By Marcus J. Williams and Shana L. Moran
Section 404 of the Sarbanes-Oxley Act of 2002 requires that the Securities and Exchange Commission adopt disclosure requirements for a periodic "internal control report." The report must describe management's responsibility for establishing and maintaining a series of internal controls and must contain an assessment of those controls as of the end of the preceding fiscal year. The auditor's report for those financial statements must "attest to, and report on," management's assessment.
As directed, on June 5, 2003, the SEC issued final rules requiring companies subject to the reporting requirements of the Securities Exchange Act, other than registered investment companies, to include in their annual reports, in addition to other reporting obligations, a management report on the company's internal controls over financial reporting.
On our website, please find an advisory bulletin prepared to assist issuers in evaluating or redesigning their internal control systems and procedures to comply with the new Section 404 regulations. Issuers should also note that the requirements to evaluate, report and certify internal controls under Section 404 are in addition to the senior officer certification requirements for "disclosure controls and procedures" currently in effect under Section 302 of the Act. As a result, this bulletin also discusses the certification requirement under section 302 as it relates to Section 404 compliance and recommends a few practical guidelines for designing working controls and achieving reporting compliance.
This Corporate Finance News Brief is a publication of the Business Transactions/Corporate Finance Group of Davis Wright Tremaine LLP. It is not intended, nor should it be used, as a substitute for specific legal advice as legal counsel may only be given in response to inquiries regarding particular situations.
Copyright © 2003, Davis Wright Tremaine LLP.