California Office Of Attorney General – Guide For Charities – Note, You Will Want To Read This If You Are A Nonprofit Executive Officer, Director, Or Decision Maker

I have provided below two links: the first is for the California Office of Attorney General’s main website page for guidance to charities, and the second is to the Attorney General’s lengthy pdf paper providing guidance (113 pages). The following are the chapters to the lengthy paper providing guidance:

CONTENTS
Chapter 1 Understanding the Charitable Sector 1
Chapter 2 How to Form a Public Benefit Corporation 7
Chapter 3 Obtaining Tax-Exempt Status 13
Chapter 4 Charities as Employers 22
Chapter 5 Exercising Fiscal Management 32
Chapter 6 Reporting Requirements 38
Chapter 7 Directors & Officers of Public Benefit Corporations 50
Chapter 8 Members of Public Benefit Corporations 63
Chapter 9 Charitable Fundraising 66
Chapter 10 Attorney General’s Role with Charities 80
Chapter 11 Reviewing Nonprofit Transactions 85
Chapter 12 Charitable Trusts, Religious, & Foreign Entities 94
Appendices 105

The main website also provides additional materials.

Let me just say that all executive officers, directors, and senior decision makers of nonprofits in California should read the lengthy paper providing guidance. Whereas it’s not like the Attorney General’s office is making a point of going after executive officers and directors of nonprofits, some of the discussions in the lengthy paper certainly will cause nonprofit senior or executive decision makers to take notice of their responsibilities and possible liability exposure as viewed by the Attorney General – which is appropriate given that the California Office of the Attorney General does oversee nonprofits in California. I am also an advocate for executive officers and directors to consider the business judgment rule – you can see the business judgment rule in other posts on this blog.

The following is a link to the main guidance website page: https://oag.ca.gov/charities/guide-live

The following is a link to the lengthy guidance paper: https://oag.ca.gov/sites/all/files/agweb/pdfs/charities/publications/guide_for_charities.pdf

—————————————————————

Remember, every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this post. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly. And please also subscribe to this blog and my other blog (see below), and connect with me on LinkedIn and Twitter.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

My law practice primarily involves the following areas and issues:

Probate Court Disputes and Litigation

  • Trust and estate disputes and litigation, and contentious administrations representing fiduciaries and beneficiaries; elder abuse; power of attorney disputes; elder care and nursing home abuse; conservatorships; claims to real and personal property; and other related disputes and litigation.

Business and Business-Related Disputes and Litigation: Private, Closely Held, and Family Businesses; Public Companies; and Nonprofit Entities

  • Business v. business disputes including breach of contract; unlawful, unfair and fraudulent business practices; fraud, deceit and misrepresentation; unfair competition; licensing agreements, breach of the covenant of good faith and fair dealing; etc.
  • Misappropriation of trade secrets
  • M&A disputes
  • Founder, officer, director and board, investor, shareholder, creditor, VC, control, governance, decision making, fiduciary duty, conflict of interest, independence, voting, etc., disputes
  • Buy-sell disputes
  • Funding and share dilution disputes
  • Accounting, lost profits, and royalty disputes and damages
  • Access to corporate and business records disputes
  • Employee, employer and workplace disputes and processes, discrimination, whistleblower and retaliation, harassment, defamation, etc.

Investigations and Governance

  • Corporate and business internal investigations
  • Board, audit committee and special committee governance and processes, disputes, conflicts of interest, independence, culture, ethics, etc.

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

An internal investigation summary overview page from a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read (and you will also find other posts about investigations on my blog):

 

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

 

AUDIT COMMITTEE SELF-EVALUATION

David W. Tate

Attorney at Law

Certified Public Accountant (inactive California)

Copyright 2019 David W. Tate (however, you are authorized to download and print these materials for your use, and to also pass them to other people who would be interested)

BLOGS

D&O, Audit Committees, Risk Management, Compliance, Investigations & Governance: http://auditcommitteeupdate.com

Trust, Estate, Conservatorship & Elder Abuse Litigation: http://californiaestatetrust.com

Linkedin: http://www.linkedin.com/in/davetateesq

Twitter: http://twitter.com/davidtateesq

Self-evaluation is an important board and committee activity, and can be very helpful if done properly.

A.  Introduction and Overview

The following discussion covers audit committee self-evaluation and provides processes that you can use. As noted elsewhere in these materials, although many board and audit committee functions, responsibilities and tasks are specified by statute, regulation, rule or pronouncement, board and audit committee member standards of care remain significantly dependent on due diligence and prudent judgment.

Boards and audit committees of various entities are required by law, regulation or rule to conduct annual committee self-evaluations; however, it is worthwhile for boards and audit committees of all public and private companies and nonprofit entities to conduct self-evaluations. Board and audit committee jobs are challenging, ongoing, and technical in nature, and require the members to significantly interact with many people in different capacities within and outside of the entity. It only makes sense that both boards and audit committees should at least once each year take time to step back and review, evaluate and make improvements to their manners of operation, and also consider helpful actions that can be taken by other people with whom the boards and audit committees interact. Self-evaluation will be worthwhile even if it results in improving only one area of operation.

Board and audit committee responsibilities originate from several different sources at least including (1) activities and responsibilities that boards or audit committees voluntarily undertake or that are delegated to them; (2) the business judgment rule; (3) the specific laws, regulations and rules that are applicable to the entity’s directors and audit committee members; (4) the wording of the board and audit committee charters, if there are charters; (5) shareholder and stakeholder expectations, and (6) for audit committees, accounting and auditing pronouncements relating to the outside auditor’s activities.

Prudent board and audit committee processes and diligence are also important to reduce member and entity liability and reputation risk. An increasing number of cases hold that board and audit committee members can be liable for failure to exercise sufficient diligence, failure to spot and respond to red flags, and failure to take action. Active board, committee and corporate diligence tend to demonstrate prudent business judgment and negate allegations of recklessness, improper intent, intentional wrongdoing, or “scienter” such as in the context of securities litigation, thus reducing the risk of securities liability and damages. In the context of audit committee activities, potential entity, board, and audit committee member liability typically arises in the context of alleged improper accounting practices, written and oral public misrepresentations (such as with respect to financial matters), and improper employment practices.

