Sarbanes-Oxley Rules and Regulations - Dallas … book_2.pdfI. Board of Directors A. Composition and...

November 7, 2003

Produced by

Sarbanes-Oxley Rules and Regulations

As of November 1, 2003

ii

AS OF NOVEMBER 1, 2003

Given the recent rash of corporate failures -- coupled with allegations of mismanagement and breaches of fiduciary duty -- the spotlight of legislators, regulators, stock exchanges, and the public has been focused brightly on matters of corporate governance. There has been a veritable blizzard of proposed reforms and a renewed focus on the responsibilities of directors, officers, audit committee members, compensation committee members, compliance officers, and majority shareholders. This outline summarizes some of the most significant provisions of the Sarbanes-Oxley Act of 2002 (“SOX”), certain proposed and final rules issued by the U.S. Securities and Exchange Commission (“SEC”), and other proposed rules approved by the Board of Directors of the New York Stock Exchange (“NYSE”) and the Board of Directors of The Nasdaq Stock Market, Inc. (“Nasdaq”). This outline, therefore, just presents a snapshot in time of a quickly-changing environment. For example, both the NYSE and Nasdaq rules are subject to SEC approval and will likely change in the review process. Because of the number and variety of parties affected by SOX and other rules, the specific provisions of the legislation and updated rules should be studied in full and legal advice sought on particular issues before taking any action based thereon. We would be happy to provide you with copies of SOX and any other rules upon request.

Corporate Governance Reforms

i

TABLE OF CONTENTS

Page No.

I. Board of Directors....................................................................................................1 A. Composition and Independence ..........................................................................1 B. Committees and Independent Director Approval ...............................................3 C. Authority and Duties ...........................................................................................4

II. Audit Committees.....................................................................................................6 A. Composition and Independence ..........................................................................6 B. Financial Expertise..............................................................................................8 C. Authority and Duties ...........................................................................................9

III. Corporate Governance Controls, Guidelines, and Codes ..................................13 A. Controls and Guidelines....................................................................................13 B. Codes of Ethics/Conduct...................................................................................14 C. Internal Audit ....................................................................................................16

IV. Directors and Officers............................................................................................17 A. Acceleration of Section 16 Reporting Obligations ...........................................17 B. Disgorgement of Certain Profits and Bonuses ..................................................18 C. Prohibition on Trading During “Black-Outs” ...................................................18 D. Prohibition on Personal Loans ..........................................................................19 E. Improper Influence on Audits ...........................................................................20 F. Officer and Director Bars..................................................................................20

V. Disclosure Requirements .......................................................................................22 A. Certifications .....................................................................................................22 B. Internal Control Reports....................................................................................23 C. Real Time Disclosures ......................................................................................25 D. Pro Forma Figures.............................................................................................25 E. Non-GAAP Financial Information....................................................................26 F. Off-Balance Sheet Transactions........................................................................27 G. Material Correcting Adjustments......................................................................28 H. Accelerated Deadlines for Periodic Reports and Disclosure Concerning

Website Access to Reports................................................................................29 I. Disclosure Regarding Director Nominations and Communications with

Security Holders................................................................................................29

VI. Auditor Requirements ...........................................................................................32 A. Public Company Accounting Oversight Board.................................................32 B. Auditor Independence .......................................................................................32

ii

VII. Shareholders ...........................................................................................................36 VIII. Employees ...............................................................................................................37

A. Whistleblower Protection..................................................................................37 B. Black-Out Periods .............................................................................................37

IX. Attorney Professional Responsibility ...................................................................38 X. New Crimes and Enhanced Enforcement Powers...............................................39

A. Retention of Audit Records...............................................................................39 B. Interference with Federal Investigations or Bankruptcies/Obstruction of

Justice................................................................................................................39 C. Securities-Related Fraud ...................................................................................39 D. Dischargeability of Debts..................................................................................40 E. Statute of Limitations........................................................................................40 F. Increased Penalties of Existing Crimes.............................................................40 G. Enhanced SEC Review of Disclosure Documents............................................41 H. Enhanced SEC Powers and Funding.................................................................41 I. Enhanced Enforcement Powers of Stock Exchanges........................................42

Exhibit A - Form of Section 302 Certification

I. Board of Directors

A. Composition and Independence SARBANES-OXLEY s No applicable provisions.

SEC s No applicable provisions.1

NYSE (subject to SEC approval) s A listed company must have a majority of independent directors and must disclose in its

annual proxy statement an affirmative determination by its board that the directors it deems to be independent have no material relationship with the listed company (either directly or as a partner, shareholder, or officer of an entity that has a relationship with the company). 2

s A “controlled company” is exempt but must disclose in its annual meeting proxy statement that it is a controlled company and its basis for that determination. A controlled company is a company of which more than 50% of the voting power is held by an individual, group, or another company.

s A director will be presumed not to be independent if the director or an immediate family member receives more than $100,000 per year in director compensation from the company, other than director and committee fees and pension or other forms of deferred compensation, until five years after the director ceases to receive $100,000 per year in compensation.

(1) The company’s board may negate this presumption of non-independence if it determines that the compensatory relationship is not material based upon relevant facts and circumstances.

s In addition, a director is not independent if:

(1) the director or an immediate family member is affiliated with, or employed in a professional capacity by, a present or former internal or external auditor of the company until five years after the end of the affiliation or auditing relationship;

(2) the director or an immediate family member is employed as an executive officer of another company where any of the listed company’s present executives serves on that company’s compensation committee until five years after the end of the service or employment relationship; or

(3) the director or an immediate family member is an executive officer or an employee of another company that accounts for at least the greater of 2% or one million dollars of the listed company’s consolidated gross revenues or for which the listed company accounts for at least the greater of 2% or one million dollars of the other company’s consolidated gross revenues until five years after falling below that threshold.

s “Immediate family members” include a person’s spouse, parents, children, siblings, mothers and fathers-in-law, and anyone (other than domestic employees) who shares the person’s home.

1 This outline generally details only those rules that have been recently proposed or issued in connection with SOX; existing rules are

discussed only to the extent they are relevant to new rules. 2 A copy of Amendment No. 1 to the NYSE’s Corporate Governance Rule Proposals, dated April 4, 2003, may be obtained at

http://www.nyse.com/pdfs/amend1-04-09-03.pdf.


2

s Companies must comply with the new independence requirements no later than 18 months after the publication of SEC approval in the Federal Register. Companies with classified boards have an additional year to comply.

NASDAQ (subject to SEC approval) s A listed company must have a majority of independent directors and must disclose in its

annual proxy statement an affirmative determination by its board that the directors it deems to be independent have no relationship that would interfere with the exercise of independent judgment in carrying out the responsibilities of a director. If a company fails to comply due to either a vacancy or if one director ceases to be independent due to circumstances beyond the company’s reasonable control, then the company must notify Nasdaq immediately and regain compliance by the earlier of its next annual shareholders meeting or one year from the occurrence of the event that caused the failure to comply. 3

s A “controlled company” is exempt but must disclose in its annual meeting proxy that it is a controlled company and its basis for that determination. A controlled company is a company of which more than 50% of the voting power is held by an individual, group, or another company.

s A director is not independent if

(1) the director or a family member has accepted at any time during the current or past three fiscal years any payments from the company or a parent or subsidiary of the company that exceeds $60,000, other than

a. compensation for board or board committee service,

b. payments arising solely from investments in the company’s securities,

c. compensation paid to a family member who is a non-executive employee of the company or a parent or subsidiary of the company,

d. benefits under a tax-qualified retirement plan or nondiscretionary compensation, or

e. loans permitted under section 13(k) of the Exchange Act;

(2) the director or a family member is a partner in, or a controlling shareholder or an executive officer of, any organization to which the company made, or from which the company received, in the current or any of the past three fiscal years payments for property or services exceeding the greater of $200,000 or 5% of the recipient’s consolidated gross revenues for that year, other than

a. payments arising solely from investments in the company’s securities, or

b. payments under non-discretionary charitable contribution matching programs;

(3) the director is employed by, or is a family member of an individual who is employed as an executive officer of, the company or of a parent or subsidiary of the company or has been so employed within the past three years;

(4) the director or a family member is a partner or employee of an outside auditor that worked on a company’s audit engagement at any time during the past three years; or

(5) the director or a family member is or was at any time during the past three years employed as an executive officer of another entity where at any time during the past three years any of the company’s executive officers serve or served on the other entity’s compensation committee.

3 A copy of Nasdaq’s Summary of Nasdaq Corporate Governance Proposals as of September 10, 2003, may be obtained at

http://www.nasdaq.com/about/Corp_Gov_Summary. pdf.


3

s “Family members” include a person’s spouse, parents, children, and siblings, whether by blood, marriage, or adoption, or anyone residing in the person’s home.

s Companies must comply with the new independence rules by the earlier of their first annual meeting occurring after January 15, 2004, or October 31, 2005. Companies with staggered boards must comply by the earlier of their second annual meeting after January 15, 2004, or December 31, 2005, and foreign issuers and small business issuers must comply by July 31, 2005.4

B. Committees and Independent Director Approval SARBANES-OXLEY s No applicable provisions.

SEC s No applicable provisions.

NYSE (subject to SEC approval) s Listed companies must have a nominating/corporate governance committee.

(1) The committee must be composed entirely of independent directors and must have a written charter addressing:

a. the committee’s purposes, which, at a minimum, must be to

(i) identify individuals qualified to become board members,

(ii) select, or to recommend that the board select, the director nominees for the next annual shareholder meeting,5 and

(iii) develop and recommend to the board a set of corporate governance principles;

b. the committee’s goals and responsibilities, which, at a minimum, must reflect the board’s criteria for selecting new directors and oversight of the evaluation of the board and management; and

c. an annual performance evaluation of the committee.

(2) The charter should also address the qualifications, appointment, and removal of committee members, committee structure and operations, and committee reporting to the board. In addition, the charter should grant the committee the sole authority to retain, compensate, and terminate any search firm to be used to identify director candidates.

s Listed companies must also have a compensation committee.

