1
Health Care Compliance Association
THE NEW FACE OF
CORPORATE GOVERANCE
2003 Annual Compliance Institute
Paul R. DeMuroLatham & Watkins LLPSan Francisco andLos Angeles, California
John E. Steiner, Jr.Corporate Compliance OfficerCleveland Clinic FoundationCleveland, Ohio
April 28, 2003
2
Sarbanes-Oxley Act
• CEO and CFO Certifications – compare to signing the Medicare Cost Report
• Forfeiture of Bonuses and Profits from Securities Sales
• Blackouts on Securities Trading by Officers and Directors
• No Discharge of Debts in Bankruptcy
3
• SEC Sanctions Against Officers and Directors
• Regulation of Attorney Conduct
• Audit Committee and Coercion of Auditors
• Longer statute of limitations for securities fraud claims
• New Document Destruction Crimes.
Sarbanes-Oxley Act (cont.)
4
• New Securities Fraud Felony
• Individuals should take defensive precautions
•e.g., Checklists for CEO and CFO Certifications
Sarbanes-Oxley Act (cont.)
5
• Audit, compensation and disclosure committees
• Conflicts of interest
• True independence of directors
• State law considerations with respect to directors voting on matters in which they or their companies have an interest.
Focus on Corporate Governance Considerations
6
• Majority of independent directors.
• Narrow the definition of independent director.
• Non management directors should meet periodically in scheduled executive sessions without management.
Independence Issues
7
• Be composed entirely of independent directors.
• Have a written charter addressing:
• The committee’s purpose regarding identification and selection of Board Members.
• The committee’s goals and responsibilities, including the criteria for selecting new directors and oversight of the evaluation management.
• Annual performance evaluation of the Committee.
Nominating/Corporate Governance Committees Should:
8
• Composed entirely of independent directors.
• Have a written charter addressing:
• The committee’s purpose, including to discharge the board’s responsibilities relating to compensation of the company’s executives and to produce an annual report on executive compensation.
Compensation Committee Should Be:
9
• A review and approval of corporate goals and objectives relevant to CEO compensation, evaluation of CEO’s performance, and compensation fund.
• Make recommendations to the Board with respect to incentive-compensation plans and equity based plans.
• An annual performance evaluation of the compensation committee.
The Compensation Committee’s Duties and Responsibilities Should Include:
10
• The following subjects should be addressed in the corporate governance guidelines:
• Director qualification standards
• Director responsibilities
• Director access to management and, as necessary and appropriate, independent advisors
Companies Should Adopt and Disclose Corporate Governance Guidelines
11
• Director compensation
• Director orientation and continuing education
• Management succession
• Annual performance evaluation of the Board
Companies Should Adopt and Disclose Corporate Governance Guidelines (cont.)
12
• The most important topics to address are:
• Conflicts of interest
• Corporate opportunities
• Confidentiality
Companies Should Adopt and Disclose a Code of Business Conduct and Ethics for Directors,
Officers and Employees, and Promptly Disclose any Waivers of the Code for
Directors or Executive Officers
13
• Fair dealing
• Protection and proper use of company assets
• Compliance with laws, rules, and regulations
• Encouraging the reporting of any illegal or unethical behavior
Companies Should Adopt and Disclose a Code of Business Conduct and Ethics for Directors,
Officers and Employees, and Promptly Disclose any Waivers of the Code for
Directors or Executive Officers (cont.)
14
There will be a Decrease in Non-Audit Services Provided by Audit Firms to Audit Clients
The SEC has issued new rules, “identifying the non-audit services that, if provided by an auditor to its audit clients, will be deemed to impair the independence of the corporate audit!”
These non-audit services include bookkeeping, financial systems design and implementation, certain limited appraisal and valuation services, internal audit services, actuarial services, performance of management functions, and “excessive” involvement in human resource selections.
15
There will be a Decrease in Non-AuditServices Provided by Audit Firms
to Audit Clients (cont.)
The Sarbanes-Oxley Act expanded these to include broker or dealer, investment adviser, or investment banking services, legal services and expert services unrelated to the audit; and any other service that the newly created Public Company Accounting Oversight Board determines, by regulation, is impermissible.
These SEC rules and Sarbanes-Oxley do not expressly apply to nonprofits, but there is risk to nonprofits.
16
Recommendations Regarding Decrease in Non-Audit Services Provided by Audit Firms to Audit
Clients
A healthcare company should scrutinize the non-audit services provided by a company’s audit firm.
Compliance policies should be revised to accommodate the SEC Rules and the Act.
Nonreporting entities should consider following the SEC Rules and the Act.
17
There Will be a Potential for Greater Qualification for Audit Opinions With More Significant Detailed
Footnotes and Expanded and More Detailed Management Letters
Accounting policies of companies are likely to be under greater scrutiny.