Although not required, there can be advantages to having a facilitator conduct an interactive interview approach to the self-evaluation process, but without performance grading or rating: it can be difficult to construct a questionnaire with standardized questions that would be similarly understood by each of the participants in the self-evaluation process; different people use different rating scales; different people express responses in different manners; and certain important issues will change from year to year. A facilitated approach may encourage better discussion and comment, compilation, continuity, explanation, and follow-up. Contact me if you are interested in committee self-evaluation assistance at a reasonable fixed fee.

Issues and topic areas to consider during the self-evaluation process will naturally vary from entity to entity, and from board and audit committee to board and audit committee. Thus, to stimulate discussion, below for both boards and audit committees I have provided lists of potential broad issues or topic areas to consider for discussion and evaluation, including both successes and possible improvements; and I have also outlined processes to assist your board and audit committee self-evaluation processes.

B.  Audit Committee Self-Evaluation

1.  Sample List of Issues and Topics to Consider for Audit Committee Self-Evaluation

The following is a list of issues and topic areas to consider for discussion and evaluation. The list is intended to help trigger thought processes, but, of course, is not exhaustive as areas of discussion and evaluation will vary from entity to entity, and from committee to committee. The following list is not intended to and does not suggest that each or any of the below issues and topics must be considered or covered and is not a checklist – instead, if your audit committee is required to conduct a specific evaluation process or to cover certain specific issues and topics, you will need to separately consider the specific requirements, if any, for your audit committee and its evaluation process pursuant to law, regulation or rule. In that regard, please also see the disclaimer and limitations at the beginning of these materials.

-Audit committee meeting agenda preparation and dissemination process.

-Committee member independence and situational independence, financial literacy, experience and expertise.

-Committee member access to information and/or education pertinent to the functions and responsibilities of the audit committee. Are the needs of the committee members being met, so that they are sufficiently knowledgeable and educated about the company or nonprofit and its industry; relevant significant accounting and auditing issues; relevant legal matters; internal controls, risk assessment and management; governance; and new developments in those and other areas?

-Committee and committee member interactions, including interaction between committee members, and between the committee and the board, the CEO, the CFO, the outside auditor, the internal auditor, legal counsel, compliance and ethics, HR, consultants, and other people.

-The committee’s processes for identifying and spotting issues, evaluation and decision making.

-The contents of the audit committee charter, and a mutual understanding of the audit committee’s responsibilities and tasks. The charter is a requirement for public companies, and is a good idea for many private companies and nonprofit entities. The charter is a prudent document to identify and clarify the audit committee’s responsibilities. In addition to the committee itself, it is important for the board, the executive officers, and other stakeholders to have a correct understanding about the committee’s responsibilities and limitations, and the extent to which state or local jurisdiction, U.S. and international requirements and responsibilities apply or may apply to your audit committee.

-Selection of the outside auditor; audit planning; review of the performance of the outside auditor; and review of the quarterly review and annual audit report and process (or compilation if appropriate).

-Review of recent developments relating to the business judgment rule, standard of care and acceptable reliance on other people.

-Review of accounting and financial internal and fraud/embezzlement related controls and processes, risk assessment and management, possible entity and individual liability and reputation risk exposure; and compliance assessment and management relating to laws, regulations, and rules that are within the scope of the audit committee’s functions and responsibilities including issues relating to the Foreign Corrupt Practices Act.

– Review of the accounting department, and accounting and financial reporting for transactions including all of the subcomponents such as principles and policies applied (quality not just acceptability); judgments, estimates and reserves; timing and cutoff procedures; off balance sheet transactions; related party transactions; contingencies and liabilities; revenue recognition; expenses; inventories; goodwill; insider trading; and other matters relating to accounting and financial statement reports.

-Implementing revenue recognition rules, and other important, new or changing accounting principles.

-Review of internal investigation processes, procedures and needs.

-Review of the financial and internal audit functions, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Review of risk management and uncertainty issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Implementing COSO 2013 or other appropriate processes.

-Documenting and reporting the audit committee’s activities and minutes.

-The audit committee’s use of attorneys and consultants.

-The company’s investor communication processes.

-Whistleblower, ethics, anonymous reporting and complaint handling processes to the extent that the reporting is within the scope of the audit committee’s function and responsibilities.

-Document retention policies.

-Review of the compliance and ethics function and processes that are within the scope of the audit committee’s responsibilities, and how they can be helpful to the audit committee in the performance of its responsibilities and tasks.

-Governance, including tone at the top, financial leadership, transparency and appearance.

-Review of employer, employee and workplace processes, culture, safety, and disciplinary practices that are within the scope of the audit committee’s function and responsibilities.

-Review of tax compliance and reporting issues that are within the scope of the audit committee’s function and responsibilities.

-Review of cybersecurity and internet security issues that are within the scope of the audit committee’s function and responsibilities.

-Insurance.

-Review of pension and health plan related issues that are within the scope of the audit committee’s function and responsibilities.

-Review of information privacy issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Review of asset protection, IP, trade secret, etc. practices to the extent that they are within the audit committee’s function and responsibilities.

-Review of environmental issues and safety that are within the scope of the audit committee’s function and responsibilities.

-Review of product and consumer safety issues, practices and processes that are within the scope of the audit committee’s function and responsibilities.

-Review of ESG, ESG processes, and ESG discussions and disclosures.

-Review of billing and accounting relating to the receipt of funds or revenue from governmental sources such as Medicare and Medicaid; compliance with applicable laws, regulations, rules and other requirements; and oversight of expenses relating to these areas.

-Review of the acceptance, receipt, allocation, expenditure or distribution, and accounting for all charitable and donor funds, grants, contributions, pledges and other resources, including compliance with all requirements, restrictions and special uses.

-Review of accounting for collaboration and joint venture arrangements, including the allocation of receipts/income and distributions/expenses between the entities.

-And, in this economic environment, review of the fair value of funds and investments, including loss of value; liquidity concerns; possible going concern issues; estimates for uncollectibles and related reserves; debt/loan covenants; and funding source uncertainties including those that relate to collaboration and joint venture arrangements.

