June 11, 2005
Attacks on the Business Judgment Rule
At a conference yesterday in New York city I heard a Noble prize winner in economics and the Dean of the country's top business schools attack the business judgment rule. Both declared that the rule needed to be relaxed so that board's would be more accountable. This follows academic calls for a relaxation of the business judgment rule on the buyer's side in large scale acquisitions. The Disney Case in Delaware suggests that the good faith exception to the application of the business judgment rule is growing. Asked how one will get independent directors to serve on board's without the protection of the business judgment rule, the Nobel prize winner called for "professional independent directors." This proposal has also been around for some time. At issue is whether there is a growing groundswell of support for relaxing the business judgment rule.
The SEC and Sarbanes-Oxley
Whenever I go hear an SEC official speak on Sarbanes-Oxley they defend the statute and ask that business give it time to work. The defense can get very sanctimonious. Steve Culter's speech, given before he retired as Chief of Enforcement is recycled. He read a quote attacking a securities enforcement statute that sounds like some of the complaints against SOX and noted that it was made in 1933 in response to the Securities Act of 1933 (which we all know to be a success). It's a cheap debater's trick of course; designed to forestall a detailed look at the new act. Even a high-schooler knows that one enforcement statute is different from another.
What is irritating however is the SEC's role in all this. The SEC was asleep at the switch during the financial scandals in the early 2000s' and their inactivity was a major cause in the need for the new legislation. Now the SEC is trumpeting the new legislation as a position step forward (some of it is and some of it is not). Part of the legislation is a direction from Congress to the SEC to read the filings of private companies for pete's sake. This came after testimony before Congress revealed to an astonished Senate Committee that the SEC had not read the Enron filings in some time. Force companies to file thousands of pages of documents and no one at the SEC reads them if the auditor and legal firms on the documents are well known.
So the SEC, asleep at the switch in 1998 to 2001 and with the enforcement power to do something about it, now gets rewarded by a grant of larger powers from Congress. The SOX grant goes beyond additional traditional enforcement powers and gives the SEC jurisdiction into the structure and processes of American business operations.
Wonderful. Fail at your job and get more power and a bigger budget -- and unabashedly brag about it.
June 9, 2005
Sarbanes-Oxley Section 404: the Regulatory Problem
I have read the full transcript of the April 13th SEC roundtable on Section 404, attended by all the SEC Commissions, the chair of the PCAOB and various auditors and industry representatives. At the conclusion Commissioner Goldschmid noted that there was little criticism of Section 404 itself or of the SEC rules on Section 404 or of Audit Statement 2 from the PCAOB on 404 (with the exception of small business problems) that the problems were in the "implementation" of the Section. Accountants were too "conservative" in applying the Section and rules. The SEC/PCAOB repeated this theme in its interpretative release of May 16th, 2005. The accountants were too "mechanical", using a "one-size-fits-all" mentality.
The position fundamentally disregards the incentive structure set up by the Section. Accountants know that if they audit a company that has defrauded its investors that accountants will be in a heap of trouble. Moreover the accountants know that they are subject to periodic inspections by the PCAOB. So audits pursue a strategy to minimize after the fact prosecution risk -- they standardize (based on industry group principles), they are literal (dot every i and cross every t) and they interpret ambiguity in the rules in favor of checks and tests (I guess this is how the Commissioner uses the term "conservative"). The auditor's engage in "defensive auditing." Moreover, this labor intensive approach has the not unappreciated tendency to increase auditor's bills (by 60% this year). The SEC does not want to write detailed rules; it wants to rest on principles and standards. So the audits take the general rules and push them in favor of coverage and tests.
The SEC's repines is to criticize the auditors' conservatism when the auditors can be expected to do nothing else. The SEC is now calling for the auditor's to exercise more "judgment" on what is "reasonable" when auditors want to do nothing of the sort. A reasonable judgment made now does not look so reasonable in court when the firm is bankrupt as the result of financial fraud. The SEC needs to have a better handle on the inherent incentives of those regulated when it promulgates these rules. The "surprise" in implementation is due to SEC negligence (or ignorance), not the misbehavior of industry participants.
June 8, 2005
Constituency Statutes and GM Layoff Announcement
General Motors' announcement that it would lay off over 25,000 employees caused its stock price to jump. It is an example of when the employees' and the investors' interests do not match -- it was in the investors' interest to cut back GM's workforce but not, obviously, in the interest of GM employees. Those would support state "constituency statutes", statutes that permit managers to take into account the interest of employees as well as investors are pressed by the example. Should GM, in the interest of employees, have not restructured? Hardly. If employees' interests dominate, GM would soldier along losing money until it could no longer function outside of bankruptcy reorganization. Constituency statutes are seductive but ought not replace the hard reality that investors interests ultimately should dictate the decisions of the board.
Regulation of Hedge Funds
One of Donaldson's more controversial legacies is the registration of hedge funds, scheduled to take effect in February of 2006. There is some question whether the new SEC Chair, Chris Cox, will roll back the regulations. If not, hedge funds will be subject to regular SEC audits and inspections. The funds will also have to file information with the SEC on their trading strategies, portfolio valuation methods, and senior executives. There are the normal regulatory problems. Small funds cannot afford the compliance costs as well as large ones; some funds will be driven offshore; and some funds will operate on the borders of the rule (requiring investors to commit to two years, for example, to take advantage of the private equity fund exemption). Like most of what the SEC has done of late these issues do not seem to have be very carefully thought out. So whether the regulation will stick is in doubt and whether the regulation will work if it does stick is in doubt.
