Ch 1- Corporate Governance Flashcards
Define internal control within the context of the COSO Internal control framework including the purpose objectives
Purpose and objectives: control environment, risk assessment, control activities, info and comm, and monitoring operational and financial performance goals, measuring efficiency and effectiveness, safeguarding assets, reporting, and adherence to regulations
Define internal control within the context of the COSO Internal control framework including limitations
unrealistic to think controls are invincible or foolproof only provide reasonable assurance collusion, management override human judgement, faulty decision-making, and human error limit
Identify and define the components and underlying structure of the COSO Internal Control framework- Control Environment
organizational structure, culture of integrity, and ethical decision-making, and performance measurement criteria Principles- Organization demonstrates committment to integrity and management sets the tone at the top and it trickles down
Identify and define the components and underlying structure of the COSO Internal Control framework- Risk Assessment
likelihood risks will occur and effects risks will have on organization; iterative process (repitious)
Identify and define principles of the COSO Internal Control framework- Control Environment
Principles- Organization demonstrates committment to integrity and ethical values– management sets the tone at the top and it trickles down Board of directors demonstrates independence from mgt and exercises oversight of the development and performance of internal controls Mgt establishes, with board oversight, structures,reporting lines, and approppriate authorities and responsiblities in pursuit of objectives The organization demonstrates a committment to attract, develop, and retain competent individuals in alighnment with objectives– individuals have performance measures related to internal control accountability
Identify and define principles of the COSO Internal Control framework- Risk Assessment
organization specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives organization identifies risks to achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed Organization considers the potential for fraud in assessing risks to the achievement of objectives The organization identifies and assesses changes that could significantly impact system of internal controls
Identify and define the components and underlying structure of the COSO Internal Control framework- Control Activities
mitigate risks across all levels of the organization, including information system segregation of duties, authorization and approval, reconciliation, information matching and verification, access admin, and supervisor review
Identify and define principles of the COSO Internal Control framework- Control Activites
organization selects and develops control activities that contribute to mitigation of risks to the achievement of objectives to acceptable levels The organization selects and develops general control activities over technology to support the achievement of objectives The oganization deploys activities through policies that establish what is expected and procedures that put policies into action
Identify and define principles of the COSO Internal Control framework- Information and Communication
organization obtains or genreates uses relevant, quality info to support the functioning of internal control organization internally communicates info, including objectives and responsibilities of internal control, necessary to support the functioning of internal control organization communicates with external parties regarding matters affecting functioning of internal control
Identify and define the components and underlying structure of the COSO Internal Control framework- Information and communication
Relevant internal and external info is necessary to achieve objectives and timely communication supports the function of internal control
Identify and define the components and underlying structure of the COSO Internal Control framework- Monitoring activites
evaluating if the 5 components of COSO IC are present, if not communicates them to mgt and board of directors
Identify and define principles of the COSO Internal Control framework- Monitoring activites
organization selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning organization evaluates and communicates internal control definciencies in a timely manner to those parties responsible for taking corrective action including senior mgt and board of directors as appropriate
Apply COSO IC framework to identify control for risks scenarios in an entity- Preventative
Controls aim to deter the occurence of errors and fraudulent activities and are designed to stop unauthorized acts before they happen Controls over security, access admin
Apply COSO IC framework to identify control for risks scenarios in an entity- Detective
Controls helps identify errors and fraud that have previously occurred within the organization when preventive controls fail to stop an undesirable act in place to discover and communicate issues in timely manner reconciliation of account balances
Apply COSO IC framework to identify control for risks scenarios in an entity- Corrective
