders to have a correct understanding about the committee’s responsibilities and limitations, and the extent to which state or local jurisdiction, U.S. and international requirements and responsibilities apply or may apply to your audit committee.

-Selection of the outside auditor; audit planning; review of the performance of the outside auditor; and review of the quarterly review and annual audit report and process (or compilation if appropriate).

-Review of recent developments relating to the business judgment rule, standard of care and acceptable reliance on other people.

-Review of accounting and financial internal and fraud/embezzlement related controls and processes, risk assessment and management, possible entity and individual liability and reputation risk exposure; and compliance assessment and management relating to laws, regulations, and rules that are within the scope of the audit committee’s functions and responsibilities including issues relating to the Foreign Corrupt Practices Act.

– Review of the accounting department, and accounting and financial reporting for transactions including all of the subcomponents such as principles and policies applied (quality not just acceptability); judgments, estimates and reserves; timing and cutoff procedures; off balance sheet transactions; related party transactions; contingencies and liabilities; revenue recognition; expenses; inventories; goodwill; insider trading; and other matters relating to accounting and financial statement reports.

-Implementing revenue recognition rules, and other important, new or changing accounting principles.

-Review of internal investigation processes, procedures and needs.

-Review of the financial and internal audit functions, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Review of risk management and uncertainty issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Implementing COSO 2013 or other appropriate processes.

-Documenting and reporting the audit committee’s activities and minutes.

-The audit committee’s use of attorneys and consultants.

-The company’s investor communication processes.

-Whistleblower, ethics, anonymous reporting and complaint handling processes to the extent that the reporting is within the scope of the audit committee’s function and responsibilities.

-Document retention policies.

-Review of the compliance and ethics function and processes that are within the scope of the audit committee’s responsibilities, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Governance, including tone at the top, financial leadership, transparency and appearance.

-Review of employer, employee and workplace processes, culture, safety, and disciplinary practices that are within the scope of the audit committee’s function and responsibilities.

-Review of tax compliance and reporting issues that are within the scope of the audit committee’s function and responsibilities.

-Review of cybersecurity and internet security issues that are within the scope of the audit committee’s function and responsibilities.

-Insurance.

-Review of pension and health plan related issues that are within the scope of the audit committee’s function and responsibilities.

-Review of information privacy issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Review of asset protection, IP, trade secret, etc. practices to the extent that they are within the audit committee’s function and responsibilities.

-Review of environmental issues and safety that are within the scope of the audit committee’s function and responsibilities.

-Review of product and consumer safety issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Review of billing and accounting relating to the receipt of funds or revenue from governmental sources such as Medicare and Medicaid; compliance with applicable laws, regulations, rules and other requirements; and oversight of expenses relating to these areas.

-Review of the acceptance, receipt, allocation, expenditure or distribution, and accounting for all charitable and donor funds, grants, contributions, pledges and other resources, including compliance with all requirements, restrictions and special uses.

-Review of accounting for collaboration and joint venture arrangements, including the allocation of receipts/income and distributions/expenses between the entities.

-And, in this economic environment, review of the fair value of funds and investments, including loss of value; liquidity concerns; possible going concern issues; estimates for uncollectibles and related reserves; debt/loan covenants; and funding source uncertainties including those that relate to collaboration and joint venture arrangements.

-It is also important for the audit committee to clarify with the board what responsibilities it has, if any, for oversight of the numerous and various areas of taxation and compliance; ERISA, pension and health and welfare plans; investments; tax exempt status including fund raising, dues, solicitation, and political, campaign and lobby activities; and other areas significant to the entity.

-Discussion about audit committee membership and recruitment needs.

-Additional significant topics or issues that should be discussed.

2.  A Self-Evaluation Process and Format for Audit Committees

The following eight primary steps outline a proposed audit committee self-evaluation process that is workable for audit committees of public companies, private companies and nonprofit entities, whether using or not using, an outside facilitator.

 

Step 1. Determine the people who will be participating in the evaluation process, including the audit committee members, and other people, if any, to interview for comment.

Provide the names of the people who will participate in the evaluation process.

 

 

Step 2. Determine how the participant interviews will be conducted, individually or in a group, in person or by telephone, skype or some other means.

Provide comments or information about how the interviews will be handled with the various different people who will participate in the evaluation.

 

 

Step 3. Arrange participant individual or group interview dates and times.

Provide participant individual or group interview date and time information.

 

 

Step 4. Provide the participants with pre-interview materials and a list of possible issue or topic areas (broad and specific) for consideration and discussion. Of course, the participants can add additional issues or topics. Use this paper for that purpose.

Provide information regarding the status of disseminating the pre-interview materials.