-It is also important for the audit committee to clarify with the board what responsibilities it has, if any, for oversight of the numerous and various areas of taxation and compliance; ERISA, pension and health and welfare plans; investments; tax exempt status including fund raising, dues, solicitation, and political, campaign and lobby activities; and other areas significant to the entity.

-Discussion about audit committee membership and recruitment needs.

-Additional significant topics or issues that should be discussed.

2.  A Self-Evaluation Process and Format for Audit Committees

The following eight primary steps outline a proposed audit committee self-evaluation process that is workable for audit committees of public companies, private companies and nonprofit entities, whether using or not using, an outside facilitator.

 

Step 1. Determine the people who will be participating in the evaluation process, including the audit committee members, and other people, if any, to interview for comment.

Provide the names of the people who will participate in the evaluation process.

 

 

Step 2. Determine how the participant interviews will be conducted, individually or in a group, in person or by telephone, skype or some other means.

Provide comments or information about how the interviews will be handled with the various different people who will participate in the evaluation.

 

 

Step 3. Arrange participant individual or group interview dates and times.

Provide participant individual or group interview date and time information.

 

 

Step 4. Provide the participants with pre-interview materials and a list of possible issue or topic areas (broad and specific) for consideration and discussion. Of course, the participants can add additional issues or topics. Use this paper for that purpose.

Provide information regarding the status of disseminating the pre-interview materials.

 

 

Step 5. Have each participant provide a list of one to five, or more, issues or topic areas that the participant would specifically like to discuss during the evaluation process.

Provide comments and information regarding receipt of issues or topic areas from the self-evaluation process participants, and the respective issues or topic areas listed.

 

 

Step 6. Conduct information intake or interviews with participants individually or as a group.

Provide comments and information from the participants or the status of such – the input can be made by the participants themselves or by a facilitator during self-evaluation interviews.

 

 

Step 7. Summarize in a report format the issues and topic areas, information received, and suggestions made during the self-evaluation process.

Provide a summary in a report format.

 

 

Step 8. Provide a report back to the audit committee, and possibly conduct a committee group review of the self-evaluation process, information obtained, and suggestions made, and possible future actions or follow-up.

Provide additional comments and information about the self-evaluation process or results.

 

 

Concluding comments. I hope you have found this discussion helpful and at least a good starting point for your audit committee self-evaluation. Feel free to contact me if you are interested in discussing the audit committee self-evaluation process, or if you would like help with facilitation of committee self-evaluation at a reasonable fixed fee.

Best to you,

David Tate, Esq.

* * * * *

 

California LLC Member and Manager Duties to the LLC and to Each Other

California LLC Member and Manager Duties to the LLC and to Each Other

In a member-managed LLC, each member owes a duty of loyalty and a duty of care to the LLC and to the other members.

In a manager-managed LLC, each manager owes a duty of loyalty and a duty of care to the LLC and to the members. Members who are not managers do not owe the duty of loyalty or the duty of care.

Note however that you also must read (and understand) the operating agreement to determine if any of these duties are expanded; to determine if any of these duties are reduced or purportedly eliminated (they cannot be eliminated); and, in a member-managed LLC, to determine if any of these duties are shifted from one member to one or more other members.

Issues, questions and disputes about legal responsibilities/duties and rights pursuant to these duties usually don’t arise or usually are relatively uncomplicated while the LLC members and managers are dealing with each other honestly, openly, and fully, as in most businesses and situations. In my practice I handle situations and represent clients where legal responsibilities and rights and the actions and inactions of the people who are involved are seriously at issue. And you can see from the wording and definitions in these materials that there can be significant uncertainty and vagueness about exactly what the responsibilities and rights are and can be in different situations.

Duty of Loyalty. The duty of loyalty is limited to the following unless the operating agreement provides otherwise (again, you must read and understand the operating agreement):

Account and Accounting. An LLC member in a member-managed LLC, or a manager in a manger-managed LLC must account to the LLC and hold as a trustee any property, profit, or benefit, that the member or manager, respectively, derives in the conduct of the LLC or in the winding up of the LLC’s activities, or from the use of the LLC’s property including but not limited to the appropriation of an LLC opportunity.  Also take note whether a specific member or a specific manager is tasked with the function of accounting for the LLC.

Adverse Interest. Each member (in a member-managed LLC) and each manager (in a manager-managed LLC) must not deal with the LLC, or on behalf of a person with respect to the LLC, as an interest adverse to the LLC.

Competing with the LLC. Each member (in a member-managed LLC) and each manager (in a manager-managed LLC) must not compete with the LLC in the conduct of the LLC or in the winding up of the LLC’s activities.

Duty of Care. The duty of care in the conduct of the LLC or in the winding up of the LLC’s activities is limited to not committing gross negligence or reckless conduct, intentional misconduct, or a knowing violation of law. However, you must read and understand the operating agreement as it is permissible for the agreement to expand the standard of culpability to ordinary or simple negligence.

Duty of Good Faith and Fair Dealing. In both a member-managed and in a manager-managed LLC, members and managers have a duty of good faith and fair dealing to the LLC and to the other members – for example, to not obtain an advantage or benefit by any misrepresentation or concealment or other means. And this is true whether the duties arise under the California Revised Uniform Limited Liability Company Act (CRULLCA) or the LLC’s operating agreement. A duty of good faith and fair dealing is a duty of care; however, you can also see that it is a duty of care that is separate from the culpability standards.

—————————————————————

Remember, every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this post. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly. And please also subscribe to this blog and my other blog (see below), and connect with me on LinkedIn and Twitter.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

My law practice primarily involves the following areas and issues:

Probate Court Disputes and Litigation

  • Trust and estate disputes and litigation, and contentious administrations representing fiduciaries and beneficiaries; elder abuse; power of attorney disputes; elder care and nursing home abuse; conservatorships; claims to real and personal property; and other related disputes and litigation.