Auditors will qualify more opinions and do more footnoting (explaining).
Management’s internal controls will be under greater scrutiny.
18
Recommendations Regarding Greater Qualification of Audit Opinions
Compliance officers should be schooled in accounting procedures and not shirk these issues.
Finance employees should have a better background in accounting.
Board members should understand accounting and finance procedures.
19
There will be Greater Scrutinizing of and a Possible Reduction in Off-Balance Sheet
Financial Arrangements, Including:
• Hedging Transactions
• Special Purpose Entities
• Timing Asset Sales with Short Term Repurchases
• Particularly with respect to related party transactions
20
Recommendations Regarding Greater Scrutinizing of Off-Balance Sheet Transactions
Greater review of Off-Balance Sheet Transactions, particularly health care joint ventures.
Compliance programs and conflict of interest polices should address these transactions.
Management, compliance officers and counsel must understand these transactions.
21
Audit Committee
Consult Legal Counsel in connection with preparing the Audit Committee Report.
There likely will be the amendment of audit committee charters.
Boards and Audit Committees should assess the financial risks and critical accounting policies that affect their own company’s financial statements and disclosures.
Boards and Audit Committees might revise these annual schedules and meeting agendas to address or supplement specific policies of concern.
22
Audit Committee (cont.)
Nonreporting and Nonprofit Companies should have audit committees; if not, their functions should be within the finance committee
More detailed audit committee charters could increase an audit committee member’s exposure to personal liability, particularly if the charter’s provisions are not followed.
SEC rules, new stock market requirements and Sarbanes-Oxley will lead to changes in audit committee charters.
23
Purpose of the Audit Committee is to provide assistance to the Board of Directors in fulfilling the Board’s oversight responsibilities regarding the Company’s accounting and system of internal controls, the quality and integrity of the Company’s financial reports, and the independence and performance of the Company’s auditors.
24
Additional Committee Organization and Procedures
Committee may include in its meetings members of the Company’s financial management, representatives of the outside auditor, the senior internal audit manager, and other financial personnel employed or retained by the Company.
Committee may utilize the services of the Company’s regular corporate legal counsel with respect to legal matters or retail other legal counsel as appropriate.
Committee may conduct or authorize investigations into any matters within the scope of its responsibilities.
25
Responsibilities
Outside auditor is ultimately accountable to the Board and the Committee in connection with the audit of the Company’s annual financial statements.
Committee shall review the experience and qualifications of the outside auditor’s senior personnel and the auditor’s quality control procedures.
Committee should approve the use of the auditor for any non-audit services and the fees.
26
Responsibilities (cont.)
Committee shall meet with outside auditor and management in connection with each annual audit to discuss the scope of the audit, the procedures to be followed, and the staffing of the audit.
Committee shall discuss with the outside auditor any problems or difficulties the outside auditor may have encountered during the course of the audit work.
Committee shall review the appointment and replacement of the senior internal audit manager.
27
Other Responsibilities
Committee shall discuss with management and the outside auditor any accounting policies the outside auditor identifies as critical, and discuss any changes in the accounting policies of the Company or any changes in accounting or financial reporting rules that could reasonably be expected to have a material impact on the Company’s financial statements.
28
Other Responsibilities (cont.)
Committee shall review and discuss with management and the outside auditor:
(1) Any material off-balance sheet arrangements or other material financial arrangements of the Company that do not appear on the financial statements of the Company.
(2) Any transactions with parties related to or affiliated with the Company which are material in size or involve terms different from those reasonably likely to be negotiated with independent third parties and which transactions are relevant to the understanding of the Company’s financial statement.
29
Other Responsibilities (cont.)
Committee shall discuss with management and the outside auditor any correspondence from or with the regulators or governmental agencies, and any employee complaints.
Committee shall recommend to the Board guidelines for the Company’s hiring of employees of the outside auditor who were engaged on the Company’s account.
Committee shall discuss with management the Company’s significant financial risk exposures and the actions management has taken to limit, monitor or control such exposures.
30
Other Responsibilities (cont.)
Committee shall discuss with the Company’s General Counsel legal matters that could reasonably be expected to have a material impact on the Company’s financial statements.
Committee shall obtain assurances from management that the outside auditor that the Company’s subsidiary/foreign affiliated activities are in conformity with applicable legal requirements.
31
Public Company Audit Committees
The Act requires the Commission to adopt rules to direct the national securities exchanges and the NASD to prohibit the listing of any security of a company that does not comply with the following requirements regarding its Audit Committee:
• Responsibility. The Audit Committee must be directly responsible for the appointment, compensation and oversight of the auditors (including the resolution of disagreements between management and the auditors regarding financial reporting), and the auditors must report directly to the Audit Committee;
32
Public Company Audit Committees (cont.)