Controls fix errors and irregularities discovered after the fact. Identifies issue and plays active role in alleviating the issue and restoring functionality User access review to remove inappropriate access
Describe the corporate governance structure within organization- Tone of the top
Crucial element of ethical operations and decision-making Ethical climate or atmosphere within entity that cascades from leadership to frontline employees Discourages or encourages certain behaviors Can find by asking employees or gathering data, evidence from records, or gauge by online representation
Describe the corporate governance structure within organization- Corporate formation policies
Articles of incorporation- file with the state name of corp, corp address, purpose, shares, registered agents, and incorporators; processing fee to amend with state Bylaws- high-level rules over how corp is to operate on day-to-day basis; how Board elected, duties of directors, schedule of required meetings, procedure for meetings, and process for disputes. free to amend with vote of board of diretors
Describe the corporate governance structure within organization- Corp stakeholders, steering committees, and oversight
Hierarchy of who reports to who
Describe the corporate governance structure within organization- Owners (Shareholders)
provide capital for org to conduct business
Rights of SH
Economic rights- to receive dividends
Control rights- right to vote on important matters relating to business
Info rights- right to inspect the corp’s books and records
Litigation rights- judicial enforcement of other rights under certain circumstances
Pre-emptive rights- right of common SH to purchase new issuances first so they can maintain proportions share of outstanding
Cumulative Right to sell
right to elect most fundamental
Describe the corporate governance structure within organization- Officers
Executive team in charge of directing day-to-day business
Agency relationship- authority to contractually bind corp
Responsibilities- Fiduciary duty, fair representation of FAR, and CEO/CFO certification of FAR
Describe the corporate governance structure within organization- Directors
Board of directors to oversee business
Responsibilities- selecting and appointing officers, declaring dividends, determing mgt compensation, appoint external auditors, resolve disagreements between magt and external auditors, fiduciary duties, duty of loyalty
Committees-
Audit committees, Compensation committee, nominating/ corp governance committee
Requirement- Financial expert on audit committee, director independence
Additional Oversight- Intenral auditors and external auditors, IRS, SEC, creditors, attorneys, eyc
Describe the corporate governance structure within organization- Corp Classifications
Filing class- market capitalization or aggregate worldwide market value of voting and non-voting common equity
Emerging Growth Company (EGC)- gross revenues of less than billion dollars that has completed an IPO, the first time issuing stock, and IPO occured after 12/18/2011
Benefits of EGC- confidential review by SEC, FASB private company standards, No mandatory disclosures for compensation and say-for-pay requirements
Maintain EGC- Gross rev >= $1 bill, accelerated filer, Issues $1 bill in non-convertible debt over 3 years, 5 years after IPO
Define enterprise risk mgt within context of COSO ERM framework including purpose, objectives
process to identify events that may effect entity and manage risk to provide reasonable assurance the entity is able to achieve objectives while avoiding surprises
provides guidance for entities as they navigate uncertainity and challenges with balancing risk and opportunites
Expansion of COSO IC, objectives in operations, reporting, compliance, and strategic
Define enterprise risk mgt within context of COSO ERM framework including limitations
Define role of business strategy within context of COSO ERM framwork
Apply framework to scenarios
uncertinaty, imperfect info resulting in poor human judgement, unforeseen circumstances, and wiling disregard for risk mgt policies and procedures, collusion and mgt override
Cost-benefit for risk mgt is strategic
Identify and define the components, structure COSO ERM- Internal Environment
Risk mgt philosophy, influenced by culture, sets tone for organization
Risk appetite- level of acceptable risk
Risk tolerance- range of risk variation an entity is wiling to accept
Board should oversee philosophy and risk appetite
Identify and define components, objectives, and structure of COSO ERM framework- Objective setting
establishing direction by setting objectives, process to set objectives, should align with entity’s mission and risk appetite
Objectives- Strategic high-level goals, operations efficient and effective use, reporting reliability of FAR, Compliance applicable laws and regs
Identify and define components, objectives, and structure of COSO ERM framework- Event Identification
experiences, internal and external, having positive or negative effects fullfillment of objectives, tries to pinpoint before happens
SWOT
Identify and define components, objectives, and structure of COSO ERM framework- Risk Assessment
analyze risks and determine a basis for risk mgt, consider likelihood, impact, and potential to impede objetives