(1) The committee must be composed entirely of independent directors and must have a written charter addressing:

a. its purpose, which, at a minimum, must be to discharge the board’s responsibilities regarding compensation of the company’s executives and to produce an annual report on executive compensation for inclusion in the proxy statement;

b. its duties and responsibilities, which, at a minimum, must be to

(i) review and approve corporate goals and objectives relevant to CEO compensation, evaluate the CEO’s performance in light of those goals and

4 The same effective dates apply to all of Nasdaq’s proposed rules, except for the rules regarding codes of conduct. 5 The committee does not have to recommend director nominees for companies that are legally required, by contract or otherwise, to

provide third parties with the ability to nominate directors.


4

objectives, and set the CEO’s compensation level based on this evaluation, and

(ii) make recommendations to the board regarding non-CEO compensation, incentive-compensation plans, and equity-based plans; and

c. an annual performance evaluation of the committee.

(2) The charter should also address the qualifications, appointment, and removal of committee members, committee structure and operations, and committee reporting to the board. In addition, the charter should grant the committee the sole authority to retain, compensate, and terminate any compensation consultant to be used to evaluate director, CEO, or senior executive compensation.

s Boards may allocate responsibilities of nominating/corporate governance and compensation committees to other committees if those committees are composed entirely of independent directors and have published committee charters.

s Controlled companies are exempt from these committee requirements.

s Companies must have nominating/corporate governance and compensation committees with the requisite charters within 6 months from the publication of SEC approval in the Federal Register. Companies must comply with all other requirements no later than 18 months after the publication of SEC approval in the Federal Register. Companies with classified boards have an additional year to comply.

NASDAQ (subject to SEC approval) s Director nominees of listed companies must be selected by either a majority of

independent directors or by a nominations committee comprised solely of independent directors. In addition, the company must certify that it has adopted a formal written charter or board resolution, as appropriate, addressing the nominating process and related matters.6

s Compensation of the CEO of a listed company must be determined by either a majority of independent directors or a compensation committee comprised solely of independent directors, and the CEO may not be present during the voting or deliberations. Compensation of all other executive officers must be determined by either a majority of independent directors or a compensation committee comprised solely of independent directors.

s If, however, a compensation or nominating committee is comprised of at least three members, one director who is not independent and is not an officer or employee may be appointed to the compensation or nominating committee if the board determines, under exceptional and limited circumstances, that such director’s membership on the committee is required by the best interests of the company and its shareholders and the board discloses the nature of the relationship and the reasons for its determination in its proxy statement for the next annual meeting. A member can only serve for two years pursuant to this exception.

s A controlled company is exempt but must disclose in its annual meeting proxy that it is a controlled company and its basis for that determination.

C. Authority and Duties SARBANES-OXLEY s No applicable provisions.

6 However, these requirements will not apply if the right to nominate a director legally belongs to a third party or if the company is

subject to a pre-existing binding obligation requiring a director nomination process inconsistent with this rule.


5


NYSE (subject to SEC approval) s The non-management directors must meet at regularly scheduled executive sessions

without management.

s Companies must disclose in their annual proxy statements either the names of the directors who will preside at these executive sessions or the process by which the presiding directors will be chosen. Companies must also disclose a method for interested parties to communicate directly and confidentially with the presiding directors.

s Companies must comply within 6 months of the publication of SEC approval in the Federal Register.

NASDAQ (subject to SEC approval) s Listed issuers must have regularly scheduled executive sessions, at which only

independent directors are present.

II. Audit Committees

6


A. Composition and Independence SARBANES-OXLEY s SOX requires all audit committee members to be “independent,” which means that they

cannot, other than in their capacity as board or board committee members,

(1) accept any consulting, advisory, or other compensatory fees from the company, or

(2) be affiliated with the company or any subsidiary. (301) 7

s SOX gives the SEC the authority to grant an exemption from these independence requirements as appropriate in light of the circumstances.

s If a company does not have a designated audit committee, then the entire board will be deemed the audit committee.

SEC s As required by SOX, the SEC issued a final rule effective April 25, 2003, which directs

the national securities exchanges and associations to prohibit the listing of any security of a company that is not in compliance with SOX’s audit committee requirements. (Release No. 33-8220 (4/9/03)).

s National securities exchanges and associations must issue final rules approved by the SEC by December 1, 2003. Listed companies must comply with the new listing rules by the earlier of their first annual shareholders’ meeting after January 15, 2004, or October 31, 2004. Foreign private issuers and small business issuers must comply with these new listing rules by July 31, 2005.

s The SEC implemented SOX’s requirements for independence:

(1) Audit committee members cannot receive, directly or indirectly, any consulting, advisory, or other compensatory fee from the issuer or any of its subsidiaries, other than in their capacities as board or board committee members.

a. Indirect payments include payments to certain family members, namely spouses, minor children or stepchildren, or children or stepchildren sharing a home with the member.

b. Indirect payments also include payments received by an entity in which the member is a partner, member, officer, or executive officer, or otherwise occupies a similar position (except limited partners, non-managing members and those occupying similar positions who have no active role in providing services to the entity) and that provides accounting, consulting, legal, investment banking, or financial advisory services to the issuer or any subsidiary.

c. There is no de minimis exception.

(2) Audit committee members cannot be affiliated persons of the issuer or any of its subsidiaries.

a. Affiliate means “a person that directly, or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with, the persons specified.”

b. Control means “the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of a person, whether through the ownership of voting securities, by contract, or otherwise.”

7 All SOX cites refer to specific sections of the Sarbanes-Oxley Act of 2002, Pub. L. No. 107-204, 116 Stat. 745.


7

c. The SEC adopted a safe harbor, which provides that persons who are not executive officers or shareholders owning 10% or more of any class of voting equity securities will not be deemed to control the company or its subsidiaries.

d. Executive officers, directors who are also employees of an affiliate, general partners, and managing members of an affiliate will be deemed to be affiliates.

(3) The SEC has granted the following limited exemptions:

a. A newly-listed company is temporarily exempted from these independence requirements but must have at least one fully-independent member at the time of the company’s initial listing, a majority of independent members within 90 days after its listing, and a fully-independent audit committee within one year.

b. Certain overlapping board relationships are exempted from the affiliate requirements such that an audit committee member may sit on the board of a listed company and any affiliate so long as, except for the overlapping directorships, the member otherwise meets all of the independence requirements for each entity.

NYSE (subject to SEC approval) s Listed companies must have a minimum three person audit committee consisting of

members who are independent under the independence requirements applicable to all directors and also in accordance with the requirements of Rule 10A-3(b)(1) of the Exchange Act (subject to applicable exemptions).

s If an audit committee member serves simultaneously on more than three public company audit committees, then the board must disclose in its annual proxy statement its determination that the simultaneous service will not impair the member’s ability to serve effectively.

s Companies must comply with these requirements no later than 18 months after the publication of SEC approval in the Federal Register. Companies with classified boards have an additional year to comply.

NASDAQ (subject to SEC approval) s Audit committees of listed companies must have a minimum of three directors, each of

whom must be independent as defined in Rule 4200(a)(15) and the applicable sections of SOX and must not have participated in the preparation of the financial statements of the company or any current subsidiary at any time during the past three years.

s However, a listed company may have one director who is not independent as defined in Rule 4200(a)(15), is not a current officer or employee or a family member of an officer or employee, and is independent as defined in SOX serve on the audit committee if the board determines, under exceptional and limited circumstances, that membership on the committee by that person is required by the best interests of the company and its shareholders and the board discloses the nature of the relationship and the reasons for its determination in its next annual proxy statement. A member appointed under this exception may only serve for two years and may not serve as chair of the committee.

s A director may not serve on the audit committee if the director is deemed an affiliated person of the company or any subsidiary, consistent with SOX.

s If the company fails to comply due to either a vacancy or if one director ceases to be independent due to circumstances beyond the company’s reasonable control, then the company must notify Nasdaq immediately and regain compliance by the earlier of its next annual shareholders meeting or one year from the occurrence of the event that caused the failure to comply.


8

B. Financial Expertise SARBANES-OXLEY s Each company must disclose in periodic reports whether or not (and if not, why not) the

audit committee has at least one member who is a “financial expert,” which is to be defined by the SEC. (407)

s In its definition, the SEC must consider whether the person has, through education and experience as a certified public accountant, auditor, senior financial officer, comptroller, or principal accounting officer, an understanding of GAAP and financial statements and experience in preparing or auditing financial statements of comparable companies and the appreciation of such principles regarding accounting for estimates, accruals, and reserves, experience with internal accounting controls, and an understanding of audit committee functions.

SEC s The SEC issued a final rule requiring companies to disclose in their annual reports

whether it has at least one “audit committee financial expert” currently serving on the committee, the name of the expert, and whether the expert is independent from management.8 If a company does not have an expert serving on its audit committee, then it must disclose the reasons why it does not. (Release Nos. 33-8177 (1/23/03); 33-8177A (3/26/03))

s Companies must comply with this new disclosure requirement in their annual reports for fiscal years ending on or after July 15, 2003, provided, however, that small business issuers do not need to make this disclosure until filing annual reports for fiscal years ending on or after December 15, 2003.

s An “audit committee financial expert” is defined as a person with the following attributes:

(1) An understanding of GAAP and financial statements;

(2) The ability to assess the general application of such principles in connection with the accounting for estimates, accruals, and reserves;

(3) Experience preparing, auditing, analyzing, or evaluating financial statements that present a breadth and level of complexity of accounting issues that are generally comparable to the breadth and complexity of issues that can reasonably be expected to be raised by the registrant’s financial statements, or experience actively supervising one or more persons engaged in those activities;

(4) An understanding of internal controls and procedures for financial reporting; and

(5) An understanding of audit committee functions;

and who has acquired such attributes through any one or more of the following:

(1) Education and experience as a principal financial officer, principal accounting officer, controller, public accountant, or auditor, or experience in one or more positions that involve the performance of similar functions;

(2) Experience actively supervising a principal financial officer, principal accounting officer, auditor, or person performing similar functions;

(3) Experience overseeing or assessing the performance of companies or public accountants with respect to the preparation, auditing, or evaluation of financial statements; or

8 In determining whether the expert is independent, companies should refer to the definition of independent in Item 7(d)(3)(iv) of

Schedule 14A.