• Independence. Each member of the Audit Committee must be independent (i.e., no member may accept any consulting, advisory or other compensatory fee from the company or be an affiliated person of the company or any of its subsidiaries), subject to the Commission’s authority to grant exemptions from this independence requirement;
• Whistle-Blower Procedures. The Audit Committee must establish procedures for (1) the receipt, retention and treatment of complaints received by the company regarding accounting, internal accounting controls or auditing matters and (2) the confidential, anonymous submission by employees of the company of concerns regarding questionable accounting controls or auditing matters;
33
Public Company Audit Committees (cont.)
• Engagement of Advisors. The audit Committee must have the authority to engage independent counsel and other advisors; and
• Payment of Expenses. The company must provide for appropriate funding, as determined by the Audit Committee, for payment of compensation to the auditors and advisors to the Audit Committee.
34
Relationship Between the Company and its Auditors
• Mandatory Audit Committee Preapproval of Non-Audit Services. The Act requires (subject to certain limited exceptions) that all audit and non-audit services, including tax services, provided to a public company by its auditors be preapproved by the Audit Committee of the Board of Directors.
• Mandatory Lead Audit Partner Rotation. The Act requires an accounting firm to rotate its lead partner and reviewing partner on audits so that neither role is performed by the same accountant for the same company for more than five consecutive years.
35
Relationship Between the Company and its Auditors (cont.)
• Strict Conflict of Interest Rules The Act prohibits an accounting firm from performing any audit services for a public company if certain executive, financial or accounting officers of the company were employed by the accounting firm and participated in the audit of the company during the one-year period preceding the commencement of the audit services.
• Possible Mandatory Accounting Firm Rotation. The Act requires the Comptroller General of the United States to conduct a study of the potential effects of requiring the mandatory rotation of accounting firms for public companies.
36
• Sarbanes-Oxley and the Securities Exchange Rules do not apply to such entities
• Rating agencies are starting to look at certain “requirements” as benchmarks
• State Attorney Generals will be interested
• Plaintiffs will be interested
Query: If a Company is a Nonprofit or Nonreporting Entity—Why Should I Worry?
37
Look at the Board and Senior Administrative level
• Are Discussions at the Board level superficial?
• Does the CEO control the Board agenda and the Board Packet?
• Does the Board ever meet without the CEO present?
How Can I Detect a Problem in my Organization?
38
• Does the CEO shun any operational or legal review?
• Do Directors have “relationships” with the Company? (e.g., the insurance salesman on the Board sells insurance to the Healthcare Entity)
• On any controversial or critical issues, are the Board Members “prepared” in advance by the CEO?
• As questions are raised at a Board meeting, does the CEO say he or she will address them later and separately with the Board Member?
How Can I Detect a Problem in my Organization? (cont.)
39
• Is there an extensive use of the consent Calendar at Board meetings?
• Are Board members reticent to ask probing questions?
• Are Board member enquiries about Board issues often just reported to the CEO?
• Are the Board and Board Committees able to access separate, independent legal counsel without going through the CEO?
How Can I Detect a Problem in my Organization? (cont.)
40
• Does the Compliance Officer report to the Board of Directors?
• Is there little turnover on Board positions and do the Board members have “cozy” relationships with the CEO?
• When anything goes awry, does the CEO point the finger at another individual? (e.g., the CFO, Reimbursement or Managed Care Director, or Legal Counsel)
How Can I Detect a Problem in my Organization? (cont.)
41
• Does the CEO stress the organization’s “culture” when it is really his or her agenda?
• Does the CEO not want external searches done for his or her replacement or for other senior employees?
• Are there no separate audit and compensation committees staffed with only outsider, non-interested directors?
How Can I Detect a Problem in my Organization? (cont.)
42
• Are the interests of the shareholders or stakeholders often ignored?
• Are some board members left out of the loop?
• Are directors asking about the D&O coverage and their potential liability?
How Can I Detect a Problem in my Organization? (cont.)
If any of the above are answered in the wrong way, your Board may be providing ineffective governance!
43
For Integrated Delivery Systems, consider Related Party Transactions and Conflict of Interest issues
• Overlapping Boards
• Non-profit “subsidiaries” cannot be treated like investor owned subsidiaries
• IDS Health Plans and other regulated entities may be subject to different rules, e.g., Department of Managed Healthcare (or Departments of Insurance) and CMS Medicare + Choice issues
44
Non-profits Can Be Subject To Certain Competitor Allegations As A Result Of Not Following All Of
Or Skirting Certain “Rules”
• Are conflict of interest policies followed?
• Are there really any “independent” directors on the subsidiaries’ boards or are they really just overlapping with conflicting fiduciary duties and duties of loyalty
• What about non-profit healthcare systems with facilities in more than one state?