Business and Business-Related Disputes and Litigation: Private, Closely Held, and Family Businesses; Public Companies; and Nonprofit Entities

  • Business v. business disputes including breach of contract; unlawful, unfair and fraudulent business practices; fraud, deceit and misrepresentation; unfair competition; breach of the covenant of good faith and fair dealing; etc.
  • Misappropriation of trade secrets
  • M&A disputes
  • Founder, officer, director and board, investor, shareholder, creditor, VC, control, governance, decision making, fiduciary duty, conflict of interest, voting, etc., disputes
  • Buy-sell disputes
  • Funding and share dilution disputes
  • Accounting, lost profits, and royalty disputes
  • Access to corporate and business records disputes
  • Employee, employer and workplace disputes, discrimination, whistleblower and retaliation, harassment, defamation, etc.

Investigations and Governance

  • Corporate and business internal investigations
  • Board, audit committee and special committee governance and processes, disputes, conflicts of interest, independence, etc.

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

From a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read:

* * * * *

New July 11, 2019, PCAOB CAM Guidance For Audit Committees – Is A Matter A CAM (See Chart); And Responses To FAQs

On July 11, 2019, the PCAOB published additional guidance for audit committees about CAMs (Critical Audit Matters). I have provided a link below to the additional guidance. From the additional guidance, I am also providing immediately below a snapshot to the PCAOB’s chart to help determine whether a matter is a CAM, plus four of the PCAOB’s responses to frequently asked questions that I found interesting. This is my fourth relatively recent post in which I have commented about CAMs.

Immediately below is a snapshot to the PCAOB’s chart to determine whether a matter is a CAM:

The following are snapshots of four of the PCAOB’s responses to frequently asked questions that I found to be interesting. While the responses are useful and helpful, I don’t find that they simplify the matter. The response in the first snapshot below also could be confusing – I expect that audit committees will want to have a significant role in, or at least significant input in or comments about, CAMs and certain specific CAMs and proposed CAMs in particular. Whereas the auditor might have ultimate say about how a CAM is worded (because it is the auditor’s report), I expect that audit committees will be directly involved in and vocal about whether or not a matter is a CAM, and how the CAM is communicated. And I expect that in some circumstances there might be or will be disagreement, at which point the audit committee, or the board, or the company might be put the position of having to evaluate whether to communicate or respond further about the CAM, and the manner of doing so.

The following are snapshots of four of the PCAOB’s responses to frequently asked questions that I found to be interesting:

Click on the following link to be taken to the PCAOB’s page with the new July 11, 2019, PCAOB guidance for audit committees about CAMs:

Click to access Audit-Committee-Resource-CAMs.pdf

—————————————————————

Remember, every case and situation is different. It is important to obtain and evaluate all of the evidence that is available, and to apply that evidence to the applicable standards and laws. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this website. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the new Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

The following are copies of the tables of contents of three of the more formal materials that I have written over the years about accounting/auditing, audit committees, and related legal topics – Accounting and Its Legal Implications was my first formal effort, which resulted in a published book that had more of an accounting and auditing focus; Chapter 5A, Audit Committee Functions and Responsibilities, for the California Continuing Education of the Bar has a more legal focus; and the most recent Tate’s Excellent Audit Committee Guide (February 2017) also has a more legal focus:

Accounting and Its Legal Implications

Chapter 5A, Audit Committee Functions and Responsibilities, CEB Advising and Defending Corporate Directors and Officers

Tate’s Excellent Audit Committee Guide

The following are other summary materials that you might find useful:

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

From a prior blog post which you can find at https://wp.me/p75iWX-dk if the below scan is too difficult to read:

* * * * *

A Few Comments About Going Concern Uncertainties, CAMs, Etc.

I don’t hear or see much in the news about disclosures about an entity’s going concern, but I have a feeling that this is going to become a bigger issue for certain public companies, their boards and audit committees, and their auditors. Evaluating going concern is a complicated topic – thus, in this post I am highlighting one aspect, but an important aspect. See, FASB ASU No. 2014-15, and subsequent materials relating thereto. I suspect that most people would conclude that evaluating a potential issue relating to going concern involves, or depending on the circumstances could involve, especially challenging, subjective, or complex auditor judgment – thus, potentially raising critical audit matters or CAMs. Click on the following link  https://wp.me/p75iWX-fr for a prior summary post about CAMs. I digress here for one comment: in regard to CAMs, one might ask, for example, “When are the circumstances of an auditor’s judgment simply ‘challenging’ v. ‘especially challenging’”?

Going concern can generally be defined as an evaluation of the entity’s expected ability to continue as an ongoing viable going concern business entity within one year after the date that its financial statements are issued (or within one year after the date that the financial statements are available to be issued, when applicable). Thus, for example, obviously for some business entities it can become a question of liquidity or liquid assets v. rate of cash burn. For the purpose of this post, I am looking at this issue only from an accounting/auditing viewpoint. Many other issues can arise, such as, for example, possible shareholder, investor, and creditor rights, and possible officer, director, and shareholder or majority shareholder liability relating thereto.

Now to the single point of this post, ASU No. 2014-15 provides that when evaluating conditions and events as to whether there is substantial doubt about an entity’s ability to continue as a going concern, the “initial” evaluation does not take into consideration the potential effect of management’s plans that have not been fully implemented as of the date that the financial statements are issued (for example, the initial evaluation might not take into consideration plans to raise capital, borrow money, restructure debt, or dispose of an asset, that have been approved but that have not been fully implemented as of the date that the financial statements are issued). Again, I digress for one comment: in the above discussion, consider, for example, how to evaluate when a matter is “approved” v. “fully implemented.”

Importantly, I note, however, that later in the going concern evaluation process, mitigating factors should be taken into consideration including, for example, the probability that management’s plans will be effectively implemented within one year after the date that the financial statements are issued, and the probability that management’s plans, when implemented, will mitigate the relevant conditions or events that raise substantial doubt about the entity’s ability to continue as a going concern within one year after the date that the financial statements are issued. Thus, in the evaluation process there is a timing aspect to considering possible mitigating factors: first they are not considered, but subsequently they are considered including their probability of implementation and success. Obviously, the going concern evaluation can be or can become complicated.

With the development of CAMs, I am sensing that issues such as these will be discussed more in public and investor view.

Onward.

