In an age of stepped-up regulation and enforcement, accountants and their clients need to know how to cope with a variety of different agencies, including the Securities and Exchange Commission and the Public Company Accounting Oversight Board.
H. David Kotz, a former SEC Inspector General, has written a new book, “Financial Regulation and Compliance: How to Manage Competing and Overlapping Regulatory Oversight.” He describes how to deal with not only the SEC, but other government regulators like the Commodity Futures Trading Commission, along with self-regulatory organizations such as the Financial Industry Regulatory Authority and the National Futures Association.
“The overall theme of the book is that ever since Dodd-Frank the financial regulatory system has ramped up even more and created federal and state agencies, and self-regulatory organizations, all regulating companies, including on accounting issues, all doing it from different perspectives,” he told Accounting Today. “The rules are often overlapping, and it’s oftentimes unclear before you go to court which entity or agency has jurisdiction over what. One of the larger themes of the book is that when one is defending oneself from an agency like the SEC or PCAOB, when one of those regulatory entities is investigating or examining a company, it’s important to look at the particular agency or entity itself. Each regulator conducts itself in its own unique way, and it’s important to understand the motivations and approaches of each regulator to effectively manage the regulatory burdens.”
The book provides compliance professionals with advice on how to navigate the numerous regulations that have been enacted in response to the financial crisis. It also explains how to defend an organization from SEC, CFTC, FINRA and NFA enforcement actions, how to prepare for SEC, FINRA and NFA regulatory examinations, how to manage the increasing volume of whistleblower complaints, how to investigate such complaints, and more.
“What I try to do in this book is to say, Look, dealing with an SEC request vs. a PCAOB request, you have to defend it and deal with it in a completely different way,'” Kotz explained. “It’s important to understand the perspective of the entity that’s coming at you in order to do the appropriate work to try to limit any exposure or liability.”
The book includes practical advice from individuals who used to work at various regulators. “For example, for the SEC sections, I have former SEC examiners talking about how to defend an SEC exam and former SEC enforcement folks talking about how to defend an enforcement proceeding,” said Kotz.
Kotz, who is currently managing director at the consulting firm Berkeley Research Group, explains how aggressive executives should be in confronting federal agencies and self-regulatory organizations and describes how commenting on issues that affect a particular business area can be productive, or not.
“What the book provides is very particular advice for each situation,” he said. “Oftentimes because companies have so much to deal with, they just view all these regulators as the same. They feel like they can defend inquiries, exams or investigations in the same way. I don’t think that’s the best approach. You have to look at them individually, look at what their issues and motivations are, and get good, sound advice on how to deal with each one. The approach you might use, for example, with the PCAOB may be different than the one you use with the SEC or the CFTC, because the different agencies or regulators have different budgets, different levels of resources, different things that they prioritize, different motivations. If you are going to try to do your best to limit your exposure or liability when an agency comes calling, the best way to do that is to look specifically at how to defend yourself in those cases.”
While at the SEC, Kotz wrote a widely publicized report investigating the SEC’s failure to uncover Bernard Madoff’s Ponzi scheme, along with other high-profile reports concerning, among other things, Allen Stanford’s Ponzi scheme and an SEC settlement of an enforcement action against Bank of America. In addition, he authored a groundbreaking audit report analyzing the SEC’s oversight of Bear Stearns and the reasons behind its collapse.
Kotz said his job as Inspector General gave him an interesting perspective. “I was in a position where I saw all aspects of the SEC: the exam unit, the investigative unit and others,” he said. “I saw when complaints were filed about how the SEC acted, and I was able to get a good sense of the different motivations of the SEC and how they approached things. Doing research for the book and talking to the other experts that have contributed to the book, I realized that when the SEC, for example, comes in to do an exam or investigation, they’re looking at completely different motivations and issues than, say, a self-regulatory organization or a smaller entity. The SEC has some significant resources—more than the PCAOB or the CFTC—and the approach they use is very different. What you need to say to the SEC to satisfy them can be very different than what you need to say to another entity.”
Kotz confirmed the SEC’s enforcement division has been stepping up its scrutiny of accounting and financial reporting in recent years. SEC officials have acknowledged they are using what they call the Accounting Quality Model, or AQM, which employs quantitative analytics to identify outlying numbers that could potentially point to questionable financial results.
“There’s no question that financial accounting issues have become a priority for the SEC, particularly on the enforcement side,” said Kotz. “In order to properly defend against that, particularly if it’s a complex matter, my advice would be to try to find somebody—and there are people around—that worked on those modeling systems while they were at the SEC so they really have an understanding of what they’re looking for. It’s definitely something that has become a big priority and the SEC is really looking to bring more financial accounting cases.”
Nevertheless, he believes it’s important to be responsive to SEC requests, such as staff comment letters and “Dear CFO” letters.
“The most important thing is to be responsive,” said Kotz. “The way companies get into the most trouble is by ignoring the regulator. You clearly want to be responsive. You want to demonstrate that you are interested in providing them with the requested information, and clearly try to provide everything in a timely way.”
However, there are specific situations when it helps to take a combative approach. “The question of how aggressive you can be, in terms of potentially going above somebody’s head or complaining, those are very specific,” said Kotz. “There’s a lot of good information in the book about how you deal with the SEC vs. other entities in those particular situations. The number one approach is to be cooperative, collaborative, responsive, but beyond that there are some circumstances where you can push pretty hard without too much concern about it coming back at you. But it’s helpful to have an understanding of who is it that is leading the team at the particular agency you’re dealing with. What is the issue that they are putting forward? On a very specific case-by-case basis, there can be some very good approaches that can be used to try to limit whatever exposure you have, or even limit the interactions with the regulator and to be able to get along with your business.”
Kotz’s book also offers advice on when it’s a good idea to bring in legal counsel. “Bringing in the lawyers too early can be very counterproductive,” he said. “Bringing in the lawyers too early, say, in an exam setting, can really cause the regulator to think there is potentially more there than even they thought initially. But at a certain point in time you really should turn everything over to the lawyer. There is also a certain point in time that I explained in the book about where you want to bring in internal general counsel type folks into it, and there is a point in time when you want outside counsel. Those are different situations, but again the timing of when you bring in these different entities or individuals is very much dependent upon what type of proceeding is going on, who is leading the exam, what entity it’s from, etc.”
Internal politics can also come into play. “That’s often a very important issue,” said Kotz. “At the SEC for example, a lot of the exam work is in response to the scandals like the Madoff scandal where they examined Madoff over and over again and didn’t find anything. So there are pressures as a result of that, maybe less so at the PCAOB. There are certain points in time when examiners are going to need to find something in an exam just because they can’t go back to the office empty-handed. And the approach that the company can use is to try to find as mild a violation or mild an issue as possible, but it’s not worth necessarily pushing back so hard on a sort of technical violation, because based on the motivations and internal politics in the agency, they have to get you with something.”