Australia: SEC Adopts Certification Rules For CEO´s And CFO´s- How Australian Companies Are Affected

Article by Ms Cécile King, Associate

On 27 August 2002, the Securities and Exchange Commission (the "SEC") adopted new rules:

• mandating CEO and CFO certifications of annual and quarterly reports filed under the Securities and Exchange Act of 1934, as amended (the "Exchange Act"); and
• requiring issuers to maintain, and regularly evaluate the effectiveness of, certain disclosure controls and procedures (a concept introduced by the new rules) designed to ensure that the information required in reports filed under the Exchange Act is recorded, processed, summarised and reported on a timely basis.

The new rules, which, among other things, implement Section 302 of the Sarbanes-Oxley Act of 2002 (the "Act"), were issued on 29 August 2002 and became effective immediately. As had been announced by the SEC following the enactment of the Act, these rules extend the certification requirement to non-US issuers. Therefore, Australian companies that meet the issuer requirements set forth in the new rules are covered by the certification requirement, and are required to maintain adequate disclosure controls and procedures.

New rules 13a-14 and 15d-14 of the Exchange Act require an issuer's principal executive officer or officers and the principal financial officer or officers, or persons performing similar functions (the "Certifying Officers") each to certify the financial and other information contained in each annual and quarterly report filed or submitted to the SEC pursuant to Section 13(a) or Section 15(d) of the Exchange Act.

The new rules also require the Certifying Officers to certify that:

• they are responsible for establishing, maintaining and regularly evaluating the effectiveness of the issuer's disclosure controls and procedures;
• they have made certain disclosures to the issuer's auditors and the audit committee of the board of directors about the issuer's internal controls; and
• they have included information in the issuer's annual and quarterly reports about their evaluation and whether there have been significant changes in the issuer's internal controls or in other factors that could significantly affect internal controls subsequent to the evaluation.

The exact certification statements required by the new rules are accessible at www.sec.gov/rules/final/33-8124.htm.

Unlike the SEC's own proposal released last June regarding periodic certifications, Section 302 of the Act clearly applies to foreign private issuers. Therefore, the certification requirement applies to the principal executive officers and principal financial officers of Australian companies that file reports under Section 13(a) or 15(d) of the Exchange Act. Thus, certifications are required in annual reports on Form 20-F filed by such companies. Although Form 20-F is not required to be signed by any specific executive officer, the SEC noted in its final rule release that it believed it to be the clear intent of the US Congress to require that the appropriate officers execute and submit the required certification in an annual report filed under the Exchange Act on Form 20-F.

The new rules, however, do not apply to Australian companies with a Level 1 ADR program in the US who submit information to the SEC pursuant to a Rule 12g3-2(b) exemption under the Exchange Act. In addition, current reports on Form 6-K are not covered by the certification requirement.

Any Certifying Officer making a false certification could be held liable in SEC and private actions for violations of the anti-fraud provisions of the Exchange Act and separately under the Exchange Act liability provisions.

New Exchange Act Rules 13a-15 and 15d-15 also apply to Australian issuers covered by the certification requirement and require such companies to maintain disclosure controls and procedures. These are defined as controls and other procedures of an issuer that are designed to ensure that information required to be disclosed by the issuer in the periodic reports filed or submitted by it under the Exchange Act is recorded, processed, summarised and reported, within the time periods specified in the SEC's rules and forms. These disclosure controls and procedures are separate from the systems of internal control which reporting companies are currently required to establish and maintain with respect to their financial information only.

Australian issuers to which the certification requirement applies must also comply with these procedural requirements. The SEC acknowledges that these requirements may be inconsistent with the laws or practices of the foreign private issuers' home jurisdiction and stock exchange requirements. The SEC believes, however, that the maintenance of disclosure controls and procedures is an important part of satisfying the certification requirement.

Although there is no specific certification requirement relating to current reports on Form 6-K, disclosure controls and procedures are required to be designed, maintained and evaluated to ensure full and timely disclosure in such reports.

In addition, these new rules also require the issuer, under the supervision of the Certifying Officers, to conduct an evaluation of the effectiveness of the design and operation of the issuer's disclosure controls and procedures within 90 days of the filing date of any quarterly or annual report filed under the Exchange Act.

The SEC recommends that an issuer create a committee with responsibility for considering the materiality of information and determining disclosure obligations on a timely basis. Such a committee would report to senior management, including the Certifying Officers.

The SEC has added new items covering specific disclosure requirements regarding the evaluation of an issuer's disclosure controls and procedures and internal controls for Forms 20-F.