9

(4) Other relevant experience.

s The SEC included a safe harbor to clarify that audit committee financial experts will not be deemed experts for any other purposes, including under Section 11 of the Securities Act, and assume no greater duties, obligations, or liabilities.

s The SEC noted that the board of directors in its entirety should determine whether a person qualifies as an audit committee financial expert and that the board’s determination should be subject to state law principles such as the business judgment rule.

NYSE (subject to SEC approval) s All audit committee members must be, or must become within a reasonable time after

appointment to the committee, financially literate, as interpreted by the company’s board in its business judgment.

s At least one audit committee member must have accounting or related financial management expertise, as interpreted by the company’s board in its business judgment.

NASDAQ (subject to SEC approval) s All audit committee members must be able to read and understand fundamental financial

statements, including balance sheets, income statements, and cash flow statements.

s At least one member must have past employment experience in finance or accounting, requisite professional certification in accounting, or any other comparable experience or background resulting in the individual’s financial sophistication.

C. Authority and Duties SARBANES-OXLEY s The audit committee is directly responsible for the appointment, compensation, and

oversight of the outside auditors (including resolving any disagreements between management and the auditors regarding financial reporting) for the purpose of preparing or issuing an audit report or related work. (301)

s The company must permit the audit committee to hire independent counsel and other advisors as it deems necessary to perform its duties at the company’s expense. (301)

s Subject to a narrow de minimis exception, the audit committee must pre-approve all audit services (including comfort letters and statutory audits) as well as all permitted non-audit services, and these approvals must be disclosed in the company’s periodic reports. (202)

s The audit committee may delegate its pre-approval authority to one or more members, who must then present their decisions to the full committee. (202)

s The audit committee must establish procedures for

(1) the receipt, retention, and treatment of complaints received by the company regarding accounting, internal accounting controls, or auditing matters; and

(2) the confidential, anonymous submission by employees of the company of concerns regarding questionable accounting or auditing matters. (301)

s If a company does not have an audit committee, then the entire board must perform these functions. (205)

SEC s As required by SOX, the SEC issued a final rule, effective April 25, 2003, which directs

the national securities exchanges and associations to prohibit the listing of any security of a company that is not in compliance with SOX’s audit committee requirements. (Release No. 33-8220 (4/9/03))


10

s National securities exchanges and associations must issue final rules approved by the SEC by December 1, 2003. Listed issuers must comply with the new listing rules by the earlier of their first annual shareholders’ meeting after January 15, 2004, or October 31, 2004. Foreign private issuers and small business issuers must comply with these new listing rules by July 31, 2005.

s Under the new rules, the audit committee must be directly responsible for the appointment, compensation, retention, and oversight of the work of any registered public accounting firm engaged for the purpose of preparing or issuing an audit report or performing other audit, review, or attest services for the issuer, and the independent auditor must report directly to the audit committee.

(1) “Audit, review, or attest services” include the services that an accountant would normally provide in connection with statutory and regulatory filings or engagements as well as those services that generally only an accountant can provide, such as comfort letters, statutory audits, attest services, consents, and assistance with and review of documents filed with the SEC.

s The audit committee is responsible for resolving any disagreements between management and the auditor regarding financial reporting.

s The new rules also require the audit committee to establish procedures for:

(1) the receipt, retention, and treatment of complaints received by the company regarding accounting, internal accounting controls, or auditing matters; and

(2) the confidential, anonymous submission by employees of the company of concerns regarding questionable accounting or auditing matters.

s Audit committees must have the authority to engage outside counsel and other advisors as it determines necessary to carry out its duties satisfactorily.

s The rules require the company to provide appropriate funding for the following:

(1) the engagement of any registered public accounting firm engaged for audit, attest, and review services described above;

(2) the engagement of any advisors hired by the audit committee; and

(3) the ordinary administrative expenses of the audit committee that are necessary or appropriate in carrying out its duties.

s The rules provide for the following limited exemptions, certain of which must be disclosed in a company’s annual report as well as proxy statements, along with the company’s assessment of whether, and if so, how, reliance on the exemption will materially adversely affect the ability of the audit committee to act independently and to satisfy the other new listing requirements:

(1) If an issuer is subject to these new audit committee requirements as a result of the listing of a class of common equity or similar securities, then it is exempt from the requirements for listings of additional classes of securities.

(2) If a parent company is subject to the new audit committee requirements as a result of the listing of a class of equity securities, then listings of non-equity securities by a direct or indirect subsidiary that is consolidated or at least 50% beneficially owned by the parent company are exempted from these requirements.

(3) Security futures products cleared by a clearing agency registered under section 17A of the Exchange Act or exempt from registration under section 17A(b)(7) of the Exchange Act and standardized options issued by a clearing agency registered under section 17A of the Exchange Act are also exempt from the new listing requirements.


11

s The SEC further provided that the rules promulgated by the national security exchanges and associations:

(1) must require a listed company to notify the applicable exchange or association promptly after an executive officer of an issuer becomes aware of any material noncompliance by the listed company with the requirements;

(2) must establish procedures for giving a company an opportunity to cure certain defects before prohibiting the listing of, or delisting, the company’s securities; and

(3) may provide that if an audit committee member ceases to be independent for reasons outside that member’s reasonable control, that member, with notice by the company to the applicable exchange or association, may remain an audit committee member until the earlier of the next annual meeting of the company or one year from the occurrence of the disqualifying event.

s Companies must include, or incorporate by reference, the information regarding audit committees currently required to be disclosed under the proxy rules of section 14 of the Exchange Act in their annual reports, beginning with reports covering periods ending on or after the compliance date for the applicable listing standards.

s Companies relying on an exemption available under Exchange Act Rule 10A-3 must disclose in their proxy statements and annual reports their reliance on the exemption and whether that reliance will materially adversely affect their audit committees’ ability to act independently and otherwise comply with the new rules, beginning with reports covering periods ending on or after the compliance date for the applicable listing standards.

NYSE (subject to SEC approval) s Listed companies must have a written audit committee charter addressing:

(1) its purpose, which, at a minimum, must be to

a. assist board oversight of the integrity of financial statements, compliance with legal and regulatory requirements, independent auditor’s qualifications and independence, and the performance of internal audit function and independent auditors, and

b. prepare the report that the SEC rules require to be included in the company’s annual proxy statement;

(2) its duties and responsibilities, which, at a minimum, must be to

a. directly appoint, retain, compensate, evaluate, oversee, and terminate independent auditors,

b. establish procedures for the receipt, retention, and treatment of complaints from employees on accounting, internal accounting controls, or auditing matters, and for confidential, anonymous submissions by employees of concerns regarding questionable accounting or auditing matters,

c. obtain advice and assistance from outside legal, accounting, or other advisors as appropriate, and receive appropriate funding for payment of compensation to these advisors,

d. at least annually, obtain and review the independent auditor’s report describing the firm’s internal quality-control procedures, any material issues raised by any review of the firm or by any governmental inquiry or investigation within the preceding five years regarding any independent audit carried out by the firm, and any steps taken to deal with any such issues, and all relationships between the independent auditor and the company,


12

e. discuss the annual audited financials and quarterly financials with management and the independent auditor, including the MD&A section,

f. discuss earnings press releases and financial information and earnings guidance provided to analysts and rating agencies,

g. discuss policies with respect to risk assessment and risk management,

h. meet separately, periodically, with management, internal auditors, and independent auditors,

i. review with the independent auditor any audit problems or difficulties and management’s response,

j. set clear hiring policies for employees of the independent auditors, and

k. report regularly to the board; and

(3) an annual performance evaluation of the audit committee.

s Companies must have appropriate audit committee charters within 6 months of the publication of SEC approval in the Federal Register, and must comply with all other requirements no later than 18 months after the publication of SEC approval in the Federal Register.

NASDAQ (subject to SEC approval) s A listed company must certify that it has adopted a formal written audit committee

charter, which the audit committee has reviewed on an annual basis. The charter must specify:

(1) the committee’s purpose of overseeing the issuer’s accounting and financial reporting processes and audits of its financial statements;

(2) the committee’s responsibilities and authority necessary to comply with the provisions of SOX regarding

a. registered public accounting firms,

b. complaints relating to accounting, internal accounting controls, or auditing matters,

c. authority to engage advisors, and

d. funding as determined by the audit committee.

s Listed companies must also

(1) review and approve all related-party transactions (or have a comparable body of the board of directors so approve);

(2) have the sole authority to hire, fire, determine funding for, and oversee outside auditors;

(3) pre-approve all permissible non-audit related services;

(4) have authority to consult with, engage, and determine funding for legal, accounting, and other experts in appropriate circumstances; and

(5) establish procedures for the receipt, retention, and treatment of complaints received by the company regarding accounting, internal accounting controls, or auditing matters and ensure that such complaints are treated confidentially and anonymously.

III. Corporate Governance Controls, Guidelines and Codes

13

III. Corporate Governance Controls, Guidelines, and Codes

A. Controls and Guidelines SARBANES-OXLEY s The SEC must prescribe rules requiring each annual report required by sections 13(a) or

15(d) of the Exchange Act to contain an internal control report, which must

(1) state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting, and

(2) contain an assessment, as of the end of the company’s most recent fiscal year, of the effectiveness of the internal control structure and procedures of the company for financial reporting. (404)

s The company’s auditor must attest to, and report, on management’s assessment.

SEC s The SEC has issued final rules regarding internal control over financial reporting.

(Release No. 33-8238 (6/5/03))

(1) “Internal control over financial reporting” is defined as a process designed by, or under the supervision of, the registrant’s principal executive and financial officers, or persons performing similar functions, and effected by the registrant’s board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP and includes those policies and procedures that

a. pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the registrant;

b. provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with GAAP, and that receipts and expenditures of the registrant are being made only in accordance with authorizations of management and directors of the registrant; and

c. provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the registrant’s assets that could have a material effect on the financial statements.

