EXECUTIVE
SUMMARY | DISCLOSURES OF FAULTY
PRACTICES at public companies
have led to restrictions on services a CPA
may provide to audit clients.
IN 2001 AUDITOR
INDEPENDENCE RULES gave CPAs
more freedom to buy and sell securities,
increasing the risk that firms may
violate laws against insider trading.
THE SEC SAYS AN
INDIVIDUAL with “material,
nonpublic information” about a security
or its issuer must either abstain from
trading in the securities of the company
or he or she must properly disclose what
is known before buying or selling them.
Violators are subject to stiff civil
penalties.
THE COURTS AND THE
SEC APPLY three sets of rules
to decide whether insider trading has
taken place: traditional (information
stemming from a relationship of trust
with an entity or its shareholders),
misappropriation (information disclosed
in confidence) and tender offer
(information about a company that’s in
play).
UNDER TRADITIONAL
RULES, all partners and
employees (including non-CPA staff) are
fiduciaries for all clients of the firm
regardless of whether they perform audit
or nonaudit services.
TO AVOID BREAKING
THE LAW, a firm should
solicit insider trading advice from
experienced securities lawyers. Then it
must identify risky situations, develop
a written policy to manage them and be
sure that all staff members understand
its procedures. | SUSAN IVANCEVICH, CPA, PhD, is
an assistant professor at the University
of North Carolina at Wilmington. LUCIAN C.
JONES, JD, and THOMAS KEAVENEY, CPA, are
executives in residence at the University
of North Carolina at Wilmington. Their
e-mail addresses are, respectively, ivancevichs@uncw.edu
, joneslc@uncw.edu
and keaveneyt@uncw.edu
. |
ecent disclosures of faulty
practices at Enron and WorldCom have put CPA
conduct under a microscope. They have led, too, to
the 2002 passage of the Sarbanes-Oxley Act, with
its sweeping changes to the U.S. financial
reporting system and restrictions on services a
CPA may provide to audit clients. Nevertheless,
changes in auditor independence rules in 2001 gave
CPAs more freedom in managing their personal stock
portfolios to buy and sell securities issued by
their firm’s clients. The changes increased the
risk that CPAs and their firms might inadvertently
violate laws prohibiting insider trading unless
they have careful procedures in place to avoid
that possibility. Partners and staff face
tough decisions when managing the insider trading
risk inherent in the freedom to buy and sell
securities. It’s a responsibility that requires a
meticulous response in this post-Enron,
Sarbanes-Oxley Act era. Many large accounting
firms now have internal legal task forces to
consider insider trading issues, and all
accounting firms need to be aware of new insider
trading risks. Smaller CPA firms may not yet have
safeguards against them in place, however. This
article summarizes insider trading laws, presents
four common scenarios to illustrate how insider
trading risks may arise in accounting firms and
recommends steps CPAs and their firms can take to
manage those risks. (For more information on SEC
Rule 2-01 revisions, see “ The
Engagement Team Approach to Independence, ”
JofA , Feb.01, page 57.)
WHAT THE RULES SAY
Rules under the
Securities Exchange Act of 1934 make it unlawful
for any person, in connection with the purchase or
sale of a security (publicly traded or not), to
engage in any action that deceives or would
operate as a fraud upon any person.
In
general, insider trading occurs when a
person has “material, nonpublic
information” about a security or its
issuer and buys or sells that security.
The SEC says an individual with such
inside information either must abstain
from trading in the securities of the
company or properly disclose what he or
she knows before buying or selling them.
Violators of these rules are subject to
civil penalties of up to three times the
illegal profits gained or losses avoided
by the insider trading plus criminal
penalties. Criminal penalties for
individuals may be a fine of as much as $5
million, prison for as long as 20 years—or
both. Courts also permit injured private
parties to sue for damages. |
Penalties Can Be
Stiff
A conviction for
profiting by just over
$10,000 in an illegal insider
trade would lead to a
mandatory jail sentence
of 8 to 14 months.
Source: Matthew Haverstick
of Barley, Snyder, Senft &
Cohen LLC, mhaverstick@barley.com
.
| |
To decide whether insider trading has taken
place, the courts and the SEC apply three sets of
rules: traditional, misappropriation and
tender-offer rules (see “ Insider Trading Risk
in Practice ,” at the end of this article).
