Munich-American RiskPartners is a division of American Re-Insurance Company. Trends in Transparent...

Munich-American RiskPartners is a division of American Re-Insurance Company.

Trends in Transparent Full Disclosure in the Public Sector

State Risk and Insurance Management Association Convention

Jekyll Island, Georgia

Jeff Welsh, CPCU, AU

September 19,2005

This material is being provided to you for information only, and is not permitted to be further distributed without the express written permission of American Re. This material is not intended to be legal, underwriting, financial or any other type of professional advice.

© Copyright 2005 American Re-Insurance Company. All rights reserved. The American Re name and logo, and the Munich-American RiskPartners name are marks owned American Re-Insurance Company.

Issues in Financial Disclosure

The Private Sector

A Failure of Confidence in Capital Markets

Disrobing the Financial Landscape of Undisclosed Risk: Enron, WorldCom, Tyco and others

Restored Confidence in Capital Markets

The legislative response of disclosure failures: The Public Company Accounting Reform and Investor Protection Act of 2002; aka- Sarbanes-Oxley Act

Sarbanes-OxleySarbanes-OxleyEnacted on July 30, 2002Enacted on July 30, 2002

Purpose – To rebuild public trust in America’s corporate sector.

Applicability – For Publicly Traded Companies that file a 10K with the SEC, their auditors and securities analysts to adhere to new corporate governance standards in oversight and in auditing of financial transactions.

A SOX ACT Synopsis:There are nine sections to the Act covering the following major items:

Creation of an independent public company accounting oversight board (PCAOB)

Auditor independence provisions High level of corporate governance and responsibility measures Expanded financial and insider disclosure requirements Mandatory analyst disclosure of potential conflicts Tough new penalties for violations of SOX and fraud

The “SOX CREEP”The “SOX CREEP”How Sarbanes-Oxley provisions for publicly traded companies have begun

to creep into non-traded, not stockholder owned State Government.

Buzz Words for the Public Sector : Accountability, Transparency, Full-Disclosure, Compliance

State Government Agencies and particularly Risk Management Agencies financially interact with and impact a sizable and politically sensitive population

Daily and Long Term Claim Handling OperationsLoss Fund ManagementPremium Allocation and DistributionCompensating Balance PlansReserve and Surplus ManagementInsurance and Reinsurance TransactionsCommutations, Novations and Portfolio Transfers

Public, legislative and professional expectations are advocating for SOX provisions in State and Local Governance


What is driving “SOX” into Government?What is driving “SOX” into Government?

Although it is generally acknowledged that Government has had a higher disclosure standard than the Capital Markets in Financial Reporting, the current environment demands increased ‘faith and trust’ in State and Local Public Units.

Who is Driving the Bus? :- Bond Rating Agencies (S&P, Moody’s, etc.)- Government Accountability Office (GOA)

- Governmental Accounting Standards Board (GASB) - Office of Management and Budget (OMB)

- Government Finance Officers Association (GFOA) and other accountancy org.’s - State Attorneys General

- Governmental Entities voluntarily adopting SOX-type governance provisions


Governmental Internal Control ReportingGovernmental Internal Control Reporting

Current Governance of State Disclosure that Differs from the Private Sector:• Legislative Oversight• Open Meetings• Internal Control Disclosure and Reporting Provisions

1970’s-Comptroller’s Financial Integrity Statement

1982-Federal Managers’ Financial Integrity Act

1987-State Internal Controls Act

The 2004 Model Goveranance Act for State Public Authorities

SOX-type requirements that include certification of annual reports, CAFR’s and the preparation of an internal control report


Relevant SOX Provisions with possible impact for State Agencies

Relevant SOX Provisions with possible impact for State Agencies

“ The two Sarbanes-Oxley sections that would be most relevant to the public sector are Sections 302: ‘Corporate Responsibility for Financial Reports’ and Section 404: ‘Management Assessment of Internal Controls’.”

-John Radford, Oregon State Controller and NASCAT President


Summary SOX Title III Section 302Summary SOX Title III Section 302

Periodic financial reports are to include CERTIFICATIONS that:•Signing Officers have reviewed the report.•Report has no untrue statements and is not misleading.•Financial Statement related data fairly presents the condition and results in all respects.•The Signing Officers are responsible for internal controls, have evaluated them within the past 90 days and have reported their findings.

• Lists all deficiencies in internal controls and discloses information on employees who are involved with internal activities.•Disclose any significant changes in internal controls or related factors that could have a negative impact on the internal controls.


How Could Adoption of SOX 302 Impact State Risk Management?

How Could Adoption of SOX 302 Impact State Risk Management?

As a State Risk Manager or Financial Officer, ask yourself the following questions:

• Have I been or will I be asked to certify a financial report of my State Agency?

• Can I certify that in all respects nothing is materially untrue or misleading in the report on my State Agency?

• Can I attest to the Internal Controls?

• Do I have knowledge of internal control deficiencies that I need to disclose?

• Am I an “employee” in the sense of Section 302 having involvement in the financial internal controls of my agency? Do I supply or manage data under which financial reports are

prepared?


In the SOX sense, what is “Certification”?In the SOX sense, what is “Certification”?

In the Private Sector, SOX requires a sign-off certification of the financial statements by the CEO and CFO. These individuals can face the threat of serving jail time for false certifications. In the spirit of SOX, CEO’s, CFO’s Controllers, Comptrollers and/ or Chief Accounting Officers should understand enough about the financial and compliance to sign such a certification or risk the SOX penalties.