 

 

Step 5. Have each participant provide a list of one to five, or more, issues or topic areas that the participant would specifically like to discuss during the evaluation process.

Provide comments and information regarding receipt of issues or topic areas from the self-evaluation process participants, and the respective issues or topic areas listed.

 

 

Step 6. Conduct information intake or interviews with participants individually or as a group.

Provide comments and information from the participants or the status of such – the input can be made by the participants themselves or by a facilitator during self-evaluation interviews.

 

 

Step 7. Summarize in a report format the issues and topic areas, information received, and suggestions made during the self-evaluation process.

Provide a summary in a report format.

 

 

Step 8. Provide a report back to the audit committee, and possibly conduct a committee group review of the self-evaluation process, information obtained, and suggestions made, and possible future actions or follow-up.

Provide additional comments and information about the self-evaluation process or results.

 

 

Concluding comments. I hope you have found this discussion helpful and at least a good starting point for your audit committee self-evaluation. Feel free to contact me if you are interested in discussing the audit committee self-evaluation process, or if you would like help with facilitation of committee self-evaluation at a reasonable fixed fee.

Best to you,

David Tate, Esq.

* * * * *

 

 

Chart of Accounting Corrections v. Restatements 2005 – 2018 – Questions to be Asked and Investigated

I have attached below at the bottom of his post a snapshot of a chart from a recent CFO Journal showing accounting corrections or revisions v. restatements (compiled, I believe, by Audit Analytics) for the years 2005 – 2018 (for all U.S. public companies, I believe). I have also included in the snapshot just a few of the comments and discussion that were written immediately below the chart. But the point of this post and for providing you with the chart isn’t the change and improvement in the total numbers. Instead, each of these situations, whether correction/revision or restatement raises a whole host of issues, actions and decisions by the executive officers and the audit committee. For example, each such situation and potential situation warrants and requires some manner of an inquiry or investigation either by the audit committee with reporting to and consideration by the board, or inquiry or investigation by the board itself.

Who should do the inquiry and investigation, including possible issues pertaining to what I refer to as situational legal independence?

What legal counsel will be used, who and what will legal counsel represent as counsel’s client(s), who will do the actual inquiry or investigation, what attorney client privilege and work product issues exist and how to best protect them, etc.?

What and who caused the situation (how did it result), also including why did the situation occur at all and why wasn’t the situation caught, or caught earlier or prevented by all who might have been involved who might have noticed including, for example, risk management, processes and procedures; internal controls; governance, culture, tone-at-the-top and possibly workplace issues; the executive officers; internal audit; external independent audit; in-house legal counsel; and other people, possibly also including board and/or audit committee processes and oversight?

Correction/revision v. restatement classification?

Is there an honest mistake, misfeasance, nonfeasance, malfeasance, scienter, etc.?

What is the civil liability exposure to the entity (and possibly to the individuals) and how can it be mitigated?

Is there possible criminal liability exposure at issue? Consideration of DOJ guidelines.

Will or might there be clawback involved?

When and how should the situation be disclosed and reported?

Has or will the entity (or the CEO, CFO, board, audit committee, etc.) suffer a loss of credibility, and how can that be remedied and rehabilitated?

What changes will be implemented so that this situation does not occur again? And how can those changes be tested for efficiency?

What other related shortcomings have been discovered to exist and how will they be remedied?

The entire conduct of the investigation, etc.

And the list of considerations, actions and decision making becomes longer as you drill down.

Below is the chart – it is interesting that the numbers do show improvements:

—————————————————————

Remember, every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this post. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly. And please also subscribe to this blog and my other blog (see below), and connect with me on LinkedIn and Twitter.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

My law practice primarily involves the following areas and issues:

Probate Court Disputes and Litigation

  • Trust and estate disputes and litigation, and contentious administrations representing fiduciaries and beneficiaries; elder abuse; power of attorney disputes; elder care and nursing home abuse; conservatorships; claims to real and personal property; and other related disputes and litigation.

Business and Business-Related Disputes and Litigation: Private, Closely Held, and Family Businesses; Public Companies; and Nonprofit Entities

  • Business v. business disputes including breach of contract; unlawful, unfair and fraudulent business practices; fraud, deceit and misrepresentation; unfair competition; licensing agreements, breach of the covenant of good faith and fair dealing; etc.
  • Misappropriation of trade secrets
  • M&A disputes
  • Founder, officer, director and board, investor, shareholder, creditor, VC, control, governance, decision making, fiduciary duty, conflict of interest, independence, voting, etc., disputes
  • Buy-sell disputes
  • Funding and share dilution disputes
  • Accounting, lost profits, and royalty disputes and damages
  • Access to corporate and business records disputes
  • Employee, employer and workplace disputes and processes, discrimination, whistleblower and retaliation, harassment, defamation, etc.