Every case and situation is different. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this website. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

I am also the new Chair of the Business Law Section of the Bar Association of San Francisco.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

 

OVERVIEW OF A RISK MANAGEMENT PROCESS THAT YOU CAN USE 03162018

Audit Committee 5 Lines of Success, Diligence, and Defense - David Tate, Esq, 05052018

COSO Enterprise Risk Management Framework ERM Components and Principles

* * * * *

 

New April 2019, DOJ Evaluation of Corporate Compliance Programs – the word risk is used 49 times, the board 11 times, and the audit committee 2 times

I have provided below a link to the new 19-page, April 2019, DOJ Evaluation of Corporate Compliance Programs guidance. Obviously a tremendous number of law firms will be discussing and advising about this new guidance. I note that the term risk management is used only once in the document but the word risk or words associated with risk are used 49 times, board or board of directors are used 11 times, and audit committee is used twice. With respect to boards or boards of directors, and audit committees, the guidance is looking for oversight by a source that is autonomous from management, and for there to be a means to allow (or encourage) reporting to a source that is autonomous from management. But in that regard I note that autonomy from management can be a complicated issue as some board members might be involved in management, and other board members, although independent from management, might have conflicts or might not truly be independent such as because of relationships, or perceived alliances, influences, or pressures, or other possible situations.

Click on the following link for the Evaluation of Corporate Compliance Programs guidance: DOJ – Evaluation of Corporate Compliance Programs April 2019, 

Every case and situation is different. You do need to consult with an attorney and other professionals about your particular situation. This post is not a solicitation for legal or other services inside of or outside of California, and, of course, this post only is a summary of information that changes from time to time, and does not apply to any particular situation or to your specific situation. So . . . you cannot rely on this post for your situation or as legal or other professional advice or representation.

Thank you for reading this website. I ask that you also pass it along to other people who would be interested as it is through collaboration that great things and success occur more quickly.

Best to you, David Tate, Esq. (and inactive California CPA) – practicing in California only.

Blogs: Trust, estate/probate, power of attorney, conservatorship, elder and dependent adult abuse, nursing home and care, disability, discrimination, personal injury, responsibilities and rights, and other related litigation, and contentious administrations http://californiaestatetrust.com; Business, D&O, board, director, audit committee, shareholder, founder, owner, and investor litigation, governance, responsibilities and rights, compliance, investigations, and risk management  http://auditcommitteeupdate.com

* * * * *

Discussions About The New COSO ERM Framework And Related Topics

By: David Tate, Esq., Royse Law Firm, Northern and Southern California (Silicon Valley/Menlo Park Office) http://rroyselaw.com/

I have pasted below four links in which the authors discuss enterprise risk management (ERM) and risk management, the new COSO ERM framework, and some aspects of internal audit.

I appreciate what the authors are discussing; however, my preference would have been to have more defined tasks or requirements in the new COSO ERM framework (I use the word “requirements” broadly because generally there is no mandated risk management framework that must be followed, although for some industries and businesses there are some risk management requirements that are mandated by law and which must be followed).

It is clear that whatever risk management framework or process a business uses will remain largely discretionary based on the business judgment of management and the board, and that in fact might be better for possible liability purposes; however, it is my belief that people and businesses usually will implement policies or processes or procedures (other than, for example, for how to design, develop and manufacturer a product or service that they provide) if they are required to follow or adopt certain specific requirements by law, statute, regulation, or rule, or perhaps as required by the expectations of the community or stakeholders. That having been said, we are where we are on this. And it is now also generally accepted (and in some instances mandated) that a business will adopt and implement risk management, the board will oversee risk management, sometimes audit committees and/or risk committees are required to be involved in or oversee risk management, and in some businesses the board will delegate risk management oversight to a committee of the board, to the extent that risk oversight can be delegated (I would maintain that the board still must oversee risk management with the help of the committee and that the board cannot delegate its overall responsibility to oversee risk management).

In my view, the components and principles outlined in the new COSO ERM framework are essentially only broad in nature, which allows for each business to decide how to design and implement, etc., enterprise risk management based on the business judgment of management and the board of that particular business, in light of the business’ mission, core values, business objectives, strategies, and views and evaluations of related risks.

Let me also say this, I do appreciate that the first of the five core components in the new COSO ERM framework is Governance and Culture, and that the fifth of the five components is Information, Communication, and Reporting which also includes principle 19 (Communicates Risk Information) and principle 20 (Reports on Risk, Culture, and Performance). I believe that including governance, culture, communication and reporting (if they are adopted – remember, no specific framework is mandated) will help to move ERM and risk management to a more visible position. And, it is my belief, based on recent business, nonprofit, and governmental entity shortcomings and failures, that governance, culture, communication and reporting need to be moved more front and center. In fact, COSO listed governance and culture as the first of the five core components because governance and culture can be central to the entirety of the entity’s ERM.

The following are the links to the four enterprise risk management, etc., discussions that I mentioned at the beginning of this post, and below those links I have copied and pasted from my September 7, 2017, post in which I discussed the new COSO ERM framework and which you can also read at http://wp.me/p75iWX-aQ 

The following are the links to the four additional discussions:

https://wordpress.com/read/feeds/254243/posts/1619082863

https://iaonline.theiia.org/2017/Pages/COSO-ERM-Getting-Risk-Management-Right.aspx

https://normanmarks.wordpress.com/2017/09/29/should-you-adopt-the-updated-coso-erm-framework-my-assessment/

https://www.protiviti.com/US-en/insights/bulletin-vol6-issue8?utm_medium=social&utm_source=ProSocial

COSO ERM Framework – Enterprise Risk Management – Integrating with Strategy and Performance (five components, and twenty principles)

I.  Governance and Culture Component:

Supporting Principles:

  1. Exercises Board Risk Oversight
  2. Establishes Operating Structures
  3. Defines Desired Culture
  4. Demonstrates Commitment to Core Values
  5. Attracts, Develops, and Retains Capable Individuals

II.  Strategy and Objective-Setting Component:

  1. Analyzes Business Context
  2. Defines Risk Appetite
  3. Evaluates Alternative Strategies
  4. Formulates Business Objectives

III.  Performance Component:

  1. Identifies Risk
  2. Assesses Severity of Risk
  3. Prioritizes Risks
  4. Implements Risk Responses
  5. Develops Portfolio View

IV.  Review and Revision Component:

  1. Assesses Substantial Change
  2. Reviews Risk and Performance
  3. Pursues Improvement in Enterprise Risk Management

V.  Information, Communication, and Reporting Component:

  1. Leverages Information and Technology
  2. Communicates Risk Information
  3. Reports on Risk, Culture, and Performance

Enterprise Risk Management (ERM) and internal controls work together and should complement each other. The following is the broad outline of the COSO 2013 Internal Control Framework.