(2) See Part V, Disclosure Requirements, Section B, for further discussion.

s The SEC has also issued new Exchange Act rules that require reporting companies to maintain disclosure controls and procedures and to evaluate, with management’s participation, the effectiveness of the design and operation of those controls and procedures as of the end of the period covered by the annual or quarterly reports. (Release No. 33-8124 (8/29/02))

(1) “Disclosure controls and procedures” means controls and other procedures of a company that are designed to ensure that information required to be disclosed by a company in the reports that it files or submits under SOX is recorded, processed, summarized, and reported, within the time periods specified in the SEC’s rules and forms and includes, without limitation, controls and procedures designed to ensure that information required to be disclosed by a company in the reports that it files or submits under SOX is accumulated and communicated to the company’s management, including its principal executive and financial officers, as appropriate, to allow timely decisions regarding required disclosure.


14

(2) The SEC noted that there is some overlap between a company’s disclosure controls and procedures and its internal control over financial reporting and that some components of internal control over financial reporting will be subsumed within disclosure controls and procedures.

(3) See Part V, Disclosure Requirements, Section A, for further discussion.

NYSE (subject to SEC approval) s Listed companies must adopt and disclose corporate governance guidelines addressing, at

a minimum, the following:

(1) director qualification standards,

(2) director responsibilities,

(3) director access to management and, as necessary and appropriate, independent advisors,

(4) director compensation,

(5) director orientation and continuing education,

(6) management succession, and

(7) annual performance evaluation of the board.

s Companies must include their corporate governance guidelines and the charters of their most important committees on their websites and must disclose in their annual reports that this information is available on their websites and in print if requested by any shareholder.


NASDAQ (subject to SEC approval) s No applicable provisions.

B. Codes of Ethics/Conduct SARBANES-OXLEY s SOX requires the SEC to issue rules requiring companies

(1) to disclose in their periodic reports pursuant to sections 13(a) and 15(d) of the Exchange Act whether or not (and if not, why not) the company has adopted a code of ethics for its senior financial officers that applies to the principal executive officer, principal financial officer, comptroller, principal accounting officer, or persons performing similar functions, and

(2) to promptly disclose on Form 8-K any change in, or waiver of, the code of ethics applicable to such financial officers. (406)

s SOX defines a “code of ethics” as such standards as are reasonably necessary to promote

(1) honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships;

(2) full, fair, accurate, timely, and understandable disclosure in the periodic reports required to be filed by company; and

(3) compliance with applicable governmental rules and regulations.


15

SEC s The SEC issued a final rule effective March 3, 2003, requiring companies to disclose in

their annual reports whether they have adopted a code of ethics applicable to their principal executive and financial officers, comptrollers or principal accounting officers, or persons performing similar functions (and if not, the reasons why not) and to disclose on Forms 8-K any amendments to, or waivers from, their ethics codes relating to any such officers. (Release Nos. 33-8177 (01/23/03); 33-8177A (3/26/03))

s The SEC defined a code of ethics as written standards that are reasonably designed to deter wrongdoing and to promote

(1) honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships;

(2) full, fair, accurate, timely, and understandable disclosure in reports and documents that a company files with, or submits to, the Commission and in other public communications made by the company;

(3) compliance with applicable governmental laws, rules, and regulations;

(4) the prompt internal reporting to the appropriate person(s) identified in the code of violations of the code; and

(5) accountability for adherence to the code.

s A company must make its ethics codes available to the public by

(1) filing a copy of the code of ethics as an exhibit to its annual report;

(2) posting the text of the code of ethics on its website, provided, however, that the company must also disclose in its annual report its website address and its intention to make the code publicly available in this manner; or

(3) providing an undertaking in its annual report to provide a copy of its ethics code to any person without charge upon request.

s Companies must also disclose any amendments to, or waivers (explicit or implicit) from, their code of ethics that are applicable to principal executive or financial officers, principal accounting officers or controllers, or persons performing similar functions.

(1) A company may disclose any amendments or waivers on a Form 8-K, which must be filed within 5 days of the triggering event or on its website, but only if it previously disclosed in its most recently filed annual report its intention to disclose these events on its website and its website address.

(2) The SEC defined “waiver” to mean “approval by the company of a material departure from a provision of the code of ethics.” An “implicit waiver” means “the registrant’s failure to take action within a reasonable period of time regarding a material departure from a provision of the code of ethics that has been made known to an executive officer . . . of the registrant.”

s Companies must comply with the ethics code disclosure requirement in their annual reports for fiscal years ending on or after July 15, 2003, and must comply with the disclosure requirements regarding change to, or waivers from, their ethics code on or after the date on which they file their first annual report in which the code of ethics disclosure is required.

NYSE (subject to SEC approval) s Companies must adopt and disclose a code of business conduct and ethics for directors,

officers, and employees addressing the following, at a minimum:

(1) conflicts of interest,


16

(2) corporate opportunities,

(3) confidentiality,

(4) fair dealing,

(5) protection and proper use of company assets,

(6) compliance with laws, rules, and regulations (including insider trading laws), and

(7) encouraging the reporting of any illegal or unethical behavior.

s Waivers of the code for directors or executive officers may only be granted by the board or a board committee and must be promptly disclosed to shareholder.

s A listed company must include its code of business conduct and ethics on its website and must disclose in its annual report that this information is available on its website and in print if requested by any shareholder.

s This rule will become effective six months after SEC approval.

NASDAQ (subject to SEC approval) s Listed companies must adopt a code of conduct for all directors and employees, which

must be publicly available. The code must include all elements necessary to satisfy the code of ethics requirement as defined in Item 406 of SEC Regulation S-K.

s Waivers for executive officers and directors may only be granted by the board of directors and must be disclosed.

s This rule will become effective six months after SEC approval.

C. Internal Audit SARBANES-OXLEY s No applicable provisions.


NYSE (subject to SEC approval) s Listed companies must have an internal audit function but may choose to outsource this

function to a firm other than independent auditor.


IV. Directors and Officers

17


A. Acceleration of Section 16 Reporting Obligations SARBANES-OXLEY s SOX amends section 16(a) of the Exchange Act to require, as of August 29, 2002,

directors, officers, and 10% shareholders to disclose any change of ownership of the company’s equity securities before the end of the second business day following the day on which the transaction was executed or such other time as the SEC shall establish by rule in any case in which the SEC determines that the two-day period is not feasible. (403)

s SOX further requires that, as of July 30, 2003, all section 16 reporting forms must be filed electronically with the SEC, which is then required to publish such forms on an Internet site no later than the end of the business day following the filing; also, the companies are required to put the forms on their websites.

SEC s Effective as of August 29, 2002, the SEC issued a final rule requiring directors, officers,

and persons beneficially owning more than 10% of any class of equity security registered under section 12 of the Exchange Act to report transactions subject to section 16 by the end of the second business day following the day on which the transaction occurred. (Release No. 34-46421 (08/27/02))

(1) The SEC granted reporting persons additional time to report limited categories of transactions.

s The SEC also issued a final rule, which became effective on June 30, 2003, requiring the electronic filing, and website posting by issuers with corporate websites, of beneficial ownership reports filed by officers, directors, and beneficial owners.

(1) Companies maintaining corporate websites must post ownership reports by the end of the business day after filing. Companies may provide access either directly, by posting the reports on their own websites, or indirectly, by hyperlinking to reports via a third-party service (such as EDGAR), as long as:

a. the forms are made available in the required time frame;

b. access to the reports is free;

c. the display format allows retrieval of all information in the forms;

d. the medium to access the forms is not so burdensome that the intended users cannot effectively access the information provided;

e. the access includes any exhibits or attachments;

f. access to the forms is through the issuer website address the issuer normally uses for disseminating information to investors; and

g. any hyperlink is directly to the section 16 forms (or to a list of section 16 forms) relating to the posting issuer instead of just to the home page or general search page of the third-party service.

NYSE (subject to SEC approval) s No applicable provisions.



18

B. Disgorgement of Certain Profits and Bonuses SARBANES-OXLEY s Effective July 30, 2002, if a company is required to prepare an accounting restatement

due to the company’s material noncompliance, as a result of misconduct, with any financial reporting requirement under the securities laws, the chief executive and financial officers must reimburse the company for

(1) any bonus or other incentive-based or equity-based compensation received by that officer from the company during the 12-month period following the first public issuance or filing with the SEC of the financial document embodying such financial reporting requirement, and

(2) any profits realized from the sale of securities of the company during that 12-month period. (304)

s The SEC may exempt any person as its deems necessary and appropriate.




C. Prohibition on Trading During “Black-Outs” SARBANES-OXLEY s SOX prohibits directors and executive officers (but not other officers or 10%

shareholders) from directly or indirectly purchasing, selling, or otherwise acquiring or transferring any equity security of the company (other than exempted securities) during any pension fund or retirement fund “black-out period” with respect to the equity security if the director or executive officer acquired the equity security in connection with his or her service or employment with the company. (306)

(1) “Black-out period” means any period of more than three consecutive business days during which the ability of not fewer than 50% of the participants or beneficiaries under all individual account plans of the company to purchase, sell, or otherwise acquire or transfer an interest in any equity security of such company held in such a plan is temporarily suspended by the company or by the plan fiduciary.

s Any profit realized by the director or executive officer from any purchase or sale will be recoverable by the company, irrespective of the individual’s motive.

SEC s The SEC adopted new Regulation BTR, which prohibits directors and executive officers

from directly or indirectly trading any equity security acquired in connection with their service or employment as directors or executive officers during a pension plan blackout period that prevents plan participants and beneficiaries from trading the equity securities held in their plan accounts. (Release Nos. 34-47225 (01/22/03); 33-8216 (3/27/03))

s The trading prohibition applies only to those securities that a director or executive officer “acquires in connection with his or her service or employment as a director or executive officer.”