FOUR INSIDER TRADING SCENARIOS
The scenarios below illustrate situations in
which CPA firms are likely to face insider trading
risks. In each situation traditional insider
trading rules apply to information anyone in the
firm gets from a firm client. If that information
is about a tender offer, the tender offer rules
could apply as well. If a firm partner or employee
discloses the inside information to a confidant
who is not a firm partner or employee, then the
misappropriation rules may apply.
1. A partner of a CPA firm owns
stock in a firm client. She does not participate
in any attest engagements for this client, is not
in a position to influence the client’s attest
engagements or the professional staff performing
those engagements and works in an office of the
firm that performs none of the attest work for the
client. At a recent meeting, this partner learns
about certain nonpublic activities of the client
that are not material in and of themselves. But
the partner combines that information with other
publicly available information about the client or
the industry and concludes that the client’s stock
price will decline. Can she sell the stock without
violating insider trading rules?
Recommended action: The
partner in this case may believe the information
about the client was not material and that a sale
of the stock would be lawful. But since the
nonpublic information led the partner to sell,
others might conclude the information is by
definition material and that the sale is unlawful
insider trading. To avoid liability risk, the
partner should make no sale until after the
information becomes public.
2. A partner in a CPA firm is
responsible for attestation engagements for a
client of the firm. He maintains his independence
from the client. The partner learns the client has
pending a significant acquisition of another
company that will be announced to the public at
the end of the week. What responsibilities under
insider trading regulations does that partner have
when disclosing the information to other partners?
If informed, what responsibilities do the other
partners have under the insider trading rules?
Recommended action: To
minimize insider trading risks, the partner might
decide not to share what seems to be material
nonpublic information with anyone in the firm
other than those individuals with a need to know
who are also required to be independent of the
client. This might include members of the audit
team, reviewing partners and others directly
involved. If the partner does share the
information with others, they should be advised
the partner believes the disclosure is of material
nonpublic information that shouldn’t be
communicated to others outside the firm or acted
on (buying or selling stock of the client or the
acquisition target) before the information becomes
public. All recipients of the material nonpublic
information, whether appropriately advised by the
partner or not, should be aware of their potential
liability under the insider trading rules if they
buy or sell stock of the client or the target, or
disclose the material nonpublic information
outside the firm, before the information becomes
public.
3. Several partners in a CPA firm
serve clients in the same industry, both in attest
and other capacities. Quarterly, they get together
to share ideas and discuss industry conditions
based on public information and insights gained in
the course of serving their clients. These
meetings are very helpful to the partners in
designing audit strategy that adds value both to
attest and to other services they provide. Some
partners who participate in the meetings hold
stock in clients they do not serve in an attest
capacity. When holding these meetings, what
“ground rules” should the partners observe in
order not to violate the insider trading rules?
Recommended action: At the
beginning of each meeting, all partners could
disclose the names of the industry companies in
which they have a financial interest. All partners
attending could also, as a routine matter,
acknowledge their understanding of the insider
trading rules and their obligation to comply with
them with respect to material nonpublic
information shared at the meeting.
4. A manager, a senior and two
staff members (including one who is not a CPA) are
sitting in a “bull pen” area of their firm’s
office when they overhear two employees discussing
material nonpublic information about a firm
client. None of the eavesdroppers is a member of
this client’s engagement team. Under the new
independence rules, none of the eavesdroppers is
required to remain independent of this client.
What rules apply regarding whether the
eavesdroppers are “innocent” and can act on or
share that material nonpublic information with
others?
Recommended action: It is
clear these eavesdroppers aren’t “innocent.” They
are subject to the traditional rules (applicable
to fiduciaries) and may not buy or sell stock of
the client until after the material nonpublic
information becomes public. Nor would it be
prudent for them to disclose the information
outside the firm, as this would violate the
confidentiality requirement in the profession’s
code of ethics and risk their personal and firm
liability for being “tippers” of inside
information.
MANAGING THE RISK
CPA firm staff members who buy or sell
securities must adhere to high ethical standards
in all cases, and to avoid breaking the law,
partners and staff need to follow stringent
safeguards. To help shape them, a firm first
should solicit advice from lawyers experienced in
insider trading matters. Next, it must analyze its
business in order to
Identify types of situations where
material, nonpublic information may be exchanged
(such as staff meetings or by circulating written
materials within the firm).