Sarbanes-Oxley section 404 requires public company management and its external auditors to attest to the design and operating effectiveness of a company’s internal control over external financial reporting. Internal controls should also be designed and implemented for private company, nonprofit and governmental entities.

COSO 2013 Internal Control Framework – 5 Components, and 17 Principles

1.  Control Environment Component:

Mandatory Principles

  1. Demonstrate commitment to integrity and ethical values.
  2. Board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.
  3. Management establishes, with board oversight, structures and reporting lines and appropriate authorities and responsibilities in the pursuit of objectives.
  4. Demonstrate commitment to attract, develop and retain competent individuals in alignment with objectives.
  5. Hold individuals accountable for their internal control responsibilities in the pursuit of objectives.

2.  Risk Assessment Component:

Mandatory Principles

  1. Specify objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives.
  2. Identify risks to the achievement of its objectives across the entity and analyze risks as a basis for determining how the risks should be managed.
  3. Consider the potential for fraud in assessing risks to the achievement of objectives.
  4. Identify and assess changes that could significantly impact the system of internal control.

3.  Control Activities Component:

Mandatory Principles

  1. Select and develop control activities that contribute to the mitigation of risks to the achievement of objectives and acceptable levels.
  2. Select and develop general control activities over technology to support the achievement of objectives.
  3. Deploy control activities through policies that establish what is expected and procedures that put policies into action.

4.  Information & Communication Component:

Mandatory Principles

  1. Obtain or generate and use relevant, quality information to support the functioning of internal control.
  2. Internally communicate information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.
  3. Communicate with external parties regarding matters affecting the functioning of internal control.

5.  Monitoring Activities Component:

Mandatory Principles

  1. Select, develop and perform ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning.
  2. Evaluate and communicate internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.

The Business Judgment Rule

The business judgment rule also is relevant on these topics (from Tate’s Excellent Audit Committee Guide). The business judgment rule provides a director with a defense to personal liability, holding that as a general principle of law, a director, including a director who serves as a member of a board committee, who satisfies the business judgment rule has satisfied his or her duties. Thus, the business judgment rule provides one standard of care, although other standards may very well also apply to specific tasks and responsibilities. The business judgment rule provides a very good overall approach for directors and audit committee members to follow, although the rule itself is lacking in specific detail. In some states the business judgment rule is codified by statute while in other states the rule is established by case law (see, i.e., Cal. Corp. Code §309 for California corporations, Del. Gen. Corp. Law §141 for Delaware corporations, in addition to relevant case law). The rule also applies to directors as board committee members.

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

David Tate, Esq., Royse Law Firm, California (Silicon Valley/Menlo Park office), with additional offices in San Francisco, Los Angeles and Orange County, http://rroyselaw.com/

* * * * *

New COSO ERM Framework – Enterprise Risk Management – Integrating with Strategy and Performance; COSO 2013 Internal Control Framework; the Business Judgment Rule

You may have heard or seen that the new COSO ERM Framework is out as of a day or two ago – Enterprise Risk Management – Integrating with Strategy and Performance. This is a project that COSO announced on October 21, 2014, so it is a longtime in the works. The original (first) framework was issued in 2004. Below I have provided the bare bones outline for the new ERM Framework, in addition to the bare bones outline for the COSO 2013 Internal Control Framework, and a summary of the business judgment rule. Why did I provide all three? Because for boards and audit committees, and for business entities and their executive officers, and sometimes for the employees also, all three are, or should be, tied together.

I will be commenting about and outlining the ERM Framework in detail in later posts (after I have had time to evaluate the detailed materials, and discuss them with colleagues). For now, all I can give you is the outline below. I do note – and I’m not being negative about this – that I have some concern that the five concepts and twenty principles, with the detail added, might be a lot for some small and mid-sized business entities, nonprofits and governmental entities to handle. But it is what it is. And as you may know, although it is now recognized that boards are responsible for oversight of risk management, many audit committees are responsible for risk management oversight pursuant to statute, regulation, or exchange requirements, and a typical audit committee charter lists oversight of risk management as an area of responsibility, generally there is no legally required or mandated risk management framework or process, although some industries (such as banks, for example) are heavily regulated for risk management purposes. It is possible that the new COSO ERM Framework will become the accepted framework to follow, although other frameworks do exist.

COSO (the Committee of Sponsoring Organizations of the Treadway Commission) is a private sector initiative, jointly sponsored and funded by the American Accounting Association, American Institute of Certified Public Accountants, Financial Executives International, Institute of Management Accountants, and The Institute of Internal Auditors.

The new COSO ERM Framework is organized into five interrelated primary or core components, which are supported by a set of twenty principles. The following is a broad outline of the five components and twenty principles. And as I stated above, in later posts I will be adding considerable detail. Below I have also provided an outline for the COSO 2013 Internal Control Framework, and a discussion about the business judgment rule.

Thanks for reading. David Tate, Esq., Royse Law Firm, Menlo Park office, with offices in the San Francisco Bay Area and Los Angeles

 

COSO ERM Framework – Enterprise Risk Management – Integrating with Strategy and Performance (five components, and twenty principles)

I.  Governance and Culture Component:

Supporting Principles:

  1. Exercises Board Risk Oversight
  2. Establishes Operating Structures
  3. Defines Desired Culture
  4. Demonstrates Commitment to Core Values
  5. Attracts, Develops, and Retains Capable Individuals

II.  Strategy and Objective-Setting Component:

  1. Analyzes Business Context
  2. Defines Risk Appetite
  3. Evaluates Alternative Strategies
  4. Formulates Business Objectives

III.  Performance Component:

  1. Identifies Risk
  2. Assesses Severity of Risk
  3. Prioritizes Risks
  4. Implements Risk Responses
  5. Develops Portfolio View

IV.  Review and Revision Component:

  1. Assesses Substantial Change
  2. Reviews Risk and Performance
  3. Pursues Improvement in Enterprise Risk Management

V.  Information, Communication, and Reporting Component:

  1. Leverages Information and Technology
  2. Communicates Risk Information
  3. Reports on Risk, Culture, and Performance

 

Enterprise Risk Management (ERM) and internal controls work together and should complement each other. The following is the broad outline of the COSO 2013 Internal Control Framework.