Investigations and Governance

  • Corporate and business internal investigations
  • Board, audit committee and special committee governance and processes, disputes, conflicts of interest, independence, culture, ethics, etc.

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

From a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read:

* * * * *

AUDIT COMMITTEE SELF-EVALUATION

David W. Tate

Attorney at Law

Certified Public Accountant (inactive California)

Copyright 2019 David W. Tate (however, you are authorized to download and print these materials for your use, and to also pass them to other people who would be interested)

BLOGS

D&O, Audit Committees, Risk Management, Compliance, Investigations & Governance: http://auditcommitteeupdate.com

Trust, Estate, Conservatorship & Elder Abuse Litigation: http://californiaestatetrust.com

Linkedin: http://www.linkedin.com/in/davetateesq

Twitter: http://twitter.com/davidtateesq

 

Self-evaluation is an important board and committee activity, and can be very helpful if done properly.

A.  Introduction and Overview

The following discussion covers audit committee self-evaluation and provides processes that you can use. As noted elsewhere in these materials, although many board and audit committee functions, responsibilities and tasks are specified by statute, regulation, rule or pronouncement, board and audit committee member standards of care remain significantly dependent on due diligence and prudent judgment.

Boards and audit committees of various entities are required by law, regulation or rule to conduct annual committee self-evaluations; however, it is worthwhile for boards and audit committees of all public and private companies and nonprofit entities to conduct self-evaluations. Board and audit committee jobs are challenging, ongoing, and technical in nature, and require the members to significantly interact with many people in different capacities within and outside of the entity. It only makes sense that both boards and audit committees should at least once each year take time to step back and review, evaluate and make improvements to their manners of operation, and also consider helpful actions that can be taken by other people with whom the boards and audit committees interact. Self-evaluation will be worthwhile even if it results in improving only one area of operation.

Board and audit committee responsibilities originate from several different sources at least including (1) activities and responsibilities that boards or audit committees voluntarily undertake or that are delegated to them; (2) the business judgment rule; (3) the specific laws, regulations and rules that are applicable to the entity’s directors and audit committee members; (4) the wording of the board and audit committee charters, if there are charters; (5) shareholder and stakeholder expectations, and (6) for audit committees, accounting and auditing pronouncements relating to the outside auditor’s activities.

Prudent board and audit committee processes and diligence are also important to reduce member and entity liability and reputation risk. An increasing number of cases hold that board and audit committee members can be liable for failure to exercise sufficient diligence, failure to spot and respond to red flags, and failure to take action. Active board, committee and corporate diligence tend to demonstrate prudent business judgment and negate allegations of recklessness, improper intent, intentional wrongdoing, or “scienter” such as in the context of securities litigation, thus reducing the risk of securities liability and damages. In the context of audit committee activities, potential entity, board, and audit committee member liability typically arises in the context of alleged improper accounting practices, written and oral public misrepresentations (such as with respect to financial matters), and improper employment practices.

Although not required, there can be advantages to having a facilitator conduct an interactive interview approach to the self-evaluation process, but without performance grading or rating: it can be difficult to construct a questionnaire with standardized questions that would be similarly understood by each of the participants in the self-evaluation process; different people use different rating scales; different people express responses in different manners; and certain important issues will change from year to year. A facilitated approach may encourage better discussion and comment, compilation, continuity, explanation, and follow-up. Contact me if you are interested in committee self-evaluation assistance at a reasonable fixed fee.

Issues and topic areas to consider during the self-evaluation process will naturally vary from entity to entity, and from board and audit committee to board and audit committee. Thus, to stimulate discussion, below for both boards and audit committees I have provided lists of potential broad issues or topic areas to consider for discussion and evaluation, including both successes and possible improvements; and I have also outlined processes to assist your board and audit committee self-evaluation processes.

B.  Audit Committee Self-Evaluation

1.  Sample List of Issues and Topics to Consider for Audit Committee Self-Evaluation

The following is a list of issues and topic areas to consider for discussion and evaluation. The list is intended to help trigger thought processes, but, of course, is not exhaustive as areas of discussion and evaluation will vary from entity to entity, and from committee to committee. The following list is not intended to and does not suggest that each or any of the below issues and topics must be considered or covered and is not a checklist – instead, if your audit committee is required to conduct a specific evaluation process or to cover certain specific issues and topics, you will need to separately consider the specific requirements, if any, for your audit committee and its evaluation process pursuant to law, regulation or rule. In that regard, please also see the disclaimer and limitations at the beginning of these materials.

-Audit committee meeting agenda preparation and dissemination process.