inherent risk, residual risk
Assessement techniques- benchmarking, probabilistic models, and non probabilistic models
Identify and define components, objectives, and structure of COSO ERM framework- Risk Response
appropriate action based on risk appetite and risk tolerance
Responses to risk- avoidance, reduction, sharing (transfer portion of risk), acceptance
Identify and define components, objectives, and structure of COSO ERM framework- Control activities
response involves applying action, policies and procedures that are preventative, detective, or corrective
provide reasonable assurance that risk responses are exectued appropriately and timely
Identify and define components, objectives, and structure of COSO ERM framework- Info and comm
personnel aware of ERM
common language concerning risk
roles and responsibility clearly defined and expressed
info systems
Identify and define components, objectives, and structure of COSO ERM framework- monitoring
COSO Guidance on montioring control systems
confirms ERM functioning properly and not deteriorating over time
Supplementary COSO-establish foudation for monitoring, design and execute monitoring procedures, and assess and report results
Identify and define key corporate governance provisions and deficiencies of the Sarbanes-Oxley Act of 2002
greater separation between external auditors and corporate officers (Sec 301)
Increase corporate responsibility for FAR (Sec 302)
Emphasize the importance of internal control with enhnaced disclosure requirements (404)
Propose whistelblower protection (806)
Create criminal penalities for corporate fraud (802, 804, 906)
*
Identify and define key corporate governance provisions and deficiencies of the Sarbanes-Oxley Act of 2002 - Title III
301- Public company audit comittees from Board, members of comittee independent of company and external audit company, also looks at complaints and concerns of acct
302- Corporate responsibility for FAR on CFO and CEO, their job to make sure they’re kosher and sign off on them
Identify and define key corporate governance provisions and deficiencies of the Sarbanes-Oxley Act of 2002 - Title IV
404- Mgt assessment of internal controls, mgt must maintain internal control system
independent auditor must look over accelerated filers FAR
Subsequent legislation makes it so non-accelerated filers and JOBS are exempt
Identify and define key corporate governance provisions and deficiencies of the Sarbanes-Oxley Act of 2002 - Title VII
802- Criminal penalities for altering docs, jail time and/or fine
Corp officers can be fined up to $5m and sentenced 20 yrs in prison
Auditor can be sentenced up to 10 yrs for not keeping required records (7 yrs) and could also be fined
804- Statute of limitations for securities fraud is earlier of 2 yrs after the discovery of facts or 5 years after such violation
806- Protection for employees of publically traded companies who provide evidence of fraud (whistleblower)
Identify and define key corporate governance provisions and deficiencies of the Sarbanes-Oxley Act of 2002 - Title IX
906- White-collar crime penalty enhancements, Cfo/Ceo failing to verify FAR could face imprisonment for 10-20 yrs and/or fines of $1m-$5m
907- defrauding SH can receive sentence up to 25 yrs and possibly a fine
Identify and define key corporate governance provisions and deficiencies of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank)
promote financial stability of US by improving accountability and transparency in financial system to end “too big to fail”, to protect AMerican taxpayer by ending bailouts, to protect consumers from abusive financial services practices, etc
Identify and define key corporate governance provisions and deficiencies of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank) - Title IX
922- Whistleblower protection coupled with rewards, if sanctions of $1m or more, entitled to 10%-30% of total collected $
Auditors, DOJ employees, PCAOB members, and members of law enforcement
951- SH vote on executive compensation disclosures, “say-on-pay” must vote every 3 yrs, vote on frequency of compensation vote every 6 yrs,
972- Discolsures regarding chairman and Ceo structures, must disclose why or why not chairman is also CEO annually in proxy statement
Identify and define key corporate governance provisions and deficiencies of the JumpStart Our Business Startups Act of 2012 (JOBS Act)
stimulates US economy by encouraging more companies to go public becuase of declining number of IPOs
simplifies offering process by creating special rules and exemptions for EGCs
permits crowd funding
Identify and define key corporate governance provisions and deficiencies of the JumpStart Our Business Startups Act of 2012 (JOBS Act) - Title I
Reopening American capital markets to EGCs
scales down disclosures thought to deter, treats EGCs more like private companies for the first 5 yrs after IPO (as long as classified as EGC)
EGC can submit IPO draft to SEC staff prior to company’s IPO date
Only 2 yrs of audited FAR are required for EGCs
Can test waters on interest in IPO
Qualifying EGCs are also exempt from auditor attestations of internal control over FAR and executive compensation disclosures within 5 yr period following their IPO