Sarbanes-Oxley section 404 requires public company management and its external auditors to attest to the design and operating effectiveness of a company’s internal control over external financial reporting. Internal controls should also be designed and implemented for private company, nonprofit and governmental entities.

COSO 2013 Internal Control Framework – 5 Components, and 17 Principles

1.  Control Environment Component:

Mandatory Principles

  1. Demonstrate commitment to integrity and ethical values.
  2. Board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.
  3. Management establishes, with board oversight, structures and reporting lines and appropriate authorities and responsibilities in the pursuit of objectives.
  4. Demonstrate commitment to attract, develop and retain competent individuals in alignment with objectives.
  5. Hold individuals accountable for their internal control responsibilities in the pursuit of objectives.

2.  Risk Assessment Component:

Mandatory Principles

  1. Specify objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives.
  2. Identify risks to the achievement of its objectives across the entity and analyze risks as a basis for determining how the risks should be managed.
  3. Consider the potential for fraud in assessing risks to the achievement of objectives.
  4. Identify and assess changes that could significantly impact the system of internal control.

3.  Control Activities Component:

Mandatory Principles

  1. Select and develop control activities that contribute to the mitigation of risks to the achievement of objectives and acceptable levels.
  2. Select and develop general control activities over technology to support the achievement of objectives.
  3. Deploy control activities through policies that establish what is expected and procedures that put policies into action.

4.  Information & Communication Component:

Mandatory Principles

  1. Obtain or generate and use relevant, quality information to support the functioning of internal control.
  2. Internally communicate information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.
  3. Communicate with external parties regarding matters affecting the functioning of internal control.

5.  Monitoring Activities Component:

Mandatory Principles

  1. Select, develop and perform ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning.
  2. Evaluate and communicate internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.

 

The Business Judgment Rule

The business judgment rule also is relevant on these topics (from Tate’s Excellent Audit Committee Guide). The business judgment rule provides a director with a defense to personal liability, holding that as a general principle of law, a director, including a director who serves as a member of a board committee, who satisfies the business judgment rule has satisfied his or her duties. Thus, the business judgment rule provides one standard of care, although other standards may very well also apply to specific tasks and responsibilities. The business judgment rule provides a very good overall approach for directors and audit committee members to follow, although the rule itself is lacking in specific detail. In some states the business judgment rule is codified by statute while in other states the rule is established by case law (see, i.e., Cal. Corp. Code §309 for California corporations, Del. Gen. Corp. Law §141 for Delaware corporations, in addition to relevant case law). The rule also applies to directors as board committee members.

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

That’s it for now. Thanks for reading. Much, much more to come on these topics. David Tate, Esq., Royse Law Firm, Menlo Park office, with offices in the San Francisco Bay Area and Los Angeles

* * * * *

Updated Mediation and Dispute Resolution Questionnaire Attached

Greetings all. I have updated my mediation and dispute resolution questionnaire, which is a document that I wrote and use to obtain information that is helpful to facilitate dispute and case settlement. Click on the following link for the pdf, and go ahead and use the questionnaire and pass it to other people as you wish. Thank you. David Tate

Here is the link for the questionnaire: Mediation and Dispute Resolution Questionnaire, David Tate, Esq. 07302017

Here is a link to the Royse Law Firm, PC http://rroyselaw.com/

May 15, 2017, Preliminary Injunction Order Against Uber – A Lot Of People Should Take Personal Note – Officers, Directors, Employees, Agents, Suppliers And Consultants

You may have heard, this week on May 15, 2017, Judge William Alsup in the Waymo LLC v. Uber Technologies, Inc. case (U.S. District Court, No. District of California) issued his Order Granting In Part and Denying In Part Plaintiff’s Motion For Provisional Relief, i.e., for a preliminary injunction. The Order is 26 pages. Plaintiff has brought multiple claims in the case including for trade secret misappropriation, patent infringement and unfair competition, but the Order is for preliminary injunction only on the trade secret misappropriation claim. The trade secret claim is brought under both the California Uniform Trade Secrets Act and the federal Defend Trade Secrets Act.

I’m not going to go through the evidence in this post – as indicated above, the Order is 26 pages in length. The Order states that it is narrowly-tailored to balance the interests of the parties and the public. In summary, the decision whether or not to grant a preliminary injunction is based on the evidence now available, the legal claims alleged, the now perceived likelihood of the plaintiff prevailing at trial on the relevant claim or claims, and the interests of the parties and the public. Preliminary injunction motions are significantly based on the strength of the evidence now available and presented and the Judge’s view of that evidence. In this instance, in my view based on the Court’s Order, there was strong evidence that trade secret information possibly was misappropriated, but either no evidence or not particularly strong evidence that Uber had involvement in that possible misappropriation or that Uber had access to or used that information.

Here’s where the Court’s Order gets interesting – in the scope of relief granted. I have pasted below the wording from the Scope of Relief Granted part of the Order. In short aside from the provisions pertaining to Mr. Levandowski, and certain expedited discovery granted, the Order essentially requires Uber to conduct an extensive investigation and to file and disclose a detailed report and account by June 23, 2017, which is a very, very short time to conduct the investigation. In my view it is questionable whether the extent of the investigation can be completed and written-up to be filed in that short of time. And, as you will note, the investigation also includes, or example, all communications with any officer, director, employee, agent, supplier, or consultant of defendants on the relevant topics. Thus, Uber is required to conduct discovery upon itself in the form of the report and account to be filed, and depending on the documents and information obtained the report and account could well bring individual officers, directors, employees, agents, suppliers and consultants personally into focus in the case – if they haven’t done so already, all of those people should be expansively reviewing their possible involvement, if any, in the issues that are involved in the case and consulting with legal counsel about their possible exposure to legal action and personal liability, and how they should proceed.