-Committee member independence and situational independence, financial literacy, experience and expertise.

-Committee member access to information and/or education pertinent to the functions and responsibilities of the audit committee. Are the needs of the committee members being met, so that they are sufficiently knowledgeable and educated about the company or nonprofit and its industry; relevant significant accounting and auditing issues; relevant legal matters; internal controls, risk assessment and management; governance; and new developments in those and other areas?

-Committee and committee member interactions, including interaction between committee members, and between the committee and the board, the CEO, the CFO, the outside auditor, the internal auditor, legal counsel, compliance and ethics, HR, consultants, and other people.

-The committee’s processes for identifying and spotting issues, evaluation and decision making.

-The contents of the audit committee charter, and a mutual understanding of the audit committee’s responsibilities and tasks. The charter is a requirement for public companies, and is a good idea for many private companies and nonprofit entities. The charter is a prudent document to identify and clarify the audit committee’s responsibilities. In addition to the committee itself, it is important for the board, the executive officers, and other stakeholders to have a correct understanding about the committee’s responsibilities and limitations, and the extent to which state or local jurisdiction, U.S. and international requirements and responsibilities apply or may apply to your audit committee.

-Selection of the outside auditor; audit planning; review of the performance of the outside auditor; and review of the quarterly review and annual audit report and process (or compilation if appropriate).

-Review of recent developments relating to the business judgment rule, standard of care and acceptable reliance on other people.

-Review of accounting and financial internal and fraud/embezzlement related controls and processes, risk assessment and management, possible entity and individual liability and reputation risk exposure; and compliance assessment and management relating to laws, regulations, and rules that are within the scope of the audit committee’s functions and responsibilities including issues relating to the Foreign Corrupt Practices Act.

– Review of the accounting department, and accounting and financial reporting for transactions including all of the subcomponents such as principles and policies applied (quality not just acceptability); judgments, estimates and reserves; timing and cutoff procedures; off balance sheet transactions; related party transactions; contingencies and liabilities; revenue recognition; expenses; inventories; goodwill; insider trading; and other matters relating to accounting and financial statement reports.

-Implementing revenue recognition rules, and other important, new or changing accounting principles.

-Review of internal investigation processes, procedures and needs.

-Review of the financial and internal audit functions, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Review of risk management and uncertainty issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Implementing COSO 2013 or other appropriate processes.

-Documenting and reporting the audit committee’s activities and minutes.

-The audit committee’s use of attorneys and consultants.

-The company’s investor communication processes.

-Whistleblower, ethics, anonymous reporting and complaint handling processes to the extent that the reporting is within the scope of the audit committee’s function and responsibilities.

-Document retention policies.

-Review of the compliance and ethics function and processes that are within the scope of the audit committee’s responsibilities, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Governance, including tone at the top, financial leadership, transparency and appearance.

-Review of employer, employee and workplace processes, culture, safety, and disciplinary practices that are within the scope of the audit committee’s function and responsibilities.

-Review of tax compliance and reporting issues that are within the scope of the audit committee’s function and responsibilities.

-Review of cybersecurity and internet security issues that are within the scope of the audit committee’s function and responsibilities.

-Insurance.

-Review of pension and health plan related issues that are within the scope of the audit committee’s function and responsibilities.

-Review of information privacy issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Review of asset protection, IP, trade secret, etc. practices to the extent that they are within the audit committee’s function and responsibilities.

-Review of environmental issues and safety that are within the scope of the audit committee’s function and responsibilities.

-Review of product and consumer safety issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Review of billing and accounting relating to the receipt of funds or revenue from governmental sources such as Medicare and Medicaid; compliance with applicable laws, regulations, rules and other requirements; and oversight of expenses relating to these areas.

-Review of the acceptance, receipt, allocation, expenditure or distribution, and accounting for all charitable and donor funds, grants, contributions, pledges and other resources, including compliance with all requirements, restrictions and special uses.

-Review of accounting for collaboration and joint venture arrangements, including the allocation of receipts/income and distributions/expenses between the entities.

-And, in this economic environment, review of the fair value of funds and investments, including loss of value; liquidity concerns; possible going concern issues; estimates for uncollectibles and related reserves; debt/loan covenants; and funding source uncertainties including those that relate to collaboration and joint venture arrangements.

-It is also important for the audit committee to clarify with the board what responsibilities it has, if any, for oversight of the numerous and various areas of taxation and compliance; ERISA, pension and health and welfare plans; investments; tax exempt status including fund raising, dues, solicitation, and political, campaign and lobby activities; and other areas significant to the entity.

-Discussion about audit committee membership and recruitment needs.

-Additional significant topics or issues that should be discussed.

