B1 Corporate Governance Flashcards
Corporate Governance
What 3 objectives does Sarbanes-Oxley Act of 2002 addresses?
- Corporate responsibility
- Enhanced financial disclosures
- Fraud
Section 404 refers to?
The assessment of internal controls by management
The Code of Ethics (“Tone at the top”) refers to what 3 things?
- Ethical conduct
- timely disclosures in periodic financial reports
- Compliance with laws
How many members of the audit committee must be financial experts?
One
What is the role of the SEC?
to protect investors by regularly reviewing disclosures made by companies
The SEC is more likely to review what type of companies?
Companies that:
1) issued material restatements,
2) stocks that rapidly move up and down (short periods)
3) Large companies (ex. google)
4) Emerging companies
5) Large banks & Insurance
How long is the Statue of Limitations for Securities Fraud?
“2 & 5 rule”
- earlier of two years after discovery of facts constituting violation, or 5 years after the violation.
Knowingly falsifying financial reports that are inaccurate and not reporting can have what penalty?
fines up to 1million or jail up to 10yrs.
Penalties for Intentionally trying to deceive public regarding financial statements
5million dollar fine or up to 20yrs jail
In order to enforce corporate accountability the SEC has the power to…? (4)
- Fine/Jail for tampering/impeding official proceedings (2oyrs)
- Freeze Assets for 45 days
- prohibit serving as officers/directors
- Any action taken against whistleblowers fine/jail (10yrs)
COSO’s framework is designed to ….?
document the assessment of internal controls over financial reporting
COSO is used by whom?
Management/board & Stockholders
How does COSO help management & B.O.D?
helps show when internal controls are being utilize/design effectively
How does COSO help stockholders?
determines if internal controls align with objectives
i.e accurate financial statements, compliance,
Define Internal Controls
designed to provide reasonable assurance of operating ,reporting and compliance objectives,
Define the 3 major categories of objectives under COSO ( orc)
- op obj- effective & efficiency of operations
- Report obj- reliability of F.S
- Compliance- adhering to laws
Name the 5 “integrated” components of internal control
CRIME
Control environment, risk assessment, information & communication, monitoring activities, existing control activities
What is the purpose of the 5 components of internal control ( CRIME)?
To achieve the 3 objectives of internal control ( ORC)
Define the control environment (Crime)
tone at the top- ethics
“ EBOCA”
ex: ethics, board independence, organizational structure, commitment to competence, accountability (“EBOCA”)
Define risk assessment (Crime)
f/s misstated or fraud as it relates to COSO
“EAR”- Event ID, Assess risk, Respond to risk
Define Information & communication (Crime)
checks if internal & external info is Fair, accurate, complete & timely (FACT)
ex: internal audit, audit committee, management ( all internal), cpa firm, investors, etc (external)
Define Monitoring ( CRIME)
test the efficiencies of internal controls and report + correct deficiencies
frequency of testing is dictated by risk
Define Existing control activities ( Crime)
- policies & procedures used to mitigate risk
- can be auto/manual or detective/preventative
ex: segregation of duties, IT, reconciliations
COSO’s primary focus on what objective? (ORC)
reporting
An effective system of internal controls require all 5 components to be ? ( 2 words)
- Present- included in design
2. Functioning- operating as designed in internal system
What does a major deficiency in internal control represent?
significantly reduces likelihood org. can achieve obj.
What’s the focus of ERM?
strategy to balance risk & return
ex: forecasting & identifying all risk
What’s the difference between ERM focus vs COSO (ORC)?
ERM focus on a broader scope of balancing risk & return (ex: keeping money in savings low risk vs expanding business high risk
COSO focuses on the reporting (ex making sure company’s F/S is accurately reported)
COSO defines ERM as …?
ability to identify, manage and provide reasonable assurance levels of risk to achieve company’s objectives
ERM is broken down to what 4 objectives? ( S+ ORC)
Strategic (goals designed to achieve mission), operations, reporting, compliance
Similar to COSO internal control but broader in scope
The components of ERM “ IS EAR AIM” can be defined as ?
- IS- “C” in Crime + SORC
- EAR- “R” in Crime
- AIM - “E, I, M” in CRIME
Inherent vs Residual Risk (“A” in EAR under ERM)
Inherent-risk if mgmt. takes no action to event
Residual risk-risk to org after mgmt. decision
Benchmarking vs Probabilistic models vs non-probabilistic
ways to assess risk under ERM
- benchmarking - compares data vs other companies
- Probabilistic- statistical data “historical”
- Non-Probabilistic- opinion (ex outcome of lawsuit)
According to COSO, which component of ERM addresses an entity’s integrity & ethical values?
Internal environment
The external auditors for Horace Company assess the achievement of internal control obj. each yr. & communicates assessment to mgmt. & board. Which principle of info & communication does this represent?
External Communication
A company that retains a CPA w/ knowledgeable skills to prepare effective Financial reporting is applying the ideas from which principle of effective internal control over Financial reporting?
Financial reporting competencies
Company X evaluates employees w/ responsibilities for financial reporting for fulfillment of those responsibilities for compensation and promotion purposes. The company’s policies support the idea that:
HR practices should be designed to facilitate effective internal control over Financial reporting
Company X is evaluating sample sizes associated w/ periodic test of the existence of a fleet of taxis. Cash receipts associated w/ fares deposited daily are periodically reconciled to both the fares charged and taxi’s odometer readings. Will fixed assets or cash be moniter more?
Cash will be monitored more vs fixed assets because cash is more likely to be stolen.