(1) Securities will be deemed to be acquired in connection with service or employment unless the director or executive officer establishes that the securities were acquired


19

from another source and this identification is consistent with the treatment of the securities for tax purposes and all other disclosure and reporting requirements.

s A “black-out period” is any period of more than three consecutive business days during which the ability of 50% or more of the participants under all individual account plans maintained by the company to acquire or transfer an interest in a security of the company held in the individual account plans is temporarily suspended. An individual account plan includes a variety of pension plans, including section 401(k) plans, profit-sharing and savings plans, stock bonus plans, and money purchase pension plans.

s Companies are required to timely notify directors, executive officers, and the SEC (on a Form 8-K) about an impending blackout period as specified in Regulation BTR.

s There are several exemptions from the statutory trading prohibition, including categories of transactions that occur automatically, transactions made pursuant to an advance election, regularly scheduled trading suspensions, or transactions that are otherwise outside of the control of the director or executive officer.

s A violation by a director or executive officer will be a violation of the Exchange Act, subject to possible enforcement action. Furthermore, the company, or a shareholder on its behalf, may sue to recover the profits realized by a director or executive officer who engaged in a prohibited trade.

s The rule became effective on January 26, 2003, with certain amendments regarding notice to the SEC effective as of March 31, 2003.



D. Prohibition on Personal Loans SARBANES-OXLEY s Effective July 30, 2002, SOX prohibits public companies from extending or maintaining

credit, arranging for an extension of credit, or renewing an extension of credit (directly or indirectly, including through a subsidiary) “in the form of a personal loan” to or for any director or executive officer. (402)

s Although companies must comply immediately, extensions of credit existing on the date of SOX’s enactment are grandfathered as long as no material modification or renewal is made thereafter.

s There are very narrow exceptions (including for home improvement loans, but not for relocation loans), but there is no exception for personal loans to a director or executive officer for purchase of company stock.





20

E. Improper Influence on Audits SARBANES-OXLEY s SOX requires the SEC to issue rules prohibiting an officer, director, or any other person

acting under an officer’s or director’s direction from taking any action to fraudulently influence, coerce, manipulate, or mislead any independent auditor engaged in performing an audit of the company’s financial statements for the purpose of rendering such financial statements materially misleading. (303)

SEC s The SEC issued a final rule, effective as of June 27, 2003, prohibiting officers and

directors, and persons acting under their direction, from directly or indirectly coercing, manipulating, misleading, or fraudulently influencing any accountant engaged in the performance of an audit or review of the company’s financial statements if that person knew or should have known that the action, if successful, could result in rendering the company’s financial statements materially misleading. (Release No. 34-47890 (5/20/03))

(1) The SEC used existing definitions under the Exchange Act for the terms “officer” and “executive officer,” which generally includes a company’s president, vice-president, secretary, treasurer or principal financial officer, comptroller or principal accounting officer, any persons routinely performing corresponding functions, chief executive officer, and other officers who perform policy-making functions.

(2) Persons acting “under the direction of” officers or directors may include employees, customers, vendors, creditors, consultants, attorneys, securities professionals, other advisers, and other third parties. The SEC noted that these third parties may also be liable under the anti-fraud or other provisions of the securities laws for causing a company’s violations of the securities law or for aiding and abetting.

(3) These rules apply throughout the professional engagement, after the professional engagement period has ended when the auditor is considering whether to consent to the use of, reissue, or withdrawal of prior audit reports, and, in more limited circumstances, before the professional engagement period begins.

s The SEC provides a nonexclusive list of examples of conduct that may violate the rule, including actions taken at any time with respect to the professional engagement period to improperly influence an auditor to

(1) issue or reissue a report on an issuer’s financial statements that is not warranted under the circumstances (due to material violations of GAAP or other standards);

(2) not perform audit, review, or other procedures generally required by GAAP or other professional standards;

(3) not withdraw an issued report; or

(4) not communicate matters to an issuer’s audit committee.



F. Officer and Director Bars SARBANES-OXLEY s Effective July 30, 2002, SOX grants the SEC the authority, in any cease-and-desist order,

to prohibit, conditionally or unconditionally, and permanently or for a time certain, any person who has violated the anti-fraud provisions of the Exchange Act from acting as an


21

officer or director of any company that has securities registered under section 12 of the Exchange Act or that is required to file reports under section 15(d) of the Exchange Act, if the conduct of that person demonstrates unfitness to serve as an officer or director of any such company (305, 1105)9




9 The previous standard was “substantial unfitness.”

V. Enhanced Disclosure Requirements

22

V. Disclosure Requirements

A. Certifications SARBANES-OXLEY s SOX requires the SEC to issue final rules by August 29, 2002, that require principal

executive and financial officers of every company that files periodic reports pursuant to sections 13(a) or 15(d) of the Exchange Act to certify in each annual or quarterly report filed with or submitted to the SEC that

(1) the signing officer has reviewed the report;

(2) to his or her knowledge, the report does not contain a material misstatement or omission;

(3) to his or her knowledge, the financial statements and other financial information included in the report fairly present in all material respects the company’s financial condition and results of operation; and

(4) the signing officers have

a. established and maintained internal controls designed to ensure that material information related to the company is made known to them;

b. within the last 90 days evaluated the effectiveness of the issuer’s internal controls and reported their conclusions; and

c. disclosed to the company’s auditors and the audit committee all significant deficiencies and any fraud, whether or not material, involving management or other employees with a significant role in the company’s internal controls. (302)

s Effective July 30, 2002, each periodic report containing financial statements filed by a company pursuant to sections 13(a) or 15(d) of the Exchange Act must be accompanied by a written statement by the chief executive and financial officers, or their equivalents, that the report fully complies with the requirements of sections 13(a) and 15(d) and that the information contained in the report fairly presents in all material respects the financial condition and results of operations of the company. (906)

(1) This certification is not qualified as to the signing officer’s knowledge, although criminal penalties are imposed only if the officer has knowledge of noncompliance.

(2) SOX imposes the following criminal penalties under this section:

a. knowingly false certifications may result in up to ten years in prison and a $1 million fine; and

b. willfully false certifications may result in up to 20 years in prison and a $5 million fine.

SEC s The SEC issued final rules, effective as of August 29, 2002, requiring principal executive

and financial officers certify the financial and other information contained in certain periodic reports in accordance with section 302 of SOX. (Release No. 33-8124 (08/29/02))

(1) The SEC provided a form for these certifications, and the certifications must be filed as exhibits to the periodic reports in the exact form set forth by the SEC, as amended, effective as of August 14, 2003. A copy of the form of certification may be found in Exhibit A.


23

(2) These certifications cover both disclosure controls and procedures and changes in internal control over financial reporting. (See Part III, Corporate Governance Controls, Guidelines and Codes, Section A, for further discussion.)

s The SEC has issued more limited guidance as to the content of certifications under section 906 of SOX. (Release No. 34-47986)

(1) These certifications are required for all periodic reports that contain financial statements and are to be included as exhibits to the periodic reports, effective as of August 14, 2003. (Release 34-47986)

(2) These certifications may take the form of a single statement signed by both the chief executive and chief financial officers.

(3) Because these certifications are to be “furnished” rather than “filed” with the SEC, they will not be subject to liability under Section 18 of the Exchange Act and will not be subject to automatic incorporation by reference into a company’s registration statements (which are subject to liability under Section 11 of the Securities Act).

NYSE (subject to SEC approval) s Each listed company’s CEO must certify to the NYSE each year that he or she is not

aware of any violation by the company of any NYSE corporate governance listing standard. This certification must be disclosed in the company’s annual report to shareholders.

s The CEO must also notify the NYSE promptly after any executive officer of the company becomes aware of any material noncompliance with the NYSE corporate governance listing standards.



B. Internal Control Reports SARBANES-OXLEY s The SEC must prescribe rules requiring each annual report required by sections 13(a) or

15(d) of the Exchange Act to contain an internal control report, which must

(1) state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting, and

(2) contain an assessment, as of the end of the company’s most recent fiscal year, of the effectiveness of the internal control structure and procedures of the company for financial reporting. (404)

s The company’s auditor must attest to, and report, on management’s assessment.

SEC s The final rules require companies to contain in their annual reports a report by

management regarding internal control over financial reporting that includes:

(1) a statement of management’s responsibility for establishing and maintaining adequate internal control over financial reporting;

(2) a statement identifying the framework used to conduct the required management evaluation of the effectiveness of the internal control over financial reporting;

a. A suitable framework must be free from bias, permit reasonably consistent qualitative and quantitative measurements of a company’s internal control, be


24

sufficiently complete so that those relevant factors that would alter a conclusion about the effectiveness of internal controls are not omitted, and be relevant to an evaluation of internal control over financial reporting;

(3) management’s assessment of the effectiveness of the internal control over financial reporting as of the end of the company’s most recent fiscal year, a statement as to whether the internal control over financial reporting is effective, and disclosure of any material weaknesses;

a. companies must maintain evidence, including documentation, to reasonably support

(i) management’s evaluation of whether the controls are designed to prevent or detect material misstatements or omissions,

(ii) management’s conclusion that the tests were appropriately planned and performed, and

(iii) that management appropriately considered the results of the tests;

b. the SEC provided the following nonexclusive list of examples of controls that should be evaluated:

(i) controls over initiating, recording, processing, and reconciling account balances, classes of transactions, and disclosure and related assertions included in the financial statements,

(ii) controls related to the initiation and processing of non-routine and non-systematic transactions, and

(iii) controls related to the prevention, identification, and detection of fraud;

c. management cannot conclude the internal control is effective if there are one or more material weaknesses; and

(4) a statement that the registered public accounting firm that audited the financial statements included in the annual report has issued an attestation report on management’s assessment of the internal control over financial reporting.

(i) The attestation report must be filed as part of the annual report.

s The final rules also require companies to include in their quarterly reports any change in their internal control over financial reporting that occurred during the fiscal quarter covered by the quarterly reports, or the last fiscal quarter in the case of annual reports, that has materially affected, or is reasonably likely to materially affect, the companies’ internal control over financial reporting.

(1) companies must determine whether, under the facts and circumstances, they must disclose the reasons for, or other information regarding, any changes in internal control over financial reporting in order to make disclosure regarding the change not misleading.

(2) the SEC expressly declined to require a specific date for management’s quarterly evaluation of changes in internal control over financial reporting.

s This rule became effective on August 14, 2003, but compliance deadlines are phased in as follows:

(1) companies that are accelerated filers as of the end of their first fiscal years ending on or after June 15, 2004, must comply with the annual internal control report requirements in their annual reports for that fiscal year.