Take steps to manage the risk in
those situations (remind administrative staff
members that they cannot trade on or disclose
material nonpublic information gleaned from memos
they prepare or learned from anyone else in the
firm).
Be sure all staff members grasp firm
policies and procedures; have them take training
in insider trading rules and have printed
guidelines on the subject that they must read and
confirm their understanding of in writing.
Include the following elements in a formal
firmwide approach to insider trading risk
management:
Firmwide education. To
teach the staff about insider trading rules and
keep the issue at the forefront, have an expert
talk to the staff on insider trading issues at
scheduled intervals, such as annually. Lawyers and
law professors whose current practice or teaching
is substantially devoted to securities law and
insider trading issues can bring in the right
expertise. To find one, ask for recommendations
from business professionals in the area.
Written firm policy.
Develop a policy statement and have
each partner and employee sign it to acknowledge
their understanding of, and agreement to abide by,
insider trading rules and the firm’s securities
policy. This may reduce partnership liability if a
partner or employee commits a violation. To
develop a policy, find a law firm that prepared
its own insider trading guidelines and hire it to
adapt them to your accounting firm. Have legal
counsel tailor a statement to your practice and
investment needs. Ask the bar association or
business professionals in the area for a
recommendation. The narrowest policy, of
course, is to not buy or sell securities issued by
a client. A slightly broader policy would prohibit
buying or selling securities issued by a client
designated on a firmwide “restricted” list as a
client about whom the firm may have material
nonpublic information. Another alternative: Permit
firm personnel to trade clients’ securities only
when they’re held indirectly through a mutual fund
(the fund and manager should not be firm clients)
or in a discretionary investment account, where
someone unconnected to the firm (that is, free
from access to its nonpublic information)
independently decides what securities to buy or
sell.
Committee to regulate securities
transactions. To provide greater
flexibility, the firm could permit personnel to
buy or sell securities issued by a client only if
the purchase or sale is approved in advance by a
firm committee in charge of preventing insider
trading. This committee would comprise several CPA
firm partners trained in insider trading issues
and having authority to monitor compliance with
the independence rules and to oversee every
security transaction. To be effective,
they would need a data system to keep them current
on all firm clients, the staff working for each
client and whether the types of engagements for
that client were likely to result in the firm’s
having inside information about it or another
company (such as a target the client plans to
acquire). To OK a trade, a committee member would
check the data to ascertain whether the firm might
have inside information. If there was no risk of
unlawful insider trading, the member could approve
the trade. If risk was present, the member could
block the trade. A committee partner, of course,
would not participate in any decision about a
security he or she wished to buy or sell.
Again, to set up such a committee, retain a law
firm that uses a comparable structure and can
adapt it to the needs of the accounting firm at
relatively little cost.
A FINAL POINT
Many in the profession encouraged the SEC
and AICPA to adopt new engagement team rules.
Relaxing those rules clearly gave CPA firms more
flexibility in maintaining independence. But
scrutiny under the insider trading laws and the
oversight of CPA firm partners and employees have
tightened. Together these two trends increase the
possibility of potential insider trading
violations for CPA firms. In this
environment CPA firms now must take steps to
effectively manage insider trading risks. They
must adopt and actively implement a system to
block unlawful insider trading by their partners
and employees, keeping in mind that no matter how
strong the system, a key factor for success will
continue to be hiring smart, well-educated people
who exercise good judgment.
Insider Trading
Risk in Practice CPA
firms are subject to the three types of
insider trading rules in the following
ways:
Traditional rules.
These place liability on
fiduciaries and their “tippees.”
Fiduciaries are persons whose
professional activities put them in a
relationship of trust and confidence
with a corporation or its shareholders.
They include directors, officers and
outside advisers such as lawyers,
investment bankers and accountants.
Fiduciaries who receive confidential
information in the course of their work
with a company are technically
“insiders” and violate trading rules if
they
Trade in the securities of
a company while possessing material
nonpublic information about it.
Disclose material nonpublic
information to others, knowing it is
confidential and expecting to profit
from the disclosure. (Their personal
gain need not be substantial; even a
thank-you gift from a friend may
suffice.) Tippees are people
with no fiduciary obligation to the
company to whom an insider discloses
material nonpublic information. A tippee
violates insider trading rules if
He or she trades in the
securities of the company while in
possession of such information.
