Corporate Governance Flashcards
What is included in a corporation’s Articles of Incorporation?
1) Name
2) Address at time of filing
3) Purpose
4) Name of registered agent
5) Name and address of each incorporator
6) Number of authorized share of stock and types of stock
What are included in the bylaws?
1) Minimum and maximum number of directors
2) How they are selected and compensated
3) How often they meet
4) Nature of responsibilities
General duties of the board of directors
1) Fiduciary duty (act loyally, act with a duty of care, act with due diligence)
2) Determine/revise mission and amend bylaws
3) Strategic planning
4) Selection/oversight of the CEO
5) Securing availability of financial resources
6) Budget and proposal approvals
7) Determine management compensation
8) Dividend policies
9) Reacquire treasury stock
NASDAQ and NYSE requirements for BoD
1) Majority of directors be independent (can’t have been employee/affiliate, employee/partner of external auditor, can’t have family member who was recently an officer, director or family received more than $120,000 for any 12-month period within last 3 years)
2) Non-management directors must meet on a regularly scheduled basis
3) Maintain independent audit committee
4) Adopt comprehensive code of conduct
Business judgement rule
In general, directors will not be liable for their decisions unless guilty of fraud
Committees required for publicly-held companies
1) Audit
2) Compensation
3) Nominating & Corporate Governance
Nominating Comittee
1) Overall corporate governance
2) Determine who serves on the board
3) Oversee CEO succession
4) Keep integrity of the nominating process
Dodd-Frank requirements of nominating comittee
Must disclose if chair of the board is also the CEO, and disclose reasons why they are or why they aren’t
Audit Comittee
SOX Requirements:
1) Independent directors
2) At least one must be financial expert
3) Appointment, compensation, and oversight of auditors
4) Establish internal controls
5) Deal with complaints and whistleblowers
6) Also requires CEO and CFO to certify reports filed with SEC (10K and 10Q)
Compensation Committee
1) Independent
2) Determine compensation for directors and executives
3) Develop compensation approach/philosophy
4) Review say-on-pay proposals by shareholders
5) Dodd-Frank requirements:
- Say on Pay - SH approval of executive officer compensation, how often to vote, and “golden parachute approvals”
- Disclosure - enhanced disclosure relating executive compensation to entity’s financial performance
- Clawbacks - recoupe compensation when required to restate FS
Management Oversight through Compensation and Monitoring
1) Find balance between different forms of compensation to motivate management without causing management to try maximizing their compensation at the detriment of the entity
2) Fixed compensation - salary and perks
3) Incentive compensation - bonuses, share based compensation (options, shared appreciation rights, restricted shares, performance shares)
SOX Requirements for External Auditors
1) Public accounting firm registered with the Public Company Accounting Oversight Board (PCAOB)
2) Independence (can’t provide performance of many nonaudit services)
3) Partner rotation
4) Attest to and report on management’s annual assessment of internal controls
PCAOB Audit Standard 5 Integrated Audit
Requires auditor to examine the design and effectiveness of internal control over financial statements (ICFR) in order to provide a sufficient basis for an opinion of its effectiveness in preventing or detecting material misstatements of the FS
Internal Control - Integrated Framework (COSO)
Definition of internal control - A process, effected by board of directors, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance
COSO - Five Components (that the 17 Internal Control Principals are a part of)
CRIME (5, 2, 1, 3, 4)
1) Control Activities
2) Risk Assessment
3) Information and Communication
4) Monitoring
5) Control Environment
COSO - Control “E”nvironment
Tone at the Top - the most significant internal control component when it comes to sending a message throughout the organization as to the entity’s attitude about ethical behavior
CHOPPER:
1) Commitment to Competence - Employees must possess the skills and knowledge essential to performing their jobs, especially those responsible for performing important control functions
2) Human Resource policies and procedures - Effective policies and practices for hiring, training, evaluating, counseling, promoting, and compensating employees
3) Organizational structure - Provides basis for planning, directing and controlling operations
4) Philosophy and operating style of Management - The manner in which management runs the organization can have significant effect on the control environment (tone at the top)
5) Participation of the BoD or audit committee - Both groups play a key role in establishing IC
6) Ethical and Integrity vales - Management should encourage appropriate behavior and lead by example. Values established through code of conduct, official policies, and by example
7) Responsibility and Authority Management - Segregation of duties and clear understanding of responsibilities and rules and regulations that govern them
COSO - Risk Assessment
1) ID/Analyze/Manage risk relevant to the preparation of financial statements that are fairly presented in conformity with GAAP
2) Clear objectives making it easily to ID and evaluate risk
3) Analyze risk to determine appropriate management (type, likelihood, effects, time of effects, appropriate responses)
4) Fraud risk assessment
5) Potential impact of changes within the entity on effectiveness of IC
6) Possible factors - competition, new personnel, new information systems, rapid growth, new technology, new lines of business, corporate restructurings, foreign operations, accounting pronoucements
COSO - Control Activities
1) Policies/procedures to help ensure that the entity’s objectives are achieved
2) Types of control activities (PIPS):
- Performance reviews - actual vs. budget, P/Y, financial to non-financial
- Information process - (IT) General vs. Application controls
- Physical controls - Access to assets
- Segregation of duties (ARCC) - Authorizing transactions, Recording transactions, Custody of assets, performing Comparisons/reconciling (prevent both perpetrating and concealing errors and irregularities)
COSO - Information and Communication
1) Open communication channels are essential to the proper functioning of internal control
2) Information system consists of methods and records used to ID, record, measure, process, summarize, present, and disclose and report transactions and to maintain accountability for the related accounts
3) Communication involves establishing individual duties and responsibilities relating to internal control and making them known to involved personnel
COSO - Monitoring Activities
1) Ongoing evaluations and separate evaluations (are IC functioning effectively?)
2) Internal auditors are evaluators
3) Sequence of activities:
- Control baseline (understand current system)
- Change identification - ID and address changes in effectiveness of IC (ongoing and separate evaluations)
- Change management - are changes needed and types of changes
- Control revalidation/update - new baseline understanding of revised system
Limitations of Internal Control (COCCO)
1) Collusion
2) Override by management
3) Competence
4) Cost/benefit constraints
5) Obsolescence - change in operations or size
Process for each system when designing internal control structure
1) Initiation - At what point is a transaction initiated?
2) Authorization - What must occur before entitiy is willing to commit resources to fulfilling its performance obligations?
3) Execution - What procedures need to be performed and what forms need to completed? (PPN - preprinted, prenumbers, and numerically controlled)
4) Verification - What safeguards are built into the system to make certain that errors are not made and fraud is not committed? (occurs throughout the process)
Requirements for well designed system for a business process
1) Forms designed to require process be completed properly
2) Only appropriate parties receive copies that have the information necessary to perform duties
3) Segregation of duties (ARCC)
Issues for segregation of duties in an environment that is heavily technology oriented
1) Limit physical access to various components of the system to those who need access
2) Use firewalls and passwords to limit access within the system
