Chapter 1
In This Chapter
Summarizing 70 years of securities law
Figuring out which companies must comply with SOX
Complying with enhanced reporting requirements under SOX
The Sarbanes-Oxley Act (SOX), which passed in 2002, is the most far-reaching attempt to protect investors since Franklin Delano Roosevelt's Securities Act of 1933 following the Great Depression. Like the New Deal securities laws of the 1930s, SOX comes on the heels of high-profile scandals at large corporations that caused significant harm to investors. It signals a new era in the relationship among business, government, and the investing public.
SOX is a broad piece of legislation that the Securities and Exchange Commission (SEC) is in charge of administering. It administers this legislation by passing specific rules for companies, audit firms, and stock exchanges to follow. The SEC has issued many comprehensive rules that provide much of the guidance that companies need. These rules help to clearly spell out the requirements of SOX.
This chapter covers the rules and gives you an overview of securities law and the important historical context of SOX. Understanding the objectives of securities law and how SOX serves those objectives can help you better understand your company's current reporting obligations and can help you prepare for future legislative trends.
To develop a sound SOX strategy for your company, you need to be aware of the securities laws that define the legal context of SOX and that are altered by its provisions. SOX amends many of the securities laws discussed in this section.
In the 1930s, the idea of laws to protect the investing public took hold among a hardworking generation that had seen the devastation of a stock market crash. Just prior to his 1932 reelection bid, President Franklin Delano Roosevelt assigned a former Federal Trade Commissioner, Huston Thompson, the task of drafting a securities law proposal to woo a depression-dazed electorate on the campaign trail.
Huston and the committee that convened to review his draft were faced with an early dilemma: Should the role of government be to protect the public from poor investments or simply to make sure that the public had enough information to evaluate investments on their own? In the end, the draft legislation opted for the disclosure approach, which is still used today.
The laws that ultimately emerged from Huston's draft are the Securities Act of 1933 (also known as the 1933 Act) and the Securities Exchange Act of 1934 (also known as the 1934 Act). Decades after their drafting, these two statutes remain the backbone of the federal securities regulation system. The objective of these laws goes beyond simply ensuring that companies fill out the right forms; the disclosures required are designed to provide all the information necessary for an investor to determine the true value of an investment that's offered to the public.
The Securities Act of 1933 is sometimes referred to as the “truth in securities” law, because it requires that investors receive adequate and thorough financial information about significant aspects of securities being offered for public sale. It expressly prohibits deceit, misrepresentation, and other fraud in the sale of securities. The 1933 Act contains a detailed registration process that companies must comply with before they can offer securities to the public. The burden and expense of completing the forms is the responsibility of the registering company, which is referred to as the issuer.
The SEC examines all registration documents for compliance with the 1933 Act. If the SEC determines that information is missing or inaccurate, the issuer may be denied registration and may lose its right to sell its securities in the United States. (Section 5(a) of the 1933 Act provides that it's “unlawful” to offer to sell a security to the public unless a registration statement is in effect.)
Companies undergoing the registration process are required to provide information about:
The registration statement must also include financial statements certified by independent accountants. (The requirements for audited financial statements are discussed more fully in several chapters in Book IX.)
Although the 1933 Act set ambitious goals and standards for disclosure (see the preceding section), it was silent on the practical aspect of enforcement. To plug this hole, Congress passed the Securities Exchange Act of 1934, which established the Securities and Exchange Commission (SEC) to implement the 1933 Act.
The 1934 Act established the ground rules under which the purchasers of securities may resell and trade shares by:
In effect, the 1934 Act requires a company to make certain information available to the public so that company's shareholders may resell their stock to members of the general public.
Many of the securities sold in the United States are private placement offerings (as explained in the next section), which aren't subject to registration under the 1933 Act but are subject to the civil liability and anti-fraud provisions of the 1934 Act.
The term private placement refers to the offer and sale of any security by a brokerage firm to certain investors but not to the general public.
Private offerings are “exempt from registration under the 1933 Act, subject to specific exemptions contained in Sections 3(b) 4(2) of the 1933 Act as interpreted by SEC Regulation D.” However, private placements may still be subject to portions of the 1934 Act and to state securities laws requiring registration as well as to certain provisions of SOX.
Regulation D Sections 504–506 establish three types of exemptions from the registration requirements of the 1933 Act:
For purposes of Regulation D, an accredited investor is defined in Rule 501(a) as someone who has the following characteristics:
Under the 1934 Act, the SEC has the power to register, regulate, and oversee brokerage firms, transfer agents, and clearing agencies as well as the nation's securities stock exchanges.
Periodic reporting requirements under the 1934 Act require full disclosure of facts subsequent to filing that are material or significant enough to affect investors’ decision-making processes. The 1934 Act also identifies and prohibits certain types of conduct in the markets, such as insider trading and market manipulation, and provides the SEC with disciplinary powers over regulated entities and persons associated with them.