2.  A Self-Evaluation Process and Format for Audit Committees

The following eight primary steps outline a proposed audit committee self-evaluation process that is workable for audit committees of public companies, private companies and nonprofit entities, whether using or not using, an outside facilitator.

 

Step 1. Determine the people who will be participating in the evaluation process, including the audit committee members, and other people, if any, to interview for comment.

Provide the names of the people who will participate in the evaluation process.

 

 

Step 2. Determine how the participant interviews will be conducted, individually or in a group, in person or by telephone, skype or some other means.

Provide comments or information about how the interviews will be handled with the various different people who will participate in the evaluation.

 

 

Step 3. Arrange participant individual or group interview dates and times.

Provide participant individual or group interview date and time information.

 

 

Step 4. Provide the participants with pre-interview materials and a list of possible issue or topic areas (broad and specific) for consideration and discussion. Of course, the participants can add additional issues or topics. Use this paper for that purpose.

Provide information regarding the status of disseminating the pre-interview materials.

 

 

Step 5. Have each participant provide a list of one to five, or more, issues or topic areas that the participant would specifically like to discuss during the evaluation process.

Provide comments and information regarding receipt of issues or topic areas from the self-evaluation process participants, and the respective issues or topic areas listed.

 

 

Step 6. Conduct information intake or interviews with participants individually or as a group.

Provide comments and information from the participants or the status of such – the input can be made by the participants themselves or by a facilitator during self-evaluation interviews.

 

 

Step 7. Summarize in a report format the issues and topic areas, information received, and suggestions made during the self-evaluation process.

Provide a summary in a report format.

 

 

Step 8. Provide a report back to the audit committee, and possibly conduct a committee group review of the self-evaluation process, information obtained, and suggestions made, and possible future actions or follow-up.

Provide additional comments and information about the self-evaluation process or results.

 

 

Concluding comments. I hope you have found this discussion helpful and at least a good starting point for your audit committee self-evaluation. Feel free to contact me if you are interested in discussing the audit committee self-evaluation process, or if you would like help with facilitation of committee self-evaluation at a reasonable fixed fee.

Best to you,

David Tate, Esq.

* * * * *

Forwarding from The FCPA Blog – “Yes, ‘ethical culture’ can be measured” or audited – and so can governance, risk management, compliance, and almost everything, etc. . . .

I am forwarding a July 22, 2019, post by Vera Cherepanova on the FCPA Blog – the following is the link to Ms. Cherepanova’s post: http://www.fcpablog.com/blog/2019/7/22/yes-ethical-culture-can-be-measured.html

Ms. Cherepanova highlights the recent Department of Justice update to its “Evaluation of Corporate Compliance Programs,” and also references the U.S. Federal Sentencing Guidelines, noting that both in part refer to the importance “for a company to create and foster a culture of ethics and compliance.” She then queries: “But how does a company measure its culture of compliance, and what steps does it take in response to its measurement of the compliance culture?” Responding to her query, Ms. Cherepanova states, “Although they sometimes may be labeled differently, the key five you would want to incorporate [into] your measurement include the following: Achievability of targets, goals, and tasks . . . Communication . . . Leadership . . . Organizational justice . . . [and] Accountability.”

I view the blog post as discussing at least two issues: “yes, ethical culture can be measured,” and “criteria that might be used to measure ethical culture.” My response to the first issue also is “yes.” In fact, ethical culture not only can be measured, but can also be audited, such as by internal audit or outside audit. Related to culture, tone-at-the-top and internal controls and control processes have long been recognized as elements in an audit at least from the standpoint of evaluating the possibility of fraud and the extent to which records can be relied upon in designing the audit. Almost anything can be audited including, for example, not just financial transactions but also governance, risk management or risk management processes, compliance with laws, and the list is almost endless.

The more challenging issue is what criteria to use to measure or audit ethical culture and other areas? And, of course, there are follow up issues such as determining who will actually perform and evaluate the measurement or audit process, and will the task of establishing ethical culture not only involve management but also oversight by the board, or the audit committee, or a separate risk committee? Guidelines require board and/or board committee oversight. Relevant to these issues, also click on the following link for a May 2019 post that I wrote about the new DOJ guidelines https://wp.me/p75iWX-fc

Ms. Cherepanova lists some good key areas to measure or audit. It is possible to add additional key areas, and additional criteria can be added to the five areas that the blog post identifies. I’m not being critical of the five key areas that are listed, instead, I am merely pointing out that there is lack of agreement on the key areas to include in the measurement or audit process. Certainly at least DOJ and court case guidance should be consulted. It should also be added, for example, the establishment of a robust anonymous reporting process, and related investigation processes. In addition to others, you should also consult legal counsel for additional guidance. Consider using a team approach as these topics can require input from attorneys and other professionals who have backgrounds in a multitude of different areas.