June 7, 2005
Antitrust and High Tech: The Johnson & Johnson and Guidant merger
Antitrust authorities are going to be sorely tested by the new wave of mergers in the high tech industries. They are going to be asked to get a bead on very fast moving targets. Consider the Johnson & Johnson acquisition of Guidant Corporation. J&J is much larger, with $48 B in revenues to Guidant's $4B, and some of Guidant's products will fill holes in J&J's product line. But there is the matter of stents. There are only two companies that can sell drug coated stents and J&J is one of the two with 35% of the market. There are three other companies seeking regulatory approval to offer stents and Guidant is one of the three. So in the stent market, the merger will give J&J 50% of the market. What do regulators do? Block the deal; make Guidant sell the stent business before the merger; or let it go, assuming that the market and technology is evolving too fast to make any decisions on market power.
The Origin of the SEC/PCAOB Rules on Section 404
For those wondering how the SEC/PCAOB drafted the Rules implementing Section 404 that have proven to be so difficult to apply (they still do not apply to small business and foreign filers) the history is revealing. Two trade organizations of auditors, one called the Treadway Commission's Committee of Sponsoring Organizations (COSO) and the other the IT Governance Institute (COBIT) wrote a set of recommendations on internal controls over ten years ago. COSO offered recommendations on financial controls and COBIT offered recommendations on information technology controls. The SEC and PCABO used these trade committtee reports as the basis for their requirements. Note the problems here. First the controls were written by accountants and auditors, in part to drum up business. They were voluntary; they were recommendations; they not intended to be binding. [Technically the SEC requires the use of rules "established by a body of experts"; the COSO rules are not the exclusive rules that may be used, but in practice they are the ones used.] Second, American business organizations were not represented in the formation of the recommendations. They were written by the accounting and auditing professionals. This is like barbers writing recommendations on how often to get a haircut and Congress making the recommondations into binding law. COSO has representatives of the American Accounting Association, the American Institute of Certified Public Accountants, the Financial Executives Internation, the Institute of Internal Auditors and the Institute of Management Accountants. COBIT relied heavily on PriceWaterHouseCoopers, Deloitte, and KPMG for authorship of the recommendations. Third, the recommendations were written with the country's largest firms in mind. They were not written for smaller companies and they were not written for foreign issuers. Fourth, they were not written in operational detail. They were best practice recommendations not rules. Now the the PCAOB and SEC have turned them into legal rules, a task for which they were not designed, we have a mess on our hands.
June 6, 2005
Sarbanes-Oxley: A Blank Check for Auditors
Section 404 imposes huge penalties for complying with vague standards on measuring the effectiveness on a corporation's internal controls. The big winners? Auditors. Auditors are SOX policemen. The SEC estimated, in proposing Section 404 rules in 2002, that the additional audit costs would be "minimal." The evidence from the first round of 404 filings by the country's larger firms is that audit fees jumped over 58% (and this on top of 20% increases for the past three years). The average additional audit fee for Section 404 attestation was, in a survey of 217 corporations (FEI study), $1.3 Million -- hardly minimal. Moreover, issuers cannot negotiate with auditors for lower fees -- there are only 4; they charge similarly; and, to top it off, changing auditors requires an immediate Form 8K notice that will hammer the issuer's stock price as Wall Street rumors start to fly. This is the ultimate irony: Over 60% of the provisions in SOX were aimed fixing an auditing industry that failed to catch major financial frauds; yet the Act has been an auditing industry boondoggle. What a regulatory train wreck; this is nothing short of a catastrophe.
A new study by Professor Zhang at Rochester estimates that the passage of Sarbanes-Oxley in 2002 caused stock prices to drop around $1.4 Trillion. See Economist magazine. In other words, investors decided that the passage of the Act made them substantially worse off than they were before the Act was passed.
June 5, 2005
SOX, Section 404 and the SEC: A Huge Estimation Error
It was one of the worst SEC predicitons in its history. In the SEC June 2003 release, the agency estimated the cost of complying with its new rules on Section 404, requiring a firm to implement "internal controls." The estimate? An average cost of $91,000 a company. The SEC did not even add the cost of an auditor's attestation. The additional auditor's fee to add the attestation to an normal audit would be "miminal." The rules became effective in November of 2004 and early surveys show that Section 404 cost an average of $4.3 Million per company to implement. Audit fees increased by a whopping 58%, or an average of over $1Million per company. The SEC was wrong by a factor of 70! The SEC's response? A delay in applying the rules for foreign companies and for companies with under $75Million in revenue. Domestic companies, in competition with the foreign companies complained. The SEC held a "roundtable" and then issued a May 15th Interpretative Release chiding auditors and companies to getting to technical in their compliance. It is no wonder Donaldson resigned soon thereafter. This is one of the biggest blunders in the agency's history.