IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

Similar documents
B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

STARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

NATIONAL CINEMEDIA, INC. AUDIT COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER

GRANITE CONSTRUCTION INCORPORATED AUDIT/COMPLIANCE COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER

FDICIA Reporting for Financial Institutions. Reporting Changes Under Part 363 and SAS 130

Checklist for Higher Education

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

The Blue Sage Group. Sarbanes-Oxley. 404 Compliance Program. The Blue Sage Group

Non-SEC Regulated Charter. Organization. Statement of Policy. Responsibilities

CABOT OIL & GAS CORPORATION AUDIT COMMITTEE CHARTER

MINDEN BANCORP, INC. AUDIT COMMITTEE CHARTER

BEST BUY CO., INC. AUDIT COMMITTEE CHARTER

CLIENT ALERT: INTERNAL CONTROL OVER FINANCIAL REPORTING

CDK GLOBAL, INC. AUDIT COMMITTEE CHARTER Effective January 20, 2016

NEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER. (as of December 2017)

GROUP 1 AUTOMOTIVE, INC. AUDIT COMMITTEE CHARTER

BIG LOTS, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER

BIO-RAD LABORATORIES, INC. (the Company ) Audit Committee Charter

SOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER

NUCOR CORPORATION AUDIT COMMITTEE CHARTER

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF MULESOFT, INC.

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

ARMSTRONG WORLD INDUSTRIES, INC. AUDIT COMMITTEE CHARTER

Audit Committee Performance Evaluation

BIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

GTT COMMUNICATIONS, INC. AUDIT COMMITTEE CHARTER

Audit Committee Charter

Anti-Fraud Programs and Control Policy

BioAmber Inc. Audit Committee Charter

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF DROPBOX, INC.

Internal Financial Controls New perspectives as per Companies Act 2013 and CARO 2016

AUDIT COMMITTEE OF THE BOARD OF DIRECTORS CHARTER

TEVA PHARMACEUTICAL INDUSTRIES LIMITED AUDIT COMMITTEE CHARTER

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF COMPUTER TASK GROUP, INCORPORATED

AUDIT COMMITTEE CHARTER DATED AS OF AUGUST 5, 2010

The Audit Committee of the Supervisory Board of CB&I

GAP INC. AUDIT AND FINANCE COMMITTEE CHARTER February 23, 2016

COLGATE-PALMOLIVE COMPANY AUDIT COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER

SOX and PCAOB. Introduction. SOX Act. In what year did the Sarbanes Oxley Act pass into law?

DAVITA INC. AUDIT COMMITTEE CHARTER

1. Number. Except as otherwise permitted by the applicable NASDAQ rules, the Audit Committee shall consist of at least three members of the Board.

BrightPath Early Leaning Inc. Audit Committee Charter

CRESCENT CAPITAL BDC, INC. AUDIT COMMITTEE CHARTER

Audit Committee Charter

AUDIT COMMITTEE CHARTER AS AMENDED AS OF MAY 6, 2015

After completing this Session, you should be able to answer the following questions:

audit typology 115 audit universe 101 data and information pool 103 definition 101 structure and content 101

Sample audit committee charter

AUDIT COMMITTEE CHARTER (updated as of August 2016)

Planning tool: Audit committee calendar of activities

WELLS FARGO & COMPANY AUDIT AND EXAMINATION COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER APRIL 30, 2018

UNIVERSAL BUSINESS PAYMENT SOLUTIONS ACQUISITION CORPORATION CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

FIAT CHRYSLER AUTOMOBILES N.V. AUDIT COMMITTEE CHARTER

See your auditor clearly. Transparency report: How we perform quality audit engagements

29 th Regional Conference of WIRC

AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF THE TORONTO-DOMINION BANK CHARTER

F5 NETWORKS, INC. AUDIT COMMITTEE CHARTER AS AMENDED AND RESTATED BY THE BOARD OF DIRECTORS OF F5 NETWORKS, INC. APRIL 21, 2017

AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

NORFOLK SOUTHERN CORPORATION. Committee s Role and Purpose

Audit Committee of the Board of Directors Charter CNL HEALTHCARE PROPERTIES II, INC.