Ms. Cherepanova’s post raises many additional issues, in fact too many to cover in this post. Under Leadership and Accountability, for example, does or will the alleged wrongdoer’s stature or status within the organization impact the investigation and/or the resulting discipline, if any? These can be difficult questions. Whereas one might argue that stature or status should not be relevant criteria, the severity of disciplinary measures can both positively and negatively impact an organization when a key member of the organization is involved.

My view has been and remains that organizational culture and ethical culture are here to stay as significant or at least relevant organizational issues.

—————————————————————

Remember, every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this website. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the new Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

From a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read:

* * * * *

MITSloan online tool to measure and compare company cultures – you should be aware – comments and screenshot FYI

This came to my attention – MITSloan online tool to measure and compare company cultures. I have previously written about culture, which, for example, is also an element of the COSO ERM framework, and was considerably in the news in 2018, including at the board level. But as I noted: will culture continue to be in the news, and will executive management and boards really take active interest? Culture also is, or could be a component of ESG.

Now apparently, and coming soon I suspect, proposals for different ways to measure culture. One or possibly two standards that are widely accepted would be helpful. Too many possible standards are not helpful, except to argue that there is no recognized standard. Business leaders, executive management, HR, directors, audit and risk committees, internal and outside auditors, in-house counsel, etc., should take note and be aware.

Regarding internal and outside audit, I have thought for a long time that they could (if they wanted to) become involved in auditing, or in auditing certain aspects or components of or processes relating to culture, governance, risk management, fraud risk, etc. I could argue that the value of internal audit and of outside audit are being passed by others who are taking the lead.

And if you are on a board, or on an audit or risk committee, where you are significantly reliant on other people to report to you, might this type of information be helpful to you in your oversight capacity? I have no explicit knowledge about how MITSloan goes about measuring and comparing company cultures, and I don’t know whether I would consider the criteria and processes that they use to be reliable and helpful; however, might it be interesting to search to see if your company is listed and evaluated? Dave Tate, Esq., San Francisco/California

Every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this website. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the new Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

From a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read:

* * * * *

 

 

 

Corporate, Business, Or Entity Culture – The Board’s Role And Knowledge About – From State Street

The following is a link to a January 2019, letter from State Street emphasizing and focusing on the business’s culture and how it adds value. The letter pertains to corporate culture because of the business in which State Street operates – but what we are really talking about is business or entity culture which includes public companies, private businesses, nonprofits, and governmental organizations and entities.

The letter is short and lacks detailed discussion about culture; however, I found interesting the attachment to the letter with possible questions that might be asked of the board members about the state of the business’s culture and the director’s knowledge thereof. I would assume that the majority of directors could not answer those questions with detail.

I also found interesting that the letter differentiates culture from values, and instead focus’ on culture’s impact on value. However, I would say that the business’s values drive and impact the business’s culture.

As culture has become a board topic (and apparently it might be here to stay), I would like to see additional, more specific discussions about how to evaluate and grade, and improve upon the organization or entity’s culture.

This definitely is a topic for the full board, but as it also falls into the category of risk management or ERM, this might also be on the plate of the risk management committee, if there is one, or on the plate of the audit committee to which risk management is often delegated (but let me also add, in my view, risk management is a topic for the entire board – if risk management is delegated to a committee, that committee should, nevertheless, report on risk management to the full board, for the full board’s consideration).

Here is the link to the State Street letter – be sure to read the attachment https://www.ssga.com/investment-topics/environmental-social-governance/2019/01/2019%20Proxy%20Letter-Aligning%20Corporate%20Culture%20with%20Long-Term%20Strategy.pdf

Best to you, David Tate, Esq. (and inactive California CPA)

Blogs: California trust, estate, and elder abuse litigation and contentious administrations http://californiaestatetrust.com; D&O, audit committee, governance and risk management http://auditcommitteeupdate.com

If you have found value in this post, I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly. And please also subscribe to this blog and my other blog (see above), and connect with me on LinkedIn or Twitter.

The following are a few additional materials for your consideration.

Board understanding of culture and mood are pretty low – per NACD materials

Below I have provided a snapshot from NACD promotional materials that I received – the materials are Benchmark Your Board, with which I tend to agree, if the benchmark evaluation is done with meaningful detail, evaluation, and recommendations, and if the board then takes action to improve the board, and all levels of the organization. I find all of the statistics from the materials (see below) of interest; however, for the purpose of this blog post I am focused on the corporate culture section – earlier this year corporate or business or nonprofit or organization culture was heavily in the news, but these things tend to pass.

