Posted by Jason M. Halper, Orrick, Herrington & Sutcliffe LLP, on
Sunday, July 19, 2015
Jason M. Halper is a partner in the Securities Litigation & Regulatory Enforcement Practice Group at Orrick, Herrington & Sutcliffe LLP. This post is based on an Orrick publication by Mr. Halper and William J. Foley Jr.
In recent months, issues related to internal control systems and reporting have taken on an increased profile and significance. For example, as previously noted by the authors here and here, the SEC has sought to prioritize compliance with internal controls by initiating a growing number of investigations into companies based on allegations of inadequate internal controls.
By way of background, “internal controls” refers to the procedures and practices that companies use to manage risk, conduct business efficiently, and ensure compliance with the law and company policy. Public companies are required to maintain sufficient internal controls by the securities laws. In particular, Section 404 of the Sarbanes-Oxley Act (as amended by the Dodd-Frank Act) requires, among other things, that: (i) company management assess and report on the effectiveness of the company’s internal control over its financial reporting, and (ii) the company’s independent auditors verify management’s disclosures. Sarbanes-Oxley also created the Public Company Accounting Oversight Board (“PCAOB”) to oversee public company audits, including the audits of internal control reporting. The PCAOB, in turn, conducts regular inspections to ensure compliance with laws, rules and professional standards.
READ MORE »