Anheuser-Busch Companies, Inc. Audit Committee Charter

AMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017)

NVENT ELECTRIC PLC AUDIT AND FINANCE COMMITTEE CHARTER

COSO Updates and Expectations. IIA San Diego Chapter January 8, 2014

Community Bankers Conference

OSHKOSH CORPORATION BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER. As Amended as of May 9, 2016

Stratus Properties Inc.

EFFICIENT USE OF AUDIT COMMITTEES

9. Internal control Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization's objectives in

TG Therapeutics, Inc. Audit Committee Charter

SUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008)

Business development companies

Internal Audit and SOX Best Practices

AEGON N.V. AUDIT COMMITTEE CHARTER

ENGHOUSE SYSTEMS LIMITED AUDIT COMMITTEE CHARTER

POLARIS INDUSTRIES INC. BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER Revised January 26, 2017

A. Independence/Composition. The Committee shall be comprised of not less than three members. The members of the Committee:

Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)

OLD DOMINION FREIGHT LINE, INC. AUDIT COMMITTEE CHARTER. A. The Audit Committee shall be comprised of a minimum of three directors.

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF PAM TRANSPORTATION SERVICES, INC.

Sarbanes-Oxley 404(a) Efficient, Effective Consulting Solutions

Audit Committee Charter for XL Group Ltd

Internal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC

NEVRO CORP. CORPORATE GOVERNANCE GUIDELINES. (Adopted October 9, 2014)

ABCANN GLOBAL CORPORATION CORPORATE GOVERNANCE POLICIES AND PROCEDURES

Evaluenz Special Edition on Internal Controls Over Financial Reporting (ICFR) 2016

Audit Committee Performance Evaluation Form

Evaluating Internal Controls

Nonprofit Association of the Midlands. August 26, 2014

Chapter 18. Integrated Audits of Public Companies. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Tab No. F-2 TERMS OF REFERENCE FOR THE AUDIT COMMITTEE

InSights FOR AUDIT COMMITTEE MEMBERS

AUDIT COMMITTEE CHARTER

EY Center for Board Matters. Leading practices for audit committees

Transcription:

IPO Readiness Sarbanes-Oxley Compliance & Other Considerations Presented by:

IPO Readiness Enhanced Financial / Legal compliance SEC / Stock Exchange Compliance Entity Structure / Registration Filing Requirements Establish Audit Committee External Audit Considerations Independence / registered with PCAOB Internal Audit Department NYSE and Nasdaq Requirement Sarbanes-Oxley Compliance Section 302 Quarterly Certification Section 404 Annual Disclosure and Certification Add operating expense requirements One time cost of $500k to $1M for Sarbanes Oxley Compliance / Legal support One time investment banking fees, audit fees, legal fees of $XX for IPO/Structured Deal Annual ongoing cost of $3M+ for Board of Directors, legal, finance and IT support

Audit Committee An Audit Committee, composed of independent outside directors with at least one financial expert, is required for all publicly traded companies. The SEC requires the Audit Committee to have: at least one fully independent member at the time of an issuer's initial listing a majority of independent members within 90 days, and a fully independent committee within one year.

Audit Committee Responsibility plays a critical role in providing oversight over and serving as a check and balance on a company's financial reporting system. provides independent review and oversight of a company's financial reporting processes, internal controls and independent auditors. provides a forum separate from management in which auditors and other interested parties can candidly discuss concerns. helps to ensure that management properly develops and adheres to a sound system of internal controls, that procedures are in place to objectively assess management's practices and internal controls, and that the outside auditors, through their own review, objectively assess the company's financial reporting practices.