For your further reading, below is the Scope of Relief Granted provision from the Order.

Best to you. David Tate, Esq.

  1. SCOPE OF RELIEF GRANTED.

Having considered the foregoing, the Court ORDERS as follows:

  1. The term “downloaded materials,” as used in this provisional order, means any and all materials that Anthony Levandowski downloaded from Waymo and kept upon leaving Waymo’s employment, regardless of how long he kept them for and whether or not any such materials qualify as trade secrets or proprietary or confidential information.
  2. Defendants must immediately and in writing exercise the full extent of their corporate, employment, contractual, and other authority to (a) prevent Anthony Levandowski and all other officers, directors, employees, and agents of defendants from consulting, copying, or otherwise using the downloaded materials; and (b) cause them to return the downloaded materials and all copies, excerpts, and summaries thereof to Waymo (or the Court) by MAY 31 AT NOON. Copies essential for counsel of record and their litigation experts to use in defending this civil action are exempted from the foregoing requirement.9
  3. With respect to Anthony Levandowski, defendants shall immediately (a) remove him from any role or responsibility pertaining to LiDAR; (b) take all steps in their power to prevent him from having any communication on the subject of LiDAR with any officer, director, employee, agent, supplier, consultant, or customer of defendants; and (c) prohibit him from consulting, copying, or otherwise using the downloaded materials in any way. Defendants shall instruct all their officers, directors, employees, agents, suppliers, consultants, and customers in writing of this prohibition, and further instruct them in writing to immediately report any suspected breaches thereof to the special master (or to the Court).
  4. With respect to all other persons, including those with Stroz Friedberg, defendants shall conduct a thorough investigation and provide a detailed accounting under oath setting forth every person who has seen or heard any part of any downloaded materials, what they saw or heard, when they saw or heard it, and for what purpose. In their investigation, defendants must do more than query servers with term searches. For example, they must interview personnel with particular focus on anyone who has communicated with Anthony Levandowski on the subject of LiDAR. Defendants’ accounting shall not be limited to Uber but shall include all persons who fit the foregoing description, including Levandowski and his separate counsel. The accounting may exclude, for only the time period after the commencement of this civil action, the attorneys of record and their staff and experts employed for this litigation. The accounting shall not be limited to downloaded materials that happened to make their way into some due diligence report but shall cover any and all downloaded materials. The accounting shall also identify the complete chains of custodians for every copy of any downloaded materials or due diligence report referencing downloaded materials. Defendants must also use the full extent of their authority and influence to obtain cooperation with the foregoing procedure from all involved. For example, if a potential custodian refuses to cooperate, then defendants’ accounting shall set forth the particulars, including all efforts made to obtain cooperation. The accounting must be filed and served by JUNE 23 AT NOON. The accounting may be filed under seal only to the extent that it quotes or appends downloaded materials.
  5. Also by JUNE 23 AT NOON, defendants shall provide Waymo’s counsel and the Court with a complete and chronologically organized log of all oral and written communications — including, without limitation, conferences, meetings, phone calls, one-on-one conversations, texts, emails, letters, memos, and voicemails — wherein Anthony Levandowski mentioned LiDAR to any officer, director, employee, agent, supplier, or consultant of defendants. The log shall identify for each such communication the time, place (if applicable), mode, all persons involved, and subjects discussed, as well as any and all notes or records referencing the communication.
  6. Waymo is hereby granted further expedited discovery in aid of possible further provisional relief. Subject to the protective order, and upon reasonable notice, Waymo’s counsel and one expert may inspect any and all aspects of defendants’ ongoing work involving LiDAR — including, without limitation, schematics, work orders, source code, notes, and emails — whether or not said work resulted in any prototype or device. With respect to its trade secret misappropriation claims only, Waymo may take seven further depositions on seven calendar days notice, may propound 28 reasonably narrow document requests for which the response time is reduced to 14 calendar days, and may propound 28 reasonably narrow interrogatories for which the response time is also reduced to 14 calendar days. If Waymo moves for further provisional relief before trial, then all its declarants in support of such motion must sit for depositions on an expedited basis. Otherwise, defendants may take only normal, unexpedited discovery. After Waymo has exhausted its expedited discovery, it may continue with normal discovery.
  7. Defendants shall keep complete and accurate records of their compliance with all of the foregoing requirements, including directives given to Anthony Levandowski and others. The special master shall monitor and verify said compliance. To that end, the special master shall promptly develop proposed monitoring and verification protocols with the parties’ input and then submit the proposed protocols to the Court for approval. The protocols shall provide for the special master to visit defendants’ facilities and monitor communications as necessary to ensure that Anthony Levandowski remains sealed off from LiDAR activities.

The foregoing provisional relief shall become effective upon the posting by Waymo of a bond or other security in the amount of FIVE MILLION DOLLARS.

* * * * *

New COSO Updated ERM Framework – Coming Soon – End of June, Perhaps – Could Be Very Important

Just a heads up, a source has suggested that the new long-anticipated COSO (Committee of Sponsoring Organizations of the Treadway Commission) ERM update might finally be out at the end of June. COSO is spending a very long time (since October 2014) preparing and vetting this “update” of the 2004 Enterprise Risk Management — Integrated Framework. COSO’s sponsoring organizations are the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), Financial Executives International (FEI), The Institute of Internal Auditors (IIA), and the National Association of Accountants (now the Institute of Management Accountants [IMA]), and the Commission includes representatives from industry, public accounting, investment firms, and SROs (exchanges).

We’ll have to wait and see what we get with this “update,” which will either simply be a relatively unimpressive or vague tweak, or a useful, modernized, sufficiently detailed guide which might become the standard to achieve, or somewhere in between. I’m hopeful for the useful version – ERM needs a big boost – this “update” is important. I find that there really are only three ways to provide this type of boost: sponsorship and push by large or influential organizations and people, mandatory (i.e., by law, regulation or rule) adoption, or, sometimes, push and expectancy by the public.

Here is the link to the COSO website https://www.coso.org/Pages/default.aspx

Best to you, David Tate, Esq., Litigation, D&O, audit committees, etc., Royse Law Firm http://rroyselaw.com/