(2) companies that are not accelerated filers, i.e., smaller companies and foreign private issuers, as of the end of their first fiscal years ending on or after June 15, 2004, must


25

comply with the annual internal control report requirements for their first fiscal year ending on or after April 15, 2005.

(3) all companies must comply with the requirements regarding evaluating any material changes to their internal controls in their first periodic reports due after their first annual report required to include an annual internal control report.

(4) all companies must comply with the new exhibit requirements for the section 301 and 906 certifications and changes to the section 302 certification requirements in reports due on or after August 14, 2003. Companies may temporarily modify the contents of their section 302 certifications to delete certain references to internal controls until they must comply with the internal control report requirements.



C. Real Time Disclosures SARBANES-OXLEY s SOX requires each company reporting under sections 13(a) or 15(d) of the Exchange Act

to disclose to the public on a rapid and current basis such additional information concerning material changes in the financial condition or operations of the company, in plain English, which may include trend and qualitative information and graphic presentations, as the SEC determines by rule is necessary or useful for the protection of investors and in the public interest. (409)

s Significance of this rule will depend on SEC rulemaking, and these provisions will become effective upon promulgation of SEC final rules.



NASDAQ (subject to SEC approval) s Rules regarding the disclosure of material information have been harmonized with

Regulation FD requirements so that any method of disclosure that complies with Regulation FD (i.e., conference calls, press conferences, and web casts, as long as the public is provided sufficient notice and provided access) satisfies the Nasdaq disclosure requirements.

D. Pro Forma Figures SARBANES-OXLEY s SOX requires that pro forma financial information included in any periodic or other

report filed with the SEC or in any public disclosure or press or other release must be presented in a manner that

(1) does not contain untrue statements of material omissions or misstatements of fact that would make the information misleading in light of the circumstances in which it is presented, and

(2) reconciles it with the financial condition and results of operations of the company under GAAP (401(b))


26




E. Non-GAAP Financial Information SARBANES-OXLEY s No applicable provisions.

SEC s The SEC has defined the category of financial information subject to the rule (“non-

GAAP financial measures”) and adopted new Regulation G to regulate the use of these measures. Regulation G applies to covered disclosures as of March 28, 2003. (Release Nos. 33-8176 (1/22/03); 33-8216 (3/27/03))

s A non-GAAP financial measure is a numerical measure of a company’s financial performance that

(1) excludes amounts, or is subject to adjustments that have the effect of excluding amounts, that are included in the comparable measure calculated and presented in accordance with GAAP in the statement of income, balance sheet, or statement of cash flows (or equivalent statements) of the issuer; or

(2) includes amounts, or is subject to adjustments that have the effect of including amounts, that are excluded from the comparable measure so calculated and presented. Statistical and operating measures are not covered.

s Regulation G applies whenever a company publicly discloses or releases material information that includes a non-GAAP financial measure.

(1) Regulation G imposes a general prohibition of material misstatements or omissions that would make the presentation of the material non-GAAP financial measure, under the circumstances in which it is made, misleading.

(2) Regulation G requires a quantitative reconciliation of the differences between the non-GAAP financial measure presented and the comparable financial measure calculated and presented in accordance with GAAP.

(3) If a company discloses a non-GAAP financial measure orally, telephonically, by webcast, by broadcast, or by similar means, it may provide the accompanying information required by Regulation G by posting such information on the company’s website and disclosing the location and availability of the required information during its presentation.

s Regulation G also applies to the use of non-GAAP financial measures contained in filings with the SEC and requires companies to:

(1) present the most directly comparable financial measure calculated and presented in accordance with GAAP;

(2) reconcile the differences between the non-GAAP financial measures presented and the most directly comparable GAAP measures;

(3) disclose the reasons why management believes that the use of the non-GAAP financial measure provides useful information to investors regarding the company’s financial condition and results of operation; and


27

(4) disclose any additional purposes for which management uses the non-GAAP financial measure.

s The SEC adopted a new Item 12 in Form 8-K, which requires public companies to furnish a Form 8-K to the SEC within 5 business days of any public releases or announcements disclosing material non-public financial information about completed annual or quarterly fiscal periods. (Release No. 34-47226)

s Companies will not have to file a Form 8-K if they publicly disclose financial information for a completed fiscal period orally, telephonically, by webcast, by broadcast, or other similar means if the presentation of the information:

(1) is preceded by the filing of the related, written release or announcement with the SEC on a Form 8-K;

(2) is broadly accessible to the public;

(3) was announced by a widely disseminated press release that included instructions as to when and how to access the presentation; and

(4) is posed on the company’s website, along with all information required under Regulation G.

s Companies must comply with respect to earnings releases and similar announcements made after March 28, 2003.



F. Off-Balance Sheet Transactions SARBANES-OXLEY s SOX requires that each annual and quarterly report required to be filed with the SEC

must disclose all material off-balance sheet transactions, arrangements, obligations (including contingent obligations), and other relationships of the company with unconsolidated entities or other persons that may have a material current or future effect on financial condition, changes in financial condition, results of operations, liquidity, capital expenditures, capital resources, or significant components of revenues or expenses (401(a))

SEC s The SEC amended existing rules to require disclosure regarding off-balance sheet

transactions. (Release No. 33-8182 (01/27/03))

(1) The SEC defines off-balance sheet arrangements as any contractual arrangement to which an unconsolidated entity is a party under which the company has

a. any obligation under certain guarantee contracts;

b. a retained or contingent interest in assets transferred to an unconsolidated entity or similar arrangement that serves as credit, liquidity, or market risk support to that entity for such assets;

c. any obligation under certain derivative instruments; and

d. any obligation under a material variable interest held by the company in an unconsolidated entity that provides financing, liquidity, market risk, or credit risk support to the company, or engages in leasing, hedging, or research and development services with the company.


28

(2) Companies are required to disclose any off-balance sheet arrangements only if they either have, or are reasonably likely to have, a current or future effect on the company’s financial condition, changes in financial condition, revenues, expenses, results of operation, liquidity, capital expenditures, or capital resources that is material to investors.

(3) Companies must also disclose the following information to the extent material and necessary to investors’ understanding:

a. the nature and business purpose of the company's off-balance sheet arrangements;

b. the importance to the company of the off-balance sheet arrangements with respect to liquidity, capital resources, market risk or credit risk support or other benefits;

c. the financial impact and exposure to risk; and

d. any known events, demands, commitments, trends, or uncertainties that impact the company's ability to benefit from its off-balance sheet arrangements.

s The SEC also amended the rules to require companies to disclose, in a tabular format, the amounts of payments due under certain categories of contractual obligations, aggregated by category, for specified time periods.

(1) These categories include long-term debt, capital lease obligations, operating leases, purchase obligations, and other long-term liabilities reflected on the company’s balance sheet under GAAP.

(2) Companies must include footnotes to the table to describe material contractual provisions or other material information to the extent necessary for investors to understand the timing and amount of the contractual obligations listed in the table.

s Companies must include disclosure regarding off-balance sheet transactions in all SEC filings required to include financial statements for the fiscal years ending on or after June 15, 2003, and disclosure regarding contractual obligations in all SEC filings required to include financial statements for the fiscal years ending on or after December 15, 2003



G. Material Correcting Adjustments SARBANES-OXLEY s SOX requires each financial report that contains financial statements and that is required

to be prepared in accordance with or reconciled to GAAP and filed with the SEC to reflect all material correcting adjustments that have been identified by a registered public accounting firm in accordance with GAAP and SEC rules. (401(a))





29

H. Accelerated Deadlines for Periodic Reports and Disclosure Concerning Website Access to Reports SARBANES-OXLEY s No applicable provisions.

SEC s The SEC issued a final rule accelerating the filing deadlines for annual and quarterly

reports filed by certain companies qualifying as “accelerated filers” pursuant to the Exchange Act. (Release No. 33-8128 (9/5/02))

s Companies satisfying the following requirements will be deemed accelerated filers and must comply with the accelerated filing deadlines:

(1) have a public float of at least $75 million;

(2) have been subject to reporting requirements for at least 12 months;

(3) have previously filed one annual report; and

(4) are not eligible to use the SEC’s special forms for small business issuers.

s The accelerated deadlines will be phased in over three years, with no change in deadlines for the first year. The annual report deadline will remain 90 days for the first year, change to 75 days for year two, and 60 days for year three and thereafter; the quarterly report deadline will remain 45 days for the first year, change to 40 days for year two, and 35 days for year three and thereafter.

s Accelerated filers must disclose in their annual reports, beginning with reports for fiscal years ending on or after December 15, 2002,

(1) the company’s website address, if it has one;

(2) whether its reports on Forms 10-K, 10-Q, and 8-K, and all amendments to those reports, are made available, free of charge, on the company’s website as soon as reasonably practicable after electronically filing such information with the SEC, and if not, why not; and

(3) if the company does not make its filing available in this manner, whether the company will voluntarily provide electronic or paper copies of its filings free of charge upon request.



I. Disclosure Regarding Director Nominations and Communications with Security Holders SARBANES-OXLEY s No applicable provisions.

SEC s The SEC proposed to amend existing proxy disclosure rules to expand companies’

disclosures regarding nominating committees and the nominating process. More specifically, the amendments require the following additional disclosures in proxy statements:

(1) If a company does not have a nominating committee, it must identify each director who participates in the consideration of director nominees and disclose the


30

company’s specific basis for the board’s determination that it is appropriate for the company not to have a nominating committee.

(2) A company must disclose whether or not it has a nominating committee charter, and if it does have a charter, its material terms and where a copy of the charter is available.

(3) A listed issuer whose securities are listed on a national securities exchange or association that has independence requirements applicable to nominating committee members must disclose any noncompliance with those independence requirements during its last fiscal year.

(4) A company whose securities are not listed on a national securities exchange or association that has independence requirements applicable to nominating committee members must disclose whether each nominating committee member is independent, as defined by any national securities exchange or association whose independence definition has been approved by the SEC.