Audit Committee Directly responsible for the appointment, compensation, retention and oversight of the work of any registered public accounting firm and each such registered public accounting firm must report directly to the audit committee; Must establish procedures for the receipt, retention and treatment of complaints regarding accounting, internal accounting controls or auditing matters, including procedures for the confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters; Must have the authority to engage independent counsel and other advisors, as it determines necessary to carry out its duties; and Each issuer must provide appropriate funding for the audit committee.

External Auditor Each company applying for initial listing must be audited by an independent public accountant that is registered as a public accounting firm with the Public Company Accounting Oversight Board, as provided for in Section 102 of the Sarbanes-Oxley Act of 2002 Must adhere to PCAOB audit, ethics, and quality control standards Prohibited from providing certain non-audit services to audited companies Required lead audit partner rotation every five year

Internal Audit Department NYSE Listed companies must maintain an internal audit function to provide management and the audit committee with ongoing assessments of the listed company's risk management processes and system of internal control. A listed company may choose to outsource this function to a third party service provider other than its independent auditor. All listed companies must have an internal audit function in place no later than the first anniversary of the company's listing date. NASDAQ Considering similar requirements to NYSE

Sarbanes-Oxley Compliance Section 302 require the principal executive and financial officers of a public company to certify in their company's annual and quarterly reports that such reports are accurate and complete and that they have established and maintained adequate internal controls for public disclosure. Section 404 mandates that all publicly-traded companies must establish internal controls and procedures for financial reporting and must document, test and maintain those controls and procedures to ensure their effectiveness.

Sarbanes-Oxley Section 404 Risk Assessment Determine scope of compliance requirements based on materiality Documentation Complete walkthroughs Create or update process narratives and risk control matrices Compliance with COSO Framework and Entity Level Controls Review Testing Phase 1 Design Effectiveness Phase 2 Operating Effectiveness Company Assessment

Sarbanes-Oxley Compliance Plan Identify financial statement elements and complete financial statement risk assessment Complete entity-level risk and control assessment Designate standard framework for documenting and testing internal controls Document information flows, policies and procedures of critical processes Identify key controls mitigating the key risks Identify fraud risks Assess control design effectiveness (achieve objectives) Testing of key controls (overview) Perform walkthroughs of key processes Perform detailed sample testing Perform post-remediation testing Perform year-end follow-up/roll-forward testing Validate control operating effectiveness (operating as designed) Design and implement solutions for control gaps and weaknesses Evaluate use of service organizations Complete IT-related control assessment Validate management assessment with external auditor Establish timeline and other administrative aspects Establish process for executive certification Create Ongoing Plan Develop project communication plan with management and external auditors

Process and Control Documentation Includes all key business processes (financial and IT) as identified within the SOX risk assessment A Walkthrough validates the process and internal controls are operating as documented. Includes: Review of the existing documentation (e.g. narrative, risk control matrix, policies and procedures, etc.), interview process owner(s), and obtain supporting documentation. Recommend changes to the process documentation requirements to mitigate all control deficiencies

COSO Framework COSO - the system of internal control supporting the external financial reporting objective (e.g. SOX) must include five interrelated components: Control Environment Risk Assessment Control Activities Information Communication Must achieve 17 principles within the 5 interrelated components

Entity Level Controls The Tone at the Top sets the baseline for SOX compliance. Obtain and review the company s policies and procedures Obtain and review existing charters (Audit Committee, Internal Audit, Disclosure Committee, etc.) Interview or send questionnaires to Senior Leadership Team, Audit Committee Chairperson and partner from external audit firm (see note below) Review BOD and Audit Committee agendas and minutes Obtain and review all process sub-certifications Understand the organization s ethics climate, including code of conduct, conflicts of interest, etc. Understand and review Corporate Governance and Risk Management structure

Internal Control Testing The goal is to test the design and operating effectiveness of the key controls. Sample sizes will vary based upon the frequency of a transaction and control execution. Typical sample sizes are as follows: Daily 25 Weekly 10 Monthly 5 Quarterly 2 Annually 1.

