ncreased legal liability often follows on the heels of increased responsibility. The audit committees of corporate boards of directors have been handed more responsibility—and perhaps greater liability—as a result of rules the SEC, the New York Stock Exchange, the American Stock Exchange, the National Association of Securities Dealers and FASB developed in the waning months of 1999. Although many audit committee members are protected by directors’ and officers’ liability insurance, (see box ), it is important that they understand the new rules and the potential for increased exposure these rules may impose on them. (See “ Audit Committee Rules to Improve Disclosure ,” JofA, Apr.00, page 15.
In the 1970s, massive financial disclosure problems at companies such as Lockheed and Penn Central created a furor as some blamed financial accounting irregularities on too-familiar relationships between corporate boards and outside auditors. To mitigate the problem, Congress passed the Foreign Corrupt Practices Act of 1977, and securities exchanges adopted rules requiring a corporate board to have an independent audit committee. These changes created a system of checks and balances—the board, the audit committee and the outside auditor. The three were to complement and check one another to ensure the transparency of books and records.
In the ensuing decade, little happened in the way of further regulation. By the 1990s, however, the volume and speed of financial communications put significant pressure on companies and individuals responsible for the content and timing of financial information, as an efficient marketplace responded to news almost instantly. Companies that did not fare well with the required disclosures, including Oxford Health Plans, Cendant, W. R. Grace and Waste Management, received the full wrath of the financial markets and the litigation machinery.
The shareholders of Oxford, for example, sued the company for mismanagement and misrepresentation of financial results to shareholders and the public. The company’s stock fell by nearly 50%, representing a $14 billion drop in market value. The company has reportedly agreed to settle the case for $2.83 billion.
As companies increasingly began to “manage” their financial disclosures, the practice prompted some to question the integrity of company financials. Regulators began to look more closely at devices such as
The matter reached a head with a now well-known speech, “The Numbers Game,” by SEC Chairman Arthur Levitt at New York University in September 1998. Levitt subsequently called for a committee to examine the financial reporting system. The result was the creation of the Blue Ribbon Committee on Improving the Effectiveness of Corporate Audits to study management’s role in financial disclosures.
The committee issued a report in February 1999, recommending that the various securities exchanges and the SEC implement rules that would provide audit committees with a self-regulatory framework emphasizing disclosure, transparency and accountability. These groups moved quickly, developing and authorizing such rules by yearend 1999, with implementation in 2000.
RESPONSIBILITY EQUALS RISK
The new rules call for more oversight and increase the workload of audit committees and boards. As such, they create a concomitant risk of increased claims exposure at a time when the Securities Reform Act of 1998 has generally made it more difficult for plaintiffs to pursue securities fraud actions. However, a plaintiff able to plead “failure to comply” with the new audit committee standards may now find it easier to bring such actions.
Here is a brief explanation of the new rules and the resulting liability risks that corporate directors face.
Financial literacy. NYSE and NASD rules (SEC release no. 34-41982 and SR-NYSE-99-39) provide that companies with a stated market capitalization must have audit committees consisting of at least three directors who are financially literate or who become financially literate within a reasonable time after their appointment. The audit committees also must have at least one member with accounting or related financial management expertise.
The risks. The liability risks are conspicuous, hinging on questions such as: What is financial literacy? How will it be measured? Is a breach of this requirement a basis for a breach-of-fiduciary-duty claim against the offending director, and is a breach grounds to sue those who select audit committee members? These questions will need to be answered in the inevitable litigation ahead.
Committee charters. The new SEC rules provide that a company proxy statement must indicate whether the audit committee has a charter; if so, the company should attach the charter to the proxy statement once every three years (SEC release no. 34-42266). The new NYSE and NASD rules do not give companies the choice of having a charter—they require one and dictate its elements, such as committee responsibilities and membership requirements. (For more on such charters, see “ The Audit Committee’s Roadmap ,” JofA, Jan.99, page 47.)
The risks. These rules (as well as many of the others) leave open the possibility that investors might sue the audit committee for failure to live up to the increased oversight obligations.
Soft discussions with auditors. Proposed changes to GAAS would require outside auditors to discuss with the audit committee of an SEC client the quality as well as the acceptability of the company’s accounting principles. The proposed changes to GAAS would mandate that auditors discuss the clarity, consistency and verifiability of information in the company’s financial statements as well.
The risk. The liability issues include the extent to which directors would be forced to master accounting principles to engage in these discussions and the degree to which they would have to reduce their past reliance on outside experts such as tax counsel, corporate counsel and accountants.
Independent committee members. The SEC rules require companies to disclose whether audit committee members are independent and the relationship that makes a specified member not independent. (In contrast, the NYSE and NASD rules require every audit committee member to be independent.)
The risk. Plaintiffs can use any deviation from these requirements in breach-of-fiduciary-duty actions against the board or even to bolster allegations of “scienter”—the intention to deceive, manipulate or defraud—in securities fraud cases if lack of independence is strong enough.
Audit committee warranties. SEC rules require that proxy statements include a representation by the audit committee that its members have reviewed and discussed the financial statements with management and the outside auditors and that they have received requisite disclosures from the outside auditors evidencing the auditors’ independence. Moreover, the audit committee must state whether it recommended to the board that the company include its audited financial statements for the previous fiscal year in the company’s annual report to the SEC on form 10-K. This requirement is designed to highlight the audit committee’s oversight function and provide information about voting decisions.
The risk. The impact may be that this and any other audit committee report will open members to increased liability. Does the audit committee have greater responsibility than ever before for financial reviews? What level of financial expertise must it apply? To what extent can audit committee members still rely on the company’s own outside auditors as experts? These questions remain to be answered.
Quarterly independent audits. Under SEC rules, a company must have an independent public accountant review its quarterly financial statements before filing them with the SEC. This requirement previously applied only to annual financial statements.
The risk. Although the purpose is to reduce the likelihood of yearend surprises, the result may be to create quarterly ones, thereby increasing the potential for liability.
Corporate boards, audit committees, companies and auditors all have been given new responsibilities that may serve to increase their legal liability. The full impact of these changes remains to be seen as companies apply the rules and make the required disclosures in the year ahead. While the new requirements will certainly enhance the information available to investors, the result could also be that plaintiffs will find it easier than ever to prove accounting irregularities, fraud and intent to deceive. The final result will not be known until certain questions are resolved in the almost inevitable legal actions.