The 1934 Act gives the SEC the authority to supplement securities laws by making its own rules for carrying them out. The SEC passes its own regulations, which have the same force, effect, and authority as laws passed by Congress.
The Securities Exchange Act of 1934 directs the SEC to require periodic reporting of information by companies with publicly traded securities. These companies must submit 10-K Annual Reports, 10-Q Quarterly Reports, and Form 8-K for significant events. These reports are made available to the public through the SEC's EDGAR database located at www.sec.gov. (For details about the 10-K, 10-Q, and 8-K, see “The Post-SOX Paper Trail” later in this chapter.)
Additionally, the 1934 Act imposes special reporting requirements on companies in the following contexts:
The 1933 Act covers offers and sales by issuers (companies whose securities are offered), while the 1934 Act defines what information those companies must make available to permit their shareholders to trade company shares after purchasing them.
Section 16 of the Securities Exchange Act of 1934 establishes that it's illegal for management, directors, and other people having “inside” knowledge about a company to use that information themselves or to pass it on to others so that they can use it improperly to gain a financial benefit for themselves. Every member of the public should have an equal advantage when it comes to investing in public companies.
SOX Section 403(a) strengthens Section 16 of the 1934 Act by requiring company insiders to disclose to the SEC information about their stock transactions within two business days of when they occur. These disclosures are made on an 8-K filing, explained in the “The Post-Sox Paper Trail” section later in the chapter.
As part of an overall regulatory environment to protect investors, the Sarbanes-Oxley Act impacts disclosures required under the following laws:
To understand which parts of SOX apply to your company, you need to understand what type of investments are considered securities and which types of issuers are subject to or exempt from SOX.
For example, Section 807 creates a new securities fraud provision that appears in the criminal code. This provision makes it a crime “to defraud any person in connection with a security” or to obtain “by means of false or fraudulent pretenses, representations or promises, any money or property in connection with the sale or purchase of any security.” In order to determine whether you've broken the law under Section 807 and can be sent to jail, you need to know whether the transaction you've conducted involves a security. If it doesn't, you may still be sued in a civil action for fraud but won't serve time in a federal penitentiary under this provision.
SOX makes reference to the Securities Act of 1933 and the Securities Exchange Act of 1934 for purposes of defining what is and is not a security. Both acts contain similar definitions. The 1933 Act uses the following language:
[T]he term “security” means any note, stock, treasury stock, bond, debenture, security, future, evidence of indebtedness, certificate of interest or participation in any profit-sharing agreement . . ., pre-organization certificate or subscription, transferable share, investment contract, voting trust certificate, certificate of deposit for a security . . . or warrant or right to subscribe to or purchase, any of the foregoing.
There has long been confusion about the term investment contract as it's used in the definition of a security along with all the other terms. The use of this particular phrase has really extended the scope of transactions that the statute covers. Those words don't have any real meaning in a commercial context, so the courts have had to interpret them in deciding when an agreement between two or more parties constitutes an investment contract that's subject to the registration and reporting requirements of federal securities law.
A famous Supreme Court case in the 1940s, SEC v. WJ Howey Co., made it clear that federal securities law covers a broad scope of commercial transactions. In this case, the court held that companies that offered sections of orange groves for sale along with contracts to harvest the oranges and distribute the profits were indeed selling investment contracts subject to federal securities law and had to register such contracts with the SEC.
Under the Howey case, the key questions to ask in determining whether a particular transaction may be a security subject to SOX include the following:
SOX provides that issuers of all stock in all publicly traded corporations of all sizes must meet its requirements — that's a lot of issuers. Issuer is the term used to refer to companies that sell securities to the public and that either are required to register with the SEC or meet the requirements for an exemption from registration.
Section 207(a) of SOX identifies the types of issuers that are subject to SOX, including:
After a company decides to go public, it has some important decisions to make about how to market its shares to the public: Should it register to sell the shares on a stock exchange? If so, which exchange?
In 1792, 24 men signed an agreement to sell securities among themselves, thus creating the New York Stock Exchange (NYSE). Today, the United States has several competing exchanges. The NYSE is home to some of America's best-known corporations, including General Electric, Exxon, Wal-Mart, America Online, IBM, and Lucent Technologies. NASDAQ is a competing stock exchange on which the stock of some equally impressive companies is traded, including Microsoft, Cisco Systems, and Intel. Other exchanges available to companies include the NASDAQ SmallCap Market and the American Stock Exchange (AMEX).
Companies don't directly sell shares on an exchange; rather, they're permitted to list shares on an exchange, selling them through licensed professionals.