What are the SOX Penalties?What are the SOX Penalties?Although we have yet to see the specific SOX penalties for false

certification duplicated in governmental practices, they include the following that might be relevant to the public sector:

• Under Title VIII: Imposes criminal penalties of up to 10 years for knowingly destroying, altering, concealing or falsifying records to influence investigation.

• Under Title XI: Amends Federal criminal law to establish a maximum of 20 year prison term for tampering with a record or otherwise impeding an official proceeding.

• Under Title IX: Establishes criminal liability for failure of officers to certify financial reports, including a maximum of 10 years for knowing that a periodic report does not comply with SOX or 20 years for certifying a statement knowing it does not comply with SOX.


Internal Controls: It’s All About TransparencyInternal Controls: It’s All About Transparency

Being influenced by SOX 302, various governmental accounting organizations, state attorneys general and public entities themselves are considering or adopting new sets of internal controls.

A few of many examples:

1. Minnesota State Colleges and Universities Board of Trustees: On 1/20/04 Agenda Item: Suggested Modifications to Board Policies about the Audit Committee related to Sarbanes-Oxley.

2. GFOA adopts a recommended practice in 2004 to enhance management involvement with internal control. They recommend that governmental financial managers “…obtain the information and training needed to meaningfully take responsibility for internal control.”

3. GAO’s view on State Government internal controls states that auditor opinions on internal control are appropriate and necessary for major public entities.

4. Early adopters of Regulatory Implementation of SOX-type measures:New York State Public Authorities

New Jersey Public Authorities


Summary SOX Title IV Section 404: Disclosing the nature and effectiveness of your Internal Controls

Summary SOX Title IV Section 404: Disclosing the nature and effectiveness of your Internal Controls

This Title Section under SOX is referred to as ‘Enhanced Financial Disclosure’:•Issuers of financial statements are required to publish reports concerning the scope and adequacy of the internal control structure.• You must also assess the effectiveness of the internal control policy and procedures.•Your accounting firm (or outside accounting dept.) shall attest to and report on their independent assessment of the effectiveness of your internal controls.

• Requires financial statement issuer to disclose whether it has adopted a senior officer code of ethics.• All material correcting adjustments must be identified.•Must disclose all material off-balance sheet transactions and relationships that have a material effect on financial status.


Controls under SOXControls under SOX

The Elements of External Control:• Under SOX for Public Companies, it establishes an Accounting Oversight

Board called the Public Company Accounting Oversight Board (PCAOB).• The PCAOB oversees the audit of public companies, establishes audit

report standards and rules, inspects, investigates and enforces compliance.

The Elements of Internal Control:• Audit Committees must be established; its members must be Board

members and must be “independent”.• Committee is responsible for the appointment, compensation and

oversight of an independent auditor.• The auditor must report to Audit Committee all critical accounting

practices used in the preparation of financial statements.


Several SOX-type Controls were put into place post-SOX at the Federal Level. Will State and

Local Government follow suit?

Several SOX-type Controls were put into place post-SOX at the Federal Level. Will State and

Local Government follow suit?

An Example - OMB Circular A-123 Revised:At the Federal Level, this circular now requires:• An Annual Performance and Accountability Report on

Internal Controls and Agency Heads must sign the “Assurance Statement”.

• Must identify any material weakness, non-conformances and corrective actions.

• Agency Heads must give separate assurance on Internal Control over Financial Reporting.


State Risk Management and SOXState Risk Management and SOXConcluding Suggestions:

• Get acquainted with a good synopsis of the Sarbanes-Oxley Act.

• Assess whether other State Agencies are adopting SOX-type provisions and review what is being considered and adopted in your State.

• Examine the status of your Office of Risk Management’s impact with the financial end of operations, for example ask yourself: Does your office produce its own financial reports, statements or independent

CAFR’s? Are you a data supplier to another State Agency that produces reports? What are your activities in accounting and audit?

• Consider if it would be beneficial for the Office of Risk Management to adopt SOX-type oversight and controls to continue to assure the integrity of your operation. Balance the expectations and auditing needs with the resource limitations you

have to improve accountability.


Transparent and Full Financial Disclosure that is managed through sound Internal Control, creates sustained confidence in State Risk Management

Transparent and Full Financial Disclosure that is managed through sound Internal Control, creates sustained confidence in State Risk Management

Sarbanes-Oxley has been the law for capital markets for three years now. It is also emerging in various forms in the public governance of disclosure and control practices. These potential new laws and regulations are a renewed realization that our constituency must rely with unequivocal confidence in our public trust. Proactive behavior in self-regulation will prove more powerful than compulsory laws.


Acknowledgements:Acknowledgements:

I would like to acknowledge the following sources for this presentation:

• Nancy Valley, National Sector Leader – KPMG, LLP• The Sarbanes-Oxley Act and Implications for Nonprofit Organizations; National Center

for Non-Profit Boards• Conference of State Bank Supervisors, Executive Summary of the Sarbanes-Oxley Act of

2002, P.L. 107-204• The Sarbanes-Oxley Act May Impact State and Local Governments; McGladery &

Pullen• A New Era of Corporate Governance bears down on Higher Education; Martin

Michaelson• Sarbanes-Oxley in Government; 2005 GFOA Conference, Kinney Poynter, NASCAT• The Sarbanes-Oxley Act and the Governmental and Nonprofit Accounting Instruction;

2005 Annual Meeting of the American Accounting Association• Agenda Summary Audit Committee; Minnesota State Colleges and Universities Board of

Trustees

Munich-American RiskPartners is a division of American Re-Insurance Company. Trends in Transparent...

Documents

Transcript of Munich-American RiskPartners is a division of American Re-Insurance Company. Trends in Transparent...