(5) A company must describe the material elements of the company’s policy, if any, regarding the consideration of any director candidates recommended by security holders, including whether the nominating committee will consider director candidates recommended by security holders. If a company does not have such a policy, then it must state that fact.

(6) A company must disclose the following information relating to the nominations process

a. the procedures, if any, that security holders must follow in submitting recommendations for director candidates;

b. any specific, minimum qualifications that the nominating committee believes must be satisfied by director candidates recommended by the nominating committee, any specific qualities or skills that the nominating committee believes are reasonably necessary for one or more of the directors to possess, and any specific standards for the overall structure and composition of the board;

c. the nominating committee’s process for identifying and evaluating director nominees, including those nominees recommended by the security holders, and any differences in the manner in which the nominating committee evaluates director candidates based on whether the candidate is recommended by security holders;

d. the specific source (such as the name of an executive officer, director, or other individual) for all nominees (other than executive officers or directors standing for re-election) approved by the nominating committee for inclusion on the proxy card;

e. the function performed by any third party who received a fee to identify or evaluate potential director candidates; and

f. if a nominating committee chooses not to nominate a candidate recommended by a security holder who beneficially owns more than 3% of the voting common stock of the company for at least one year as of the date the recommendation was made, the name of the security holder who recommended the candidate and the specific reasons for the nominating committee’s decision not to include the candidate as a nominee. (See Release No. 34-48301 (8/8/03))

s The SEC has issued proposed rules that would require companies to include the following information in their proxy materials where action is to be taken with respect to the election of directors:


31

(1) whether or not the company’s board of directors provides a process for security holders to communicate with the board, and if it does not, the reasons why the board has determined that it is appropriate for the company not to have this process;

(2) if the company has a communications process, a description of the manner in which security holders may send communications to the board, including an identification of the particular board members to whom the communications should be sent;

(3) if the communications are not sent directly to the board members, a description of the process for determining which communications will be relayed to the board; and

(4) a description of any material actions taken by the board during the preceding fiscal year as a result of security holder communications.



VI. Auditor Requirements

32


A. Public Company Accounting Oversight Board SARBANES-OXLEY s SOX created the Public Company Accounting Oversight Board (the “PCAOB”), a non-

profit, non-governmental corporation, to oversee public company audits, specifically charged with registering and inspecting all accounting firms that audit public companies; establishing rules regarding auditing, quality control, ethics, independence, and other standards; and investigating, disciplining, and sanctioning accountants and accounting firms (101-105)

s The Board will consist of five full-time members, only two of whom may be CPAs, and will be partially funded by an annual fee assessed against all public companies based on their relative market capitalizations (101, 109)

s The SEC must appoint the initial members by October 28, 2002, and oversee the creation of a fully functioning Board by April 26, 2003. Effective October 23, 2003, or 180 days after creation of the Board, an unregistered accounting firm may not issue an audit report with respect to any public company (101, 102)

SEC s The SEC has approved the registration system implemented by the PCAOB. Any

domestic public accounting firms that plan to prepare or issue audit reports for public companies must register with the PCAOB by October 22, 2003, in accordance with the PCAOB’s rules and procedures.



B. Auditor Independence SARBANES-OXLEY s SOX prohibits registered public accounting firms from providing to public companies for

whom the accounting firm is contemporaneously performing an audit any of the following non-audit services:

(1) bookkeeping or other services related to the company’s accounting records or financial statements;

(2) financial information systems design and implementation;

(3) appraisal or valuation services, fairness opinions, or contribution-in-kind reports;

(4) actuarial services;

(5) internal audit outsourcing services;

(6) management functions or human resources;

(7) broker or dealer, investment adviser, or investment banking services;

(8) legal services and expert services unrelated to the audit; or

(9) any other service that the Board determines, by regulation, is impermissible. (201)

s All audit services as well as non-audit services not prohibited by the above must be pre-approved by the company’s audit committee, subject to a de minimis exception for


33

certain non-audit services, and any non-audit services must be disclosed in the company’s periodic reports. (201, 202)

s SOX also prohibits registered public accounting firms from auditing a company if the lead audit partner or the audit partner responsible for reviewing the audit has performed audit services for the company in each of the previous five years. (203)

s Registered public accounting firms must timely report to the company’s audit committee (or if none, to the full board) all of the company’s critical accounting policies and practices, all alternative treatments (and ramifications of such treatments) of financial information within GAAP discussed with management and the treatment preferred by the firm, and other material written communications between the firm and the company’s management. (204)

s SOX further prohibits registered public accounting firms from auditing a public company if the CEO, CFO, chief accounting officer, controller (or any equivalent) was employed by that firm and participated in any capacity in the company’s audit during the one-year period preceding initiation of the audit. (206)

SEC s The SEC adopted several rules to strengthen auditor independence and require additional

disclosure to investors regarding services provided by the auditor in accordance with SOX. These rules became effective on May 6, 2003, and the SEC provided several transition dates for compliance. (Release Nos. 33-8183 (01/28/03); 33-8183A (3/26/03))

s Auditors registered with the PCAOB are now prohibited from rendering certain non-audit services for their audit clients that would impair the auditor’s independence.

a. These prohibited services include the following, and each is specifically defined in the new rules: bookkeeping services, financial information systems design and implementation, appraisal or valuation services, including fairness opinions or contribution-in-kind reports, actuarial services, internal audit outsourcing services, management functions or human resources, broker/dealer, investment advisor, or investment banking services, legal services and expert services unrelated to the audit, and any other service that the PCAOB determines, by regulation, is impermissible.

(10) In order to provide a fair transition, performance of any of the above services will not impair an auditor’s independence if those services are being performed pursuant to a contract in existence on the effective date of the rules.

s Audit committees must pre-approve all audit and permissible non-audit services in accordance with pre-approval policies and procedures established by the audit committee.

(1) Pre-approval is not required for non-audit services where

a. all services do not aggregate to more than 5% of total revenue paid by the company to its auditor in the fiscal year such services are provided;

b. the services were not recognized as non-audit services at the time of engagement; and

c. the services are promptly brought to the audit committee’s attention and approved by the audit committee before the completion of the audit.

(2) An engagement for non-audit services entered into before the effective date of these rules will not be subject to these rules but must be completed within one year of the effective date of these rules.

s Auditors must report certain matters to the company’s audit committee, including critical accounting policies and practices, all alternative treatments within GAAP for policies and practices related to material terms that have been discussed with management, and other


34

written communications provided to management, such as representation, engagement, and independence letters, and reports on internal controls.

s An accounting firm will not be independent if a lead partner, a concurring partner, or any other member of the audit engagement team who provided more than ten hours of audit services for a company accepts a position with that company in a financial reporting oversight role within the one year period preceding the commencement of audit procedures for the year that included employment by the company of the former member of the audit engagement team.

(1) If the audit committee determines that it is in the best interest of investors, however, it may invoke a limited exemption for emergency or unusual circumstances.

(2) This rule applies to employment relationships that commence after the effective date of these rules.

s The lead and concurring audit partners will be required to rotate after five years and, upon rotation, be subject to a five-year time out period. Certain other audit partners on the audit engagement team will be required to rotate after seven years and be subject to a two-year time out period.

(1) Accounting firms with fewer than five audit clients and fewer than ten partners will be exempt from the rotation requirements if the PCAOB conducts a review of all of the firm’s engagements that would otherwise be subject to the rotation requirement at lease once every three years.

(2) The rules applicable to lead partner rotations will be effective for the first fiscal year ending after the effective date of the rules, and the time served in the capacity of lead partner before the effective date of the rules will be included in calculating when the partner must rotate.

(3) The rotation requirements for concurring partners will be effective as of the end of the second fiscal year after the effective date of the rules.

(4) The rotation rules for other audit partners will be effective as of the beginning of the first fiscal year after the effective date of the rules, and that first fiscal year will constitute the first year of service for such partners.

s An accounting firm will not be independent if, at any point during the professional engagement period, any audit partner, other than a specialty partner, earns or receives compensation based on the partner procuring engagements with that client for non-audit services.

(1) Again, certain small accounting firms are exempt from this rule.

(2) The effective date will be the fiscal periods of the accounting firm that commence after the effective date of these rules.

s Companies must disclose, either in proxy statements or annual reports for the first fiscal year ending after December 15, 2003,

(1) fees paid to their auditors, segregated into the following categories: audit fees, audit-related fees, tax fees, and all other fees;

a. The audit category includes not only fees for services necessary to perform an audit or review, but also fees for comfort letters, statutory audits, attest services, and review of documents filed with the SEC;

b. The audit-related fee category will include, in part, employee benefit plan audits, due diligence related to mergers and acquisitions, and internal controls reviews;


35

c. The tax category includes all services performed by professional staff in the auditor’s tax division except services related to the audit, such as tax compliance and tax planning;

(2) the types of services provided in each category listed above except for the audit category;

(3) the audit committee’s pre-approval policies and procedures, either by describing them in, or by attaching a copy to, the disclosure document; and

(4) whether they have utilized the de minimis exception, and if so, the percentage of total fees paid to the auditor pursuant to the de minimis exception.




36

VII. Shareholders

SARBANES-OXLEY s No applicable provisions.


NYSE (subject to SEC approval) s Effective as of June 30, 2003, shareholder approval is required for all equity-

compensation plans of listed companies and any material revisions to these plans.

s The following are not equity-compensation plans and are not subject to shareholder approval:

(1) any plan made available to shareholders generally, or

(2) certain plans that merely provide a convenient way for employees, directors, or other service providers to buy shares on the open market or from the company at fair market value (for example, payroll deductions).

s Compensation committee approval rather than shareholder approval is required for the following plans:

(1) employment inducement awards,

(2) certain plans acquired in mergers or acquisitions, and

(3) any plan intended to meet the requirements of section 401(a) or section 423 of the Internal Revenue Code and parallel nonqualified plans.

