Securities Law

Archive for March 2013

Posted on Wednesday, March 27 2013 at 2:04 pm by

What’s Up With the Dodd-Frank Whistleblower Bounty Program?

You might be wondering what happened to the Whistleblower Bounty Program that was announced with great fanfare as part of the Dodd-Frank Act in the middle of 2010. In the almost three years since that Act was passed, only one bounty has actually been paid–a not very impressive $50,000 payment. But this belies the fact that many more, and likely much larger, bounty payments are just over the horizon.

The Dodd-Frank Bounty Program requires the SEC to pay a bounty of from 10% to 30% of any monetary recovery greater than $1 million that is attributable to original information received from the whistleblower. The Office of the Whistleblower within the SEC was established in early 2011, and it was soon fully-staffed and busily at work, receiving over 3,000 tips in the 12 months ended June 30, 2012. The single payout was made in August 2012.

The reason there has only been one award made so far is the long lead time required to get to an actual payment to a whistleblower. After a tip has been received, it must result in the company being required to pay monetary payments of greater than $1 million, whether through a settlement or administrative proceedings. Of course, finalizing these type proceedings can take many years, and would rarely be complete in as little as one year. Only after a $1 million plus monetary sanction is finalized does the whistleblower submit an application to the SEC for a bounty payment. This then commences a whole new administrative process where the SEC determines if a bounty payment is called for under the statutory conditions and, if so, in what amount.

So, not even the tip of the iceberg has been seen to this point; and there are many more cases winding their way through the administrative process, which will ultimately wind up paying bounties. These will almost certainly include some big, multimillion dollar bounty payments, which are going to get a lot of public attention. Governmental officials should be expected to use that platform to encourage even more tips.

The Chief of the Office of the Whistleblower already has been quoted as saying “We are open for business and ready to pay people who bring us good, timely information.” You can bet that these type statements will be made even more vigorously in conjunction with future multimillion dollar bounty payment announcements. As a result, public awareness of the bounty program, and enthusiasm for becoming a part of it, will increase substantially in the coming months and years. So the bounty program is hardly in a hiatus; to the contrary, the posse is riding hard and the excitement is about to begin!

Posted on Thursday, March 14 2013 at 1:49 pm by

Nasdaq’s Proposed New Internal Audit Function Requirement

On March 4, 2013, Nasdaq issued a proposed new rule that, if approved by the Securities and Exchange Commission (“SEC”), will require listed companies to establish and maintain an internal audit function.  The proposed rule is open for public comment until 21 days after publication in the Federal Registrar, but it is expected to be approved by the SEC.  It would make this Nasdaq listing requirement similar to that of the NYSE, which already has an internal audit function requirement. 

By requiring an internal audit function, Nasdaq seeks to ensure that a company’s management and audit committee receive ongoing assessments of the company’s risk management processes and system of internal control that are provided independently from the company’s routine accounting and financial reporting regimes.  A company will be allowed to outsource the internal audit function to any third party (other than its independent auditor), but the audit committee must maintain sole responsibility for oversight, and it may not allocate or delegate that responsibility to another board committee.

The proposed rule does not prescribe many other specifics for the implementation of an internal audit function, and it does not indicate how Nasdaq will assess compliance with the requirement, beyond certain matters implicit in Nasdaq’s statement of the audit committee’s oversight responsibility.  That statement makes clear that the audit committee will be expected to arrange periodic meetings with the personnel engaged in the internal audit function (whether they are company employees or personnel of an outsource provider) and with the company’s independent auditors, as a way to ensure both (a) receipt of the types of assessments the rule is targeting and (b) more generally, that the assigned responsibilities, budget, staffing and other aspects of the internal audit function are adequate for it to be effective. 

The proposed rule seems unlikely to impose substantial additional effort on most issuers, and Nasdaq noted that many of its listed companies already have an internal audit function.  However, there are no special provisions to modulate requirements for Smaller Reporting Companies, so those issuers will be subject to the same requirements as all other issuers. 

In any event, many Nasdaq issuers with an existing internal audit function, particularly smaller companies, might benefit from a review of their processes and procedures to make sure this function will operate properly under the new requirement.  Among other things, issuers may want to:

  • Formally designate the individuals (and their requisite qualifications) who comprise the issuer’s internal audit function, whether they are existing or new employees of the issuer or personnel provided by an outsourced arrangement.
  • Consider whether titles or job descriptions of any of the issuer’s employees who have been performing de facto the internal audit function (and who will continue that role) should be updated and expanded to better reflect the Nasdaq requirement.
  • Consider whether lines of reporting responsibility need to be clarified, revised and/or formalized.  (Important issues often arise in integrating or balancing procedures for the requisite independence of personnel who are involved in the internal audit function with a company’s procedures for its routine accounting and financial reporting functions.)
  • Check the Audit Committee’s charter to assure that it reflects the oversight and other responsibility envisioned by the new rule.

If the new rule is approved as proposed, companies listed on Nasdaq on or prior June 30, 2013 will need to comply with the new listing requirement by December 31, 2013. Companies listed on Nasdaq after June 30, 2013 will be required to establish an internal audit function prior to listing.

Subscribe to Kilpatrick Townsend's Legal Alerts to help you stay current of new and noteworthy legal issues that may affect your business.