The tippee knew or should
have known that the insider violated a
relationship of trust by disclosing the
information.
The insider intended to
benefit himself or herself or the tippee
through the disclosure.
CPA risk. Under
these traditional rules (and general
partnership law), all of a firm’s
partners and employees (including
non-CPA staff) are fiduciaries for all
clients of the firm. So even a partner
or employee who’s not on the audit
engagement team is a fiduciary for an
audit client, and a partner or employee
is a fiduciary for all nonaudit clients
of the firm. In addition, general
partnership law treats information known
by any partner or employee as legally
“known” by all partners and employees.
Partners and employees who trade in a
client’s securities may subject
themselves and may subject the firm to
insider trading liability if anyone else
in the firm has material, nonpublic
information about the client.
Misappropriation rules.
These extend insider
liability beyond fiduciaries and their
tippees to others, who incur liability
if
The insider gets
information that belongs to another
(usually the information source).
The insider breaches a duty
of trust (assumed or overt) to the
source to keep that information
confidential. The breach occurs if the
insider uses the information to buy or
sell securities or passes it on to
someone else who uses it.
Further, the SEC says that under the
misappropriation rules a person may have
a duty of trust or confidence when
He or she agrees to keep
information in confidence.
The person disclosing the
information and the recipient have a
history, pattern or practice of
exchanging confidences.
He or she gets material
nonpublic information from his or her
spouse, parent, child or sibling, unless
the person getting the information can
demonstrate that no duty of trust or
confidence existed in relationship to
that information. In contrast,
“innocent” eavesdroppers may be free of
insider trading liability if they have
no fiduciary duty to the relevant
company and accidentally overhear
material, nonpublic information about
it. To be innocent, eavesdroppers have
to be able to show that neither
traditional nor misappropriation rules
apply. For instance, assume that
at a Friday lunch, a couple sitting in a
restaurant overhear two unknown persons
discussing that two large brokerage
houses are going to issue a “strong buy”
recommendation for Megabucks Inc. The
woman immediately calls her broker and
buys a significant number of shares of
Megabucks stock. On Monday the
stock increases five points and she
sells. If she subsequently is accused of
insider trading, she will not have
violated the law if she can persuade a
jury that neither traditional nor
misappropriation rules apply. She would
have to convince the jury that she had
no relationship of trust or confidence
with Megabucks and that she didn’t get
the inside information from someone with
whom she had a relationship of trust and
confidence. Although some
defendants have avoided liability as
innocent eavesdroppers, it is likely the
government will prosecute, civilly or
criminally, and the eavesdropper will
incur considerable defense costs. A
prudent recipient of information should
not trade in a security without first
getting expert legal advice for his or
her specific circumstances.
CPA risk. Under
misappropriation rules, a firm’s
partners or employees who learn from a
client material, nonpublic information
about a nonclient company may subject
the firm to liability by buying or
selling that company’s securities.
Tender-offer rules.
The Securities Exchange
Act has stricter rules regarding tender
offers. Once someone takes a
“substantial step” to begin a tender
offer for shares of a public company,
the rules apply to two groups. The
first group includes traditional
insiders (such as the offering company,
the target company and their respective
officers, directors, partners,
employees, advisers and anyone acting on
their behalf) plus each person who gets
material information about the tender
offer and knows or has reason to know
the information is nonpublic. People in
this group may pass on information about
the tender offer to those who are
planning, financing, preparing or
executing it. They may not disclose
material, nonpublic information about
the offer if it’s reasonably foreseeable
that doing so is likely to result in a
violation of insider trading laws.
The second group includes anyone who
gets material information about the
tender offer directly or indirectly from
the offering company, the target or any
officer, director, partner, employee or
other person (such as the offering
company’s CPA) acting on its behalf. No
one in this group may buy or sell any
security of the target until a
reasonable time after public disclosure
of both the material information and the
source of those data.
CPA risk. Under
the tender offer rules, partners or
employees who learn of a tender offer
before it’s publicly announced may incur
liability by buying or selling the
target’s securities or simply by
disclosing the information to someone
not entitled to know. | |