NASDAQ (subject to SEC approval) s Effective as of June 30, 2003, listed companies must obtain shareholder approval for the

adoption of, or material amendments to, stock option plans.

s The following exemptions are available:

(1) warrants and rights issued generally to all shareholders,

(2) certain employment-induced options, if those options are approved by the company’s compensation committee or by a majority of independent directors,

(3) tax-qualified plans, non-discriminatory employee benefit plans such as ESOPs and 401(k) plans, and parallel non-qualified plans, if those plans are approved by the company’s compensation committee or a majority of independent directors,

(4) certain plans that merely provide a convenient way to purchase shares on the open market or from the company at fair market value, and

(5) certain plans relating to any acquisition or merger.

37

VIII. Employees

A. Whistleblower Protection SARBANES-OXLEY s Effective July 30, 2002, no company (or any of its officers, employees, or agents) with

securities registered under section 12 of the Exchange Act or that files reports under section 15(d) of the Exchange Act may discharge, demote, threaten, or discriminate against an employee who lawfully provides information or assists or testifies in any governmental or internal investigation regarding any violations of the federal mail fraud, wire fraud, or securities fraud statutes, any SEC rule, or any provision of federal law relating to fraud against shareholders (806); SOX sets forth the procedures to be followed by, and the remedies available to, an employee suing for violations of these provisions. (806)

s Also effective July 30, 2002, SOX also makes it a federal crime for a person who knowingly, with the intent to retaliate, takes any action harmful to any other person, including interference with the person’s lawful employment, for providing to a law enforcement officer any truthful information regarding the commission or possible commission of a federal offense, primarily those involving securities law violations. A violating person may be fined or imprisoned up to ten years or both. (1107)




B. Black-Out Periods SARBANES-OXLEY s See Part IV, Directors and Officers, Section C for further discussion.

SEC s See Part IV, Directors and Officers, Section C for further discussion.



38

IX. Attorney Professional Responsibility

SARBANES-OXLEY s The SEC must prescribe rules setting forth the minimum standards of professional

conduct for attorneys appearing and practicing before the SEC in any way in the representation of public companies, including a rule requiring an attorney to report evidence of a material violation of securities law or breach of fiduciary duty or similar violation by the company or any agent thereof to the chief legal counsel or the CEO (or any equivalent) of the company and, if the counsel or officer does not appropriately respond to the evidence, requiring the attorney to report the evidence to the audit committee or to another board committee comprised solely of directors not employed directly or indirectly by the company or to the full board (307)

SEC s The SEC adopted final rules, effective as of August 5, 2003, requiring attorneys

practicing before the SEC in the representation of a public company to report evidence of a material violation up-the-ladder to the chief legal counsel, CEO, or other equivalent officer. If those officers do not respond appropriately, then the attorney must report the evidence to the audit committee, another independent board committee, or the full board. (Release No. 33-8185 (01/29/03))

s As an alternative procedure, companies are permitted to establish a “qualified legal compliance committee,” to which an attorney may report evidence of wrongdoing.

s An objective, rather than subjective, triggering standard is used to determine what constitutes evidence of a material violation, namely, “credible evidence, based upon which it would be unreasonable, under the circumstances, for a prudent and competent attorney not to conclude that it is reasonably likely that a material violation has occurred, is ongoing, or is about to occur.”

s The rule applies to attorneys providing legal services to a public company who have an attorney/client relationship with the company and who have notice that documents they are preparing or assisting in preparing will be filed with or submitted to the SEC.

s A reporting attorney may reveal confidential information without his or her client’s consent if the attorney reasonably believes it necessary

(1) to prevent the company from committing a material violation likely to cause substantial financial injury to the financial interests or property of the company or its shareholders;

(2) to prevent the company from committing an illegal act; or

(3) to rectify the consequences of a material violation or illegal act in which the attorney’s services have been used.

s The SEC clarified that states are permitted to impose more rigorous obligations on attorneys that are not inconsistent with the rules, but that the federal rules will govern in the event that they conflict with state law.

s The SEC confirmed that the rules do not create a private cause of action and that the SEC has exclusive authority to enforce compliance.

s The SEC did not include the “noisy withdrawal” provisions included in the proposed rules, but is continuing to consider those provisions.



VII. Enhanced Enforcement Powers

39

X. New Crimes and Enhanced Enforcement Powers

A. Retention of Audit Records SARBANES-OXLEY s SOX provides that any accountant who knowingly and willfully does not maintain audit

and review work papers for a period of five years from the end of the fiscal period in which the audit or review was concluded or who violates any related SEC rule may be fined, imprisoned up to ten years, or both. (802)

SEC s The SEC adopted a rule requiring accounting firms to retain those records relevant to the

audit or review of a company’s financial statements, including

(1) workpapers and other documents that form the basis of the audit or review, and

(2) memoranda, correspondence, communications, and other documents and records (including electronic records) that are created, sent, or received in connection with the audit or review and contain conclusions, opinions, analyses, or financial data related to the audit or review. (Release No. 33-8180 (01/24/03))

s The retention period is seven years from the conclusion of the audit or review.

s This rule became effective as of March 31, 2003, and auditors must comply for all audits and reviews completed on or after October 31, 2003.



B. Interference with Federal Investigations or Bankruptcies/Obstruction of Justice SARBANES-OXLEY s Effective July 30, 2002, SOX provides that any person who knowingly alters, destroys,

mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence any federal investigation or bankruptcy will be fined, imprisoned not more than 20 years, or both (802)




C. Securities-Related Fraud SARBANES-OXLEY s Effective July 30, 2002, SOX provides that any person who knowingly executes, or

attempts to execute, a scheme or artifice to defraud any person in connection with any security of a company with securities registered under section 12 of the Exchange Act or that is required to file reports under section 15(d) of the Exchange Act or to obtain, by means of false pretenses, any money or property in connection with the purchase or sale


40

of any security of a company with securities registered under section 12 of the Exchange Act or that files reports under section 15(d) of the Exchange Act, in either case, will be fined, imprisoned up to 25 years, or both. (807)




D. Dischargeability of Debts SARBANES-OXLEY s Effective July 30, 2002, SOX prohibits an individual debtor who files for bankruptcy

from being discharged from any debt resulting from a violation of any federal or state securities laws, regulations or orders, or common law fraud, in connection with the purchase of sale of any security, and results from any federal or state judgment, order or decree, any settlement agreement, or any other federal or state order for any damages, fines, penalties, attorney fees, or other payments. (803)




E. Statute of Limitations SARBANES-OXLEY s SOX extends the statute of limitations for private causes of action for securities law fraud

to the earlier of two years after discovery of the facts constituting the violation (previously, one year) and five years after the violation (previously, three years), effective with respect to proceedings commencing on or after July 30, 2002. (804)




F. Increased Penalties of Existing Crimes SARBANES-OXLEY s Effective July 30, 2002, SOX increased penalties for the following crimes:

(1) Penalties for mail fraud and wire fraud were increased from a maximum of five years imprisonment to a maximum of 20 years imprisonment. (903)

(2) Penalties for ERISA violations were increased from one year to ten years imprisonment and certain civil fines were also increased. (904)


41

(3) Attempts and conspiracies to commit certain offenses, such as mail fraud, wire fraud, and securities fraud will be subject to the same penalties as those prescribed for the offense, the commission of which was the object of the attempt or conspiracy. (902)

(4) Any person who tampers with a document with the intent to impair the object’s integrity or availability for use in an official proceeding may be fined, imprisoned not more than 20 years, or both. (1102)

(5) Penalties for willful violations of the Exchange Act were increased from a fine of up to $1 million to a fine of up to $5 million and from imprisonment of up to ten years to imprisonment of up to 20 years, and the maximum fine for entities who willfully violate the Exchange Act was increased from $2.5 million to $25 million. (1106)




G. Enhanced SEC Review of Disclosure Documents SARBANES-OXLEY s Effective July 30, 2002, SOX requires the SEC to review disclosures made by companies

reporting under section 13(a) of the Exchange Act and that have securities listed on a national securities exchange or Nasdaq on a regular and systematic basis, and each company must be reviewed (which includes reviewing the company’s financial statements) at least once every three years. (408)

(1) In scheduling reviews, the SEC must consider certain factors, including whether the company has issued material restatements of financials, whether the company has experienced significant volatility in its stock price as compared to other companies, the company’s market capitalization, if the company is an emerging one, whether there are disparities in price to earning ratios, and whether the company’s operations significantly affect any material sector of the economy.




H. Enhanced SEC Powers and Funding SARBANES-OXLEY s Effective July 30, 2002, SOX granted the SEC and federal courts additional enforcement

and injunctive powers, including the authority of the SEC to impose a 45-day freeze on extraordinary payments to directors, officers, controlling persons, agents, or employees of a company that is under investigation. (1103)

s SOX authorized a $776 million SEC appropriation for fiscal year 2003, including $103 million to increase compensation of existing personnel and $98 million to add 200 professionals for oversight of auditors and audit services. (601)


42




I. Enhanced Enforcement Powers of Stock Exchanges SARBANES-OXLEY s No applicable provisions.


NYSE (subject to SEC approval) s The NYSE may issue a public reprimand letter to any listed company that violates a

NYSE listing standard.

s This rule becomes effective immediately upon the publication of SEC approval in the Federal Register.

NASDAQ (subject to SEC approval) s Nasdaq may delist any company making a material misrepresentation or omission to

Nasdaq. This has already been approved by the SEC and is currently effective.

s Nasdaq may deny re-listing to a company based upon a corporate governance violation that occurred while that company’s appeal of the delisting was pending.

Exhibit A

I [identify the certifying individual] certify that:

1. I have reviewed this [specific report] of [identify registrant];

2. Based on my knowledge, the report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;

3. Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations, and cash flows of the registrant as of, and for, the periods presented in this report;

4. The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f))10 for the registrant and have:

a. Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidate subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;

b. Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;

c. Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and

d. Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and

5. The registrant’s other certifying officer(s) and I have disclosed, based on our recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):

a. All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize, and report financial information; and

b. Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.

10 An extended compliance period is granted regarding the underlined portions of the certification, which must be provided in the first

annual report required to contain management’s internal control report.

Sarbanes-Oxley Rules and Regulations - Dallas … book_2.pdfI. Board of Directors A. Composition and...

Documents

Transcript of Sarbanes-Oxley Rules and Regulations - Dallas … book_2.pdfI. Board of Directors A. Composition and...