Each stock exchange has its own listing requirements, which may include the following:
In general, requirements for listing on the NASDAQ are less restrictive than those for the NYSE, which is why many newer high-tech companies elect to list with the NASDAQ.
For example, the NYSE requires companies to have either $2.5 million before federal and state income taxes for the most recent year and $2 million pretax for each of the preceding two years or an aggregate of $6.5 million pretax for the three most recent fiscal years. All three of those years must be profitable. In contrast, the NASDAQ requires only $1 million in pretax income in two of the last three fiscal years. It also offers some alternative standards to pretax income that are easier for emerging companies to meet; these standards are based on factors including assets, revenues, operating history, and market value. As for the NASDAQ SmallCap Market and the AMEX, both have low threshold requirements for listing with them.
When a company elects to list on an exchange, it must register the class of securities under the Securities Exchange Act of 1934, agreeing to make public information available and follow the other requirements of the 1934 Act. In addition to complying with federal securities law, the company may also have to comply with state securities laws, known as blue sky laws, in at least one state in which it operates.
Some companies that aren't required to register with the SEC have been surprised to learn that parts of the Sarbanes-Oxley Act apply to them. The fact that a company is exempt from registering with the SEC doesn't mean it's exempt from complying with SOX.
Historically, the 1933 Act and the SEC have held the authority to exempt certain types of small companies and securities and offerings from SEC registration in order to help them acquire capital more easily by lowering the cost of offering securities to the public.
Exemptions are based on the type of security (for example, a bank is regulated by the Banking Commission, so bank stock is exempt) or on the type of transaction (for example, sales of less than $1 million are exempt from federal registration under Rule 504 of Regulation D, promulgated under the 1933 Act). Most states exempt offers and sales to only a limited number of investors (for example, 25 persons in a single offering in Wisconsin). In 1996, Congress passed the National Securities Markets Improvements Act, which requires states to impose a uniform exemption under Rule 506 of Regulation D, which all states must obey. (For more about Regulation D, see “Keeping offerings private under Regulation D” earlier in this chapter.)
Prior to SOX, these exemptions and waivers left a regulatory gap in the securities field and meant that many companies the public was investing in didn't have to go through the registration process and were subject to little other government oversight. Some shaky companies were exempted from tough scrutiny to the detriment of the investing public. The types of offerings exempt from regulatory oversight included:
SOX doesn't have any direct effect on registration exemptions. The vast majority of small offerings are exempt from registration.
According to 30-year veteran securities attorney, Richard Kranitz, “Even the most carefully planned and highly funded start-ups involve great risk, but also potential reward. They also are the source of around 60 percent of all new jobs in the United States and most of its economic growth. They need to be able to issue securities to raise capital to survive, to grow, and to prosper.”
The Sarbanes-Oxley Act doesn't contain small-company exemptions like a lot of other federal laws do. SOX is intended to protect investors regardless of the size of the public company in which they're investing. However, Congress and the SEC have both realized how much more burdensome compliance can be on small, publicly traded companies (particularly when it comes to Section 404). So, to help small companies without leaving investors unprotected, the SEC created rules that refer to companies that have less than $75 million in publicly solicited investment and debt as “non-accelerated” filers. The SEC also gave small companies more time to comply (but only after rejecting pressures and pleas to exempt small companies altogether).
Under the latest extension, non-accelerated filers (including foreign private issuers that are non-accelerated filers) must include in their financial statements a management report that attests to the company's internal control over financial reporting.
Congress has made clear that it intends for some provisions of SOX to apply to all companies that sell their securities, regardless of whether these companies are required to register with the SEC.
These catch-all provisions are
Registration with the SEC is a milestone for companies going public, but it's only the beginning of the reporting relationship. After a company is registered as an issuer of securities, it's subject to annual and periodic reporting requirements that extend over the life of the company. SOX dramatically changes the content, depth, and frequency of the reports — the 10-K, 10-Q, and 8-K — that must be filed with the SEC.
Form 10-K is an annual report that companies must provide to their investors and make publicly available on the SEC database. Many companies seize this opportunity and make their annual reports glossy marketing tools that tout the growth and accomplishments of the company over the past year. They know their 10-Ks will be reviewed by existing and prospective investors as well as securities rating companies.
SOX-mandated enhancements to 10-K annual reports include:
Form 10-Q is a quarterly supplement to the annual 10-K report; it contains updates to the annual disclosures. 10-Q reports provide a more current view of financial performance than annual reports, and analysts often compare the actual data contained within the 10-Q to prior projections that may have been released by overly optimistic corporate management.
Form 8-K is a short and simple form that a company must file when certain types of events occur, such as the ceasing of a commercial activity or the departure of company officers or directors. The list of events that trigger the filing of an 8-K has grown over the years, particularly as a result of SOX. The content of Form 8-K is limited to a few salient facts about the triggering event.
18.217.5.86