I don’t hear as much about culture now. But in my view, culture and values need to stay in the news as they are one of the keys to how the entity (i.e., the people in the entity) act or behave, and perform.

Notice, according to the materials, 87% of directors say that their boards have a high understanding of the tone at the top, but is that true and what does that really mean; only 35% of directors say that their boards understand the mood in the middle, whatever that means, but nevertheless, the percentage is very low; and only 18% have a high understanding of the buzz at the bottom, again whatever that means, but the percentage is very low. These seem like failing grades, evidencing, in addition to other things, that board members need get out and visit and mingle at the facilities more.

NACD Benchmark Your Board promotion stat. page

And here are additional materials from prior posts:

Organization Culture Compass Circle

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

Best to you, David Tate, Esq. (and inactive California CPA), Royse Law Firm, Menlo Park, California office, with offices in northern and southern California.  My blogs: trust, estate, elder abuse and conservatorship litigation http://californiaestatetrust.com, D&O, boards, audit committees, governance, etc. http://auditcommitteeupdate.com, workplace http://workplacelawreport.com

David Tate, Esq., Overview of My Practice Areas (Royse Law Firm, Menlo Park, California office, with offices in northern and southern California. http://rroyselaw.com)

  • Civil Litigation: business, commercial, real estate, D&O, board and committee, founder, owner, investor, creditor, shareholder, M&A, and other disputes and litigation; and investigations
  • Probate Court Litigation: trust, estate, elder abuse, and conservatorship disputes and litigation
  • Administration: trust and estate administration and contentious administrations representing fiduciaries and beneficiaries
  • Workplace (including discrimination) litigation and consulting
  • Board, director, committee and audit committee, and executive officer responsibilities and rights; and investigations

Royse Law Firm – Overview of Firm Practice Areas – San Francisco Bay Area and Los Angeles Basin

  • Corporate and Securities, Financing and Formation
  • Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
  • Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
  • International
  • Immigration
  • Mergers & Acquisitions
  • Labor and Employment
  • Litigation (I broke out the litigation as this is my primary area of practice)
  •             Business & Commercial
  •             IP – Patent, Trademark, Copyright, Trade Secret, NDA
  •             Accountings, Fraud, Lost Income/Royalties, Etc.
  •             Internet Privacy, Hacking, Speech, Etc.
  •             Labor and Employment
  •             Mergers & Acquisitions
  •             Real Estate
  •             Owner, Founder, Investor, D&O, Board/Committee, Shareholder
  •             Lender/Debtor
  •             Investigations
  •             Trust, Estate, Conservatorship, Elder Abuse, and Administrations
  • Real Estate
  • Tax (US and International) and Tax Litigation
  • Technology Companies and Transactions, Including AgTech and HealthTech, Etc.
  • Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

Disclaimer. This post is not a solicitation for legal or other services inside or outside of California, and also does not provide legal or other professional advice to you or to anyone else, or about a specific situation – remember that laws are always changing – and also remember and be aware that you need to consult with an appropriate lawyer or other professional about your situation. This post also is not intended to and does not apply to any particular situation or person, nor does it provide and is not intended to provide any opinion or any other comments that in any manner state, suggest or imply that anyone or any entity has done anything unlawful, wrong or wrongful – instead, each situation must be fully evaluated with all of the evidence, whereas this post only includes summary comments about information that may or may not be accurate and that most likely will change over time.

More on Culture/NACD, and Risk Management

I did some weekend reading. The following are two items of interest.

New NACD Report on Culture

The following is a link to the page for the NACD Commission Report on Culture as a Corporate Asset – the complimentary material (28 pages) is worthwhile reading if you are not a NACD member: https://www.nacdonline.org/Resources/Article.cfm?ItemNumber=48256

Of course, the NACD culture report doesn’t carry with it any force of law or requirement, and, although the report is fairly specific while at the same time also vague in that it often refers to comments by commission members who are unnamed, the report is significant because it is provided and supported by a leading board director organization as an indicator that entity culture is an important area for board oversight.

New Post by Norman Marks About Risk Management

And from part of a blog post by Norman Marks about risk management, which you can see at the following link  https://normanmarks.wordpress.com/2017/10/14/is-it-about-managing-risk/

” . . . board should be asking these questions:

  • How likely are we to achieve our objectives?
  • If the likelihood is less than acceptable, why? What can we do about it?
  • If there is a possibility of exceeding our objective, what can and should we do?
  • What assurance do we have that management is taking the right risks, making intelligent and informed decisions?
  • Are there any risks that we should be concerned about, that merit our attention and possibly our action?”