Company Assessment Company Assessment evaluates deficiencies in aggregate to summarize the organization s assessment on internal controls over financial reporting. Prepared once all phases have been completed. Evaluates and consolidates deficiencies, explains remediation plans, and presents the conclusion to management.

Sarbanes-Oxley Compliance Timeline This is the optimal timeline that gives clients enough time to remediate deficiencies. It can be sped up based on client s need and ability to quickly remediate(if needed). Description Year 1 Y 2 M1 M2 M3 M4 M5 M6 M7 M8 M9( M10 M11 M12 M1 M2 M3 M4 M5 M6 Risk Assessment Documentation & Walk Thrus Finance IT General Controls COSO & ELC Review Testing (Finance & IT) Initial Testing Update Testing Year End Testing Remediation Testing Company Assessment Vonya Global would request that one key Company X employee be assigned at least part-time to the entire Sarbanes-Oxley compliance effort. This person will assist with introductions, coordination, meetings, obtaining documentation, etc.

Sarbanes-Oxley Compliance Budget Detail Control Design Evaluation Control Operating Effectiveness Testing Documentation & Walkthroughs Initial Testing Remediation Testing Update Testing Accrued Liabilities 40 50 25 12.5 Fixed Assets 40 50 25 12.5 FSCP 80 100 50 25 Inventory 80 100 50 25 OTC - AR and Allowance 40 50 25 12.5 OTC - Cash App 40 50 25 12.5 OTC - Revenue 80 100 50 25 Payroll 40 50 25 12.5 Purchase to pay 60 80 40 20 Taxes 40 50 25 12.5 Treasury 30 40 20 10 ITGC 275 275 137.5 TBD 845 995 497.5 180 Budget estimates the specific time per cycle for 3 rd party resources only. Budget does not take into account time required by Company X employees Additional time required by Company X employees per cycle includes: Documentation 8-10 hours includes interviews and various reviews Walkthroughs 6-8 hours All Phases of Testing 50-60 hours to pull samples and answer questions Deficiencies 10-15 hours Other - 16 hours - this generally is training (IPE, evidence of review, etc) and other conversations with process owners Total = 90-110 hours per cycle Remediation testing cannot be determined specifically, but in an immature control environment there is high likelihood of significant control deficiencies and hence more remediation testing required. Estimated at 50% of initial testing.

Top Reported Deficiencies Top 6 Ineffective Internal Control Accounting Rule Violations Reported by Auditors From 2004-2011 Rank Frequency Percentage Description 1 733 10.82% Tax Issues / FAS 109 issues 2 676 9.98% Revenue Recognition Issues 3 573 8.46% Liability & Accrual Estimation Failures 4 554 8.18% Current Asset Issues 5 528 7.79% Inventory, COGS Issues 6 423 6.24% PPE, Intangible Asset Issues

Internal Audit Budget Outsourced Staffing Minimum Requirements Establish Internal Audit Charter Create Internal Audit Reporting Structure Create Internal Audit Templates Conduct Internal Audit Risk Assessment Present Findings to Audit Committee Total 320 400 hours (~$100K) Only in Year 1 Optional Requirements Create Internal Audit Project Plan based on result of Risk Assessment Complete projects on Internal Audit Plan Present Findings to Audit Committee and Management Total 160 240 hours per project (typical--~$50k per project x 4 projects = $200k)

About Vonya Global A management consulting firm providing internal audit outsourcing services Founded by Sargon Youmara, Steven Randall, and Veronika Fritz The 3 founding partners have worked together serving the internal audit community in Chicago since 2000 Assisted hundreds of companies through Sarbanes-Oxley Compliance, including the first ever Section 404 filer (Qualcomm) Internal audit team is comprised of experienced full-time permanent staff, most of whom have over 10 years of professional experience

Vonya Global Client Profile Publicly traded corporations Locations in multiple countries Under $5 billion in annual revenues Facing change (rapid organic growth, acquisition, divestiture, etc ) Technology, Manufacturing, Healthcare, Retail, Financial Services, Waste Management

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback