United States: The SEC´s New Rules On Auditor Independence

After long consideration amid a great deal of controversy, the Securities and Exchange Commission has adopted amendments to its rules concerning auditor independence. These amendments are contained in Release No. 337919 (November 21, 2000). The amendments reflect a compromise between certain of the largest accounting firms and the SEC, which initially favored outright prohibitions on the provision of certain non-audit services by accounting firms to their publicly-owned audit clients. The final rule bars audit firms from providing a few specified non-audit services to their publicly-owned audit clients, allows them to provide other non-audit services under existing professional standards (the provisions of which have now been set forth in specific SEC rules) and requires companies to disclose publicly the aggregate amount of audit and non-audit services they purchase from their auditors.

Accounting firms today frequently provide non-audit services to their clients, including audit clients. These services make up an increasingly large share of many firms' revenues. The SEC, taking note of these changes in the accounting industry, expressed concern that the provision by the same firm of specified audit and consulting services could compromise auditor independence. The new rule is intended to update and codify SEC independence standards to address these changes.

The rule affects all SEC registrants, including public companies, and their auditors. The federal securities laws require all registrants to file with the SEC financial statements audited by an accountant who meets the SEC's standards of independence. Accordingly, public companies and their auditors must take care to observe all independence requirements.

Yes, depending on the type of services rendered. Certain services are presumed to impair an audit firm's independence and may not be provided to audit clients unless specific conditions are satisfied. Non-audit services that are not proscribed by the new rule may be provided by audit firms to audit clients. Under either circumstance, however, the company must comply with the disclosure requirements of the rule.

The SEC's adopting release says that they do not and that actions taken by audit committees will continue to be considered business judgments. However, the release makes it clear that audit committees have a highly visible role and, partially as a result of other rules adopted earlier this year by the SEC and the major U.S. stock exchanges,¹ have a great deal of responsibility with regard to independence.

The company must disclose in its annual proxy statement audit fees for professional services rendered during the most recent fiscal year. These fees must be separated into three categories: audit and quarterly financial statement review (disclosed under the caption "Audit Fees"), IT consulting (disclosed under the caption "Financial Information Systems Design and Implementation Fees") and all other services (disclosed under the caption "All Other Fees"). For services falling within these three categories, the company need only disclose aggregate fees billed for each category. "All Other Fees" are to include many traditional functions of auditors, such as work on registration statements.

The company must also disclose in the proxy statement whether its audit committee (or, if the company has no audit committee, the board of directors) has considered whether the performance by their principal audit firm of the non-audit services disclosed under "Financial Information Systems Design and Implementation Fees" and "All Other Fees" is compatible with maintaining the principal audit firm's independence. In the adopting release accompanying the new rules, the SEC makes clear that a company need not disclose the content of the audit committee's deliberations or its conclusions. A brief statement disclosing whether or not the committee has considered whether its principal auditor's provision of non-audit services to the company is compatible with maintaining the principal auditor's independence should suffice.

If greater than 50% of the hours worked on the company's audit engagement is performed by persons other than fulltime, permanent employees of the audit firm, the percentage must be disclosed. The SEC believes that investors should be informed when most of the work on an audit is performed by individuals who are not employed by the audit firm. It apparently is the practice of some small or midsized audit firms to sell their non-audit practices and then lease back audit personnel. No disclosure is required unless the principal audit firm has such arrangements.

In the adopting release, the SEC cites with approval the report of the O'Malley Panel, which was issued months before the SEC decided on its final rules and provided specific guidance regarding many types of non-audit services. The Panel's report includes the recommendation that audit committees consider whether a non-audit service "facilitates the performance of the audit, improves the client's financial reporting process, or is otherwise in the public interest." The O'Malley Panel also recommended that audit committees consider:

• whether the service is being performed principally for the audit committee;
• the effects of the service, if any, on audit effectiveness or on the quality and timeliness of the company's financial reporting process;
• whether the service would be performed by specialists who ordinarily also provide recurring audit support;
• whether the service would be performed by audit personnel and, if so, whether it will enhance their knowledge of the entity's business and operations;
• whether the role of those performing the service (e.g., a role where neutrality, impartiality and auditor skepticism are likely to be subverted) would be inconsistent with the auditor's role;
• whether the audit firm's personnel would be assuming a management role or creating a mutuality of interest with management;
• whether the auditors, in effect, would be auditing their own numbers;
• whether the project must be started and completed very quickly;
• whether the audit firm has unique experience in the service; and
• the size of the fees for the non-audit services.

Although the SEC does not expressly incorporate any of the Panel's recommendations into the new rule, the adopting release encourages audit committees to consider them. In light of this endorsement by the SEC, we believe audit committees should give serious consideration to the Panel's recommendations when appropriate.

Failure by a company to disclose the required information properly in its proxy statement could be a violation of Section 14(a) of the Exchange Act of 1934 and Rules 14a3 and 14a9 thereunder. The SEC and private individuals could challenge the adequacy of a company's proxy disclosures by seeking an injunction in federal court. Public companies and audit firms should note that the SEC staff expects that all provisions of the new rule will be complied with and does not intend to grant noaction relief where the rule is clear. In a speech on December 6, 2000, Lynn Turner, the SEC's chief accountant, warned the business community and the AICPA to expect added SEC staff scrutiny and possible enforcement action if the new rules are violated.

The following services presumptively impair independence and may not be provided to audit clients unless specified conditions are met:

• Bookkeeping or other services related to the audit client's accounting records or financial statements. A company may not outsource to its audit firm services relating to (i) maintaining or preparing accounting records, (ii) preparing financial statements filed with the SEC or that form the basis of such financial statements, or (iii) preparing source data underlying financial statements. This prohibition is essentially a codification of existing standards. The SEC has long considered the provision of bookkeeping services to be incompatible with independence because auditors providing the services would be auditing their own work.
• Exception: A company's auditors may perform bookkeeping services in emergency or other unusual situations, so long as they do not act as managers or make managerial decisions. The SEC currently recognizes this exception in its Codification of Financial Reporting Policies.
• Appraisal or valuation services and fairness opinions. A company may not retain its audit firm to perform appraisal or valuation services or render fairness opinions where it is reasonably likely that the results of these services would be material to the company's financial statements, or where the results of the services would be audited by the audit firm. However, consistent with positions the SEC staff has taken in the past, the provision of these services will not impair independence under the following circumstances:
• the auditor reviews the work of the client or a third party employed by the client (i.e., the auditor would not be auditing its own work);
• the valuation services relate to pension and similar benefits so long as management takes responsibility for significant assumptions and data underlying the valuation;
• the services are part of a tax planning strategy or for tax compliance purposes; or
• the valuation is for nonfinancial purposes and the results do not affect the financial statements.
• Actuarial services. A company may not retain its audit firm to perform actuarial services involving the determination of insurance company policy reserves and related accounts for the company, unless:
• the client uses its own or third party actuaries to provide management with the primary actuarial capabilities;
• management takes responsibility for significant actuarial methods and assumptions; and
• the auditor does not render the services to the client on a continuous basis.

The rule's restrictions on the provision of actuarial services are consistent with existing professional standards.

• Internal audit services. A company may not retain its audit firm to perform internal audit services exceeding 40% of the total hours expended on the client's internal audit activities that involve internal accounting controls as opposed to operational auditing, unless the company has assets of less than $200 million. In addition, no internal audit services may be performed by the audit firm unless certain conditions, which relate to the assumption of responsibility by management, are met. This general approach has been required by professional standards for many years.
• Management functions. Under the new rule, the SEC will continue to preclude accountants from acting as directors, officers or employees of an audit client, or serving in a decisionmaking capacity with respect to the audit client. Violation by an accountant of this prohibition would impair the independence of his or her audit firm.
• Human resources. An audit firm may not perform certain human resources functions for an audit client that would result in its having an interest in the success or failure of the affected employees. For example, an audit firm may not be engaged to recruit or recommend job candidates, or evaluate them, for an audit client. This prohibition codifies existing professional standards.
• Brokerdealer services. An audit firm may not act as a brokerdealer, promoter or underwriter on behalf of an audit client, make investment decisions on the audit client's behalf or otherwise exercise discretionary authority over the audit client's investments, execute a transaction to buy or sell an audit client's investment, or have custody of assets of the audit client. This prohibition codifies existing professional restrictions.
• Legal services. A company may not purchase from its audit firm legal services under circumstances where the provider of the services would be required to be admitted to practice before the courts of a U.S. jurisdiction. In the adopting release, the SEC explains that its existing rules recognize that the provision of legal services to an audit client is inconsistent with independence. The new rules do not change existing SEC positions on the performance of legal services outside the U.S.
• Financial information systems design and implementation. Information technology (IT) services may not be provided by audit firms to audit clients unless the criteria described below are met. The majority of these criteria are included in the profession’s independence standards.

Under the new rule, an audit firm is not independent if it provides IT services to its SEC audit clients unless the following five conditions are met:

• The client's management must acknowledge to its audit committee and to the auditor management's responsibility to maintain a system of internal accounting controls.
• Management must designate an employee (preferably a member of management) to make all management decisions regarding the IT project.
• Management must make all significant management decisions with respect to the IT project.
• Management must evaluate the adequacy and results of the IT project.
• Management must not rely on the auditor as the primary basis for determining the adequacy of its internal controls and financial reporting systems.

The SEC also notes that the new rule does not impose restrictions on auditors' involvement in the design and implementation of internal accounting and risk management controls, provided the auditor does not act as an employee or perform management functions.

J. How Does The New Rule Affect Section 141(E) Of The Delaware General Corporation Law And Corresponding Laws Of Other States, Which Permit Board Members To Rely In Good Faith On The Opinions And Reports Of Professionals Or Experts As To Matters Within Their Competence? ²

Whether or not an audit firm is independent of a client appears to bear directly on the availability of §141(e)'s protections. Section 141(e) does not insulate directors from liability. Rather, it may be used as evidence that they met their duty of care through good faith reliance on experts selected with reasonable care who are competent to offer the advice. If an audit firm is not independent of a client, a court could find that a board's reliance on the audit firm was not in good faith or that, as a result of its lack of independence, the firm was not competent to offer advice to the company. However, Delaware courts could develop their own views on independence matters and would not be bound by the SEC rule or the adopting release.

An audit firm will not be independent if any partner, principal, shareholder or professional employee is employed by an audit client or serves on the audit client's board of directors or similar governing body. This principle remains unchanged from the SEC's existing independence standards.

The new rule does, however, expand the class of relatives of accountants whom audit clients may employ without jeopardizing the accountant's independence. An audit client may employ a close family member of a person who is part of the audit engagement team or the chain of command of an accounting firm (a "covered person"), so long as the family member is not in an accounting role or financial reporting oversight role at the audit client. Close family members are spouses, spousal equivalents, parents, dependents, nondependent children and siblings. There are no restrictions on employment of relatives who are not close family members, or employment of relatives of non-covered persons.

If a company wishes to employ a former partner, shareholder, principal or professional employee of its audit firm in an accounting or financial reporting oversight role, it must satisfy certain conditions or risk compromising independence. The conditions are that the former partner, shareholder, principal or professional employee may not:

• influence the audit firm's operations or financial policies;
• have a capital balance in the audit firm; or
• have a financial arrangement, other than one providing for regular payment of a fixed dollar amount pursuant to a retirement plan or similar vehicle, with the audit firm.

In the case of a former professional employee who has not been employed by the audit firm for more than five years, the last condition is satisfied if the fixed payments are immaterial to him or her (i.e., they need not be made pursuant to a retirement plan).

It is important to note that the new rule does not require that an individual be disassociated from the audit firm for any specified period of time before he or she may be hired by the audit client. The client could, therefore, hire such an individual immediately upon termination of his or her employment with the audit firm if the conditions listed above are met.

These provisions codify existing SEC positions and professional standards on employees.

No. The new rule adopts the existing professional standard that an audit firm may not provide any service or product to an audit client in exchange for a contingent fee or a commission.

Observance of the independence rules, including the prohibitions on certain financial relationships, is primarily the responsibility of the auditor. If, however, a company has reason to believe that a question might be raised as to its auditor's independence, it should work closely with the auditor to assure itself that independence is not compromised. Audit committees in particular should request and receive assurance from the company's outside auditor that it meets the SEC's independence standards and should take seriously any independence issues that come to their attention.

The effective date of the rule is February 5, 2001. The new proxy disclosure requirements must be complied with on filings after that date. Accordingly, companies must make the requisite new disclosures in their 2001 proxy statements.

Other portions of the new rule will go into effect at a later date. Until May 7, 2001, employment relationships between audit firms and their audit clients will not be found to impair independence if independence is not impaired under pre-existing independence standards, including standards of the Independence Standards Board and the accounting profession in the U.S.

The effectiveness of the new rule with respect to audit firms' performing for audit clients (i) appraisal or valuation services or fairness opinions and (ii) internal audit services will be deferred until August 5, 2002. Until that date, the independence of audit firms providing such services should be evaluated under pre-existing independence standards.

Until December 31, 2002, foreign offices of the largest audit firms need not implement certain new quality controls regarding auditor independence. These quality controls, if implemented, allow firms to benefit from a limited exception pursuant to which inadvertent violations of the independence rules will not compromise the firms' independence.

Finally, the rule contains a "grandfathering" provision for certain relationships and contracts between audit firms and their publicly owned audit clients. The provisions of the rule relating to employment relationships, which take effect on May 7, 2001, will not apply to relationships in existence on that date. Such relationships should be evaluated for independence purposes under pre-existing independence standards. Similarly, contracts for information technology services in existence on the effective date of the rule, February 5, 2001, need not conform to the requirements of the new rule and should be evaluated under pre-existing standards.

1 Release No. 3442266 (December 22, 1999) with respect to the new SEC audit committee requirements, Release No. 3442233 (December 14, 1999) with respect to the NYSE's changes to Section 303 of its Listed Company Manual, Release No. 3442231 (December 14, 1999) with respect to the NASD's changes to Rules 4200, 4310, 4320 and 4460 of its Manual and Release No. 3442232 (December 14, 1999) with respect to the AMEX's changes to Section 121 of its Company Guide..

2 Section 141(e) provides:

A member of the board of directors, or a member of any committee designated by the board of directors, shall, in the performance of such member's duties, be fully protected in relying in good faith upon the records of the corporation and upon such information, opinions, reports or statements presented to the corporation by any of the corporation's officers or employees, or committees of the board of directors, or by any other person as to matters the member reasonably believes are within such other person's professional or expert competence and who has been selected with reasonable care by or on behalf of the corporation.

Copyright © 2007, Mayer, Brown, Rowe & Maw LLP. and/or Mayer Brown International LLP. This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.

Mayer Brown is a combination of two limited liability partnerships: one named Mayer Brown LLP, established in Illinois, USA; and one named Mayer Brown International LLP, incorporated in England.