Culture and Governance; The Weinstein Company, Uber, Fox, WFB and Others

Each of the four above listed businesses, and others, have been in the news for issues relating to culture and governance, and other related matters. The legal structures of these four businesses differ significantly, from privately held, to privately held but with high value and reputation venture capital, to publicly held. I have blogged about the new COSO enterprise risk management (ERM) framework, and that the first of the five major components pertains to culture and governance, and the fifth of the five major components pertains to communicating and reporting.

Would the news about these businesses have been different if COSO ERM had been implemented and followed? Perhaps, perhaps not. We might also ask about and evaluate the executive officers; board, board committees and director oversight; the responsibilities of in-house counsel; the actions of the chief compliance officer (if any); how internal audit (if any) might have been helpful; whether issues came or should have come to the attention of the external auditor (including, for example, during the audit planning phase, or even during a more limited review engagement); workplace practices and policies; and perhaps the actions or inactions of the regulatory agencies (if any).

Culture and governance carry with them the potential to affect value (both positive and negative, and for both financial and reputation value), liability, and damages, not only for the business, but, of course, also for victims (and erroneously accused as we have also seen those situations), and for the executive officers and other management, the board and the directors, HR, the chief compliance officer, in-house legal counsel, the chief of internal audit, the partner running the external audit, the employees for their jobs and possible investment and pension holdings, creditors who have loaned money to the business, founders, owners and investors, customers, consumers, and other stakeholders. And these issues apply not only to public and private businesses, but also to nonprofits and governmental entities, and to the people who are involved in and with them.

It isn’t surprising that actions and events occur that are different than reasonably and primarily anticipated (that is the nature of risk management), and that negative and detrimental events also occur, sometimes without legal fault or liability. However, it is somehow also more disappointing to hear that possible or actual problems were known or might have been known to exist for a length of time without being addressed and remedied.

That’s all. I don’t have any personal knowledge about these specific situations other than what I read in the news. And I’m not casting fault, culpability or liability – each situation needs to be internally and/or externally investigated and evaluated by qualified people with the requisite experience, knowledge, demeanor and approach (i.e., objectively and prudently, and where necessary and prudent by people who are independent and without conflict or bias). Often times (practically always) the situations and facts are different (sometimes better, and sometimes worse) than first thought. And then there is always the prospect for litigation to establish responsibilities and rights, liability, causation, damages and remedies including recovery of damages.

We do seem to be seeing an uptick in discussions about the culture and governance of businesses (private, public, and nonprofit) and government – we’ll see if it lasts, and if more specific expectations develop including greater design, implementation and oversight of culture and governance controls.

Please note that the comments in my blog posts are my own, and are not by no one else, and do not apply or related to any particular or specific person, business or other entity, or situation.

* * * * *

 

New Governance Guidance Stretches Thinking on Ethics, Risk, and More

​The King IV draft code has much to say about governance, risk management, compliance, and assurance. Click on the following link for the discussion by Norman Marks and see my comments below: iaonline.theiia.org

This article by Norman Marks discusses parts of the new King IV code that concentrate on culture, ethics and risk. It’s interesting for thought with respect to your own organization. It is and has been long well-known that all three corporate areas, culture, ethics and risk management, are instrumental to business performance and legal compliance.

And although these areas are discussed, and significant strides have been made in or discussed about risk management during the past couple of years, there still are no universally recognized standards or criteria to evaluate or audit how the business is doing in these areas.

I have long been surprised that the auditing professions, external and internal, have not jumped on these areas and also governance.

See also Tate’s Excellent Audit Committee Guide at CLICK HERE

Best, Dave Tate, Esq. (San Francisco and California), http://auditcommitteeupdate.com, http://californiaestatetrust.com, http://tateattorney.com

DTatePicture_Square

‘Internal audit is crucial to assessing impact of corporate culture’

Internal audit’s mandate is much broader than external audit’s, says Richard Chambers of Institute of Internal Auditors

Click on the following link for the article: www.thehindubusinessline.com

Dave Tate, Esq. comment.

 

I’m going to disagree with Mr. Chambers on this one. I believe it is better for external audit to be auditing this issue – which is an issue that external audit already should be taking into consideration when designing the audit and the extent to which management and the accounting and internal control functions can be relied upon.

 

Although internal audit could be assigned a task or project relating to culture, on this topic I would keep the task or project very specific. Internal audit does also work and interact with management and executive management – assessing culture might detrimentally impact those relationships. I would however recommend that internal audit be more involved in risk management, which could involve culture but in a different context.

 

Audit committee, D&O, risk management, etc. blog: http://auditcommitteeupdate.com

Website: http://tateattorney.com

Trust, estate, conservatorship and elder abuse litigation blog: http://californiaestatetrust.com