“I would describe the time period we are living through as an era of creative and aggressive enforcement by the US Securities and Exchange Commission (SEC),” said Latham & Watkins partner John Sikora. “The SEC has set a completely different tone with their ‘broken windows’ strategy, a tougher approach to sanctions and who they charge.”
Sikora joined Latham in 2014 after spending 16 years at the SEC, where he most recently was an Assistant Director in the Chicago Regional Office and the Asset Management Unit of the SEC’s Enforcement Division, a national specialized unit that focuses on misconduct by investment advisers, investment companies and private funds.
At Latham, Sikora’s practice focuses on enforcement matters covering all aspects of the US federal securities laws, including the registration, reporting and antifraud provisions of the Securities Act of 1933, the Securities Exchange Act of 1934, the Investment Advisers Act of 1940 and the Investment Company Act of 1940.
In this lw.com interview, Sikora talks about the SEC’s approach to big data analytics and the new era of creative and aggressive enforcement, and he offers practical tips for avoiding compliance issues and enforcement action.
How would you describe the re-tooled SEC?
Sikora: In the wake of the 2008 financial crisis, the SEC has transitioned from responding to the financial crisis to setting its own agenda. The SEC has publicly said that accounting investigations, financial fraud and issuer disclosures are areas of renewed focus.
How has the SEC evolved the way it uses data?
Sikora: One way that the SEC is trying to get smarter is in the way that it uses data. The SEC has made public statements in recent months about how it is capable of digesting big data. The agency is proud of its ability to use the data sources that it has to shape investigations and ultimately cases and policy. A big part of that is analytics, and for public companies those analytics start with XBRL (eXtensible Business Reporting Language).
XBRL is the name for a computer markup language that uses standard definitions, or taxonomies, to allow computers to recognize data for sophisticated viewing and analysis. A voluntary program for filing XBRL-tagged financial statements started in March 2005. In January 2009, the SEC issued final rules to phase in requirements that companies file with XBRL-tagged financial statements. When corporations use XBRL for their filings, they are submitting a treasure trove of tagged data to the SEC that it can use for analytics.
What is the accounting quality model (AQM)?
Sikora: The accounting quality model is a data analytics program that culls XBRL data from financial reports to identify earnings management. The term earnings management is not necessarily pejorative in this context — the SEC is referring to any kind of earnings management, even earnings management within the bounds of permissible accounting. The AQM is meant to identify the earmarks of earnings management.
Using the XBRL data allows for comparisons of filings against industry competitors to identify anomalies. The AQM generates an automated risk score, which the SEC uses to identify companies for priority examinations. The SEC also has acknowledged that it is sharing these risk scores with enforcement — which could open an investigation based on a risk score alone. Additionally, the exam program that applies to broker dealers, investment advisors and investment companies also can use the AQM risk scores.
How does the accounting quality model (AQM) work?
Sikora: The SEC is looking at total accruals, which is accounting income minus cash flows. Non-discretionary accruals are being parsed out in the AQM so the SEC can get to what’s called the discretionary accruals, which are subjective and require judgment. Examples of discretionary accruals, which is what the SEC is focused on, would be bad debt expense, allowances for loans and lease losses, and fair value accounting. If a company is an outlier in the area of discretionary accruals, the SEC believes that is an accurate indicator of earnings management.
What factors are the SEC looking into when they look at discretionary accruals?
Sikora: There are factors that the SEC calls risk inducers; factors that it says induce earnings management — such as loss of market share or transient performance problems, at least in the short term. The SEC is also looking at risk indicators, which are factors that indicate earnings management. Examples include a high ratio of book to taxable income, off-balance sheet transactions, changes in auditor or delayed financial statements, or multiple revisions over a short period of time.
Is the SEC expanding the scope of the AQM?
Sikora: In addition to looking at companies’ financial statements for discretionary accruals as potential indicators of earnings management, the SEC has expanded the model to include an analysis of the words in the text of management's discussion and analysis (MD&A), press releases and other investor communications. The SEC has found that companies engaged in accounting fraud tend to talk a lot about things that are essentially irrelevant — and not a lot about the real issues for companies in their particular industry. These companies have become outliers in the way they talk about their financial statements and their performance.
When will the SEC require more admissions of guilt in settlements?
Sikora: Another area where the SEC is getting tough is in requiring admissions in settlements. But it’s very hard to predict for any particular case whether the SEC will require admissions. If you look at the factors for when the SEC will require settling parties to admit facts, these factors give the SEC almost total discretion. One factor tells you all you need to know — the SEC can require admission in cases where the admission would aid investors deciding whether to deal with a particular party in the future. This factor probably captures every case you could imagine.
Does the SEC’s tougher approach include suing individuals?
Sikora: One of the criticisms coming out of the financial crisis was that the SEC would sue a bank but not a senior executive at a bank. The SEC has made it clear that it is much more focused on suing executives and firms. It can ask for a court order imposing a bar on an individual from working in the securities industry or serving as an officer or director of a public company. Barring individuals not only punishes past actions, but can reduce the likelihood that the individual can commit any further wrongdoings on the public.
How can public companies stay off the SEC’s enforcement radar screen?
Sikora: One of the easiest things a company can do to avoid attracting the SEC’s attention is to avoid making mistakes in XBRL filings and revisions/restatements. A company could look like an outlier by the mere fact that its XBRL coding was incorrect. So “foot faults” can count against a public company.
Knowing that the SEC is looking for aberrations and outliers, it is important for companies to benchmark themselves relative to their industry and peers and make sure the company knows where it fits. In terms of performance and filings, companies should double check all calculations in marketing materials and quarterly reports; be aware of the performance of peer companies, as well as peer companies’ accounting policy choices and risks disclosures. Public companies should consider disclosing additional details when deviating from the industry, and document and be prepared to explain any differences from their peer group. And lastly, companies should document and be prepared to explain discretionary accrual accounting policies.
For internal controls, companies should identify and analyze high-risk areas, including instances of multiple revisions or errors; promptly investigate reports of improper conduct through robust internal compliance programs; and ensure adequate communication among management, audit committee members and auditors.
On the books and records front, companies should keep in mind the importance of being on top of how accountants and other personnel communicate with each other and with management, the board of directors and auditors. During an investigation, the SEC staff will look carefully at internal communications, which generally will include not just e-mails but instant messages, text messages and chats.
