Speech by SEC Commissioner:
SEC Initiatives Under Sarbanes-Oxley
and Gramm-Leach-Bliley
by
Commissioner Cynthia A. Glassman
U.S. Securities and Exchange Commission
ABA Trust, Wealth Management and Marketing Conference
Tampa, Florida
February 26, 2003
Thank you, Chris. It is a pleasure to be here. First, let me make the standard disclaimer: the views I express here today are my own and not those of the Commission or its staff.
Your invitation to speak today about SEC initiatives could not have been more timely -- for three reasons. The first reason is that I have just passed the one-year anniversary of my swearing-in as a commissioner of the SEC. It has been an exciting year, but I hope, for all our sakes, that 2003 is a little less exciting. The second reason is that it has been really cold and snowy in Washington - I love Tampa's weather! And based on the weather reports from DC, I may have the opportunity to join you here for the rest of the conference.
The third reason is that the Commission has just adopted a number of important new rules pursuant to the Sarbanes-Oxley Act of 2002 as well as the dealer rules under Gramm-Leach-Bliley. I know that, as bank trust department executives, you want to hear about our progress on Gramm-Leach-Bliley, and I am eager to talk about it too because I have a personal interest in the subject. Gramm-Leach-Bliley was the first area that former Chairman Pitt asked me to focus on when I joined the Commission. He figured that, with my bank regulatory background, I was a natural to tackle the assignment. But before we turn to Gramm-Leach-Bliley, I want to bring you up to date on the Commission's progress in implementing another important piece of legislation, the Sarbanes-Oxley Act of 2002.
Sarbanes-Oxley was enacted last summer in response to financial frauds at Enron, WorldCom and other corporations and the realization that many of the "gatekeepers" responsible for preventing fraud had fallen down on the job. Congress recognized that dramatic steps were needed to right the system and restore investor confidence. Under the new legislation, Congress directed the Commission to adopt rules to increase the accountability of CEOs and CFOs, improve the quality of financial reporting and raise professional, legal and ethical standards for the gatekeepers of our financial system -- analysts, auditors, audit committees, boards and attorneys.
As bank trust officers, you will appreciate that the goal of Sarbanes-Oxley as well as the new rules we have adopted is to improve investor protection and regain investor trust and confidence. While not all of our new rules may affect you or your clients directly or your investment activity on their behalf, the core principles we are trying to implement -- investor protection and restoring investor confidence -- apply across the board. Trust is part of your name, and trust is what it's all about.
Sarbanes-Oxley gave the Commission 90 days to implement some rules and 180 days to implement several more key rulemakings and conduct several studies, and there is more to come. You may not realize it, but 180 days did not give the Commission very much time to propose new rules in a number of different areas, analyze all the comments we received, modify rule proposals where necessary, adopt final rules and conduct several special studies. But we did it!
By the end of the 90-day deadline, we adopted rules accelerating the filing of quarterly and annual reports for certain issuers, requiring CEOs to certify quarterly and annual reports, and speeding up the disclosure of personal securities trading by corporate insiders. During January, we adopted nine new rules required by Sarbanes-Oxley and two additional rules affecting mutual funds and investment advisers. In the process of implementing Sarbanes-Oxley and other recent rules, the Commission received over 9,000 comment letters, each of which was read, carefully considered, and included in a comment summary that you can find on the Commission's website.
The following statistics are unofficial, but I'm told our adopting releases for the 11 rules totaled over 1,000 pages (double-spaced, 10-point font) (only lawyers could take over 1,000 pages to write 11 releases), and they contained over a quarter-million words. I'm also told - off the record -- that we reviewed over 113 different drafts, held over 2,700 man-hours worth of meetings, ate over 1,100 meals at our desks, and drank more than 4,800 cups of coffee!
All kidding aside, though, the Commission's staff worked incredibly hard, and showed why you will not find a better, more dedicated group of public servants. Thanks to their hard work, we were able to adopt rules requiring heightened standards of auditor independence, the disclosure of off-balance sheet arrangements, and the inclusion of a reconciliation to generally accepted accounting principles -- for earnings releases and other financial information prepared on a pro forma basis. We also adopted rules requiring companies to disclose whether they have codes of ethics for executive officers, and whether they have designated an "audit committee financial expert" on their audit committees. We published for comment a rule directing the exchanges and Nasdaq to prohibit the listing of the securities of any issuer that does not comply with the audit committee requirements of Sarbanes-Oxley, and we approved rule changes by the New York Stock Exchange and the NASD dealing with analyst conflicts. Finally, we adopted rules requiring securities lawyers to report evidence of fraudulent corporate conduct "up the ladder" to the chief legal or chief executive officer of the corporation or, if necessary, the board of directors.
Two of the Sarbanes-Oxley developments that may be of particular interest to you as bank trust officers are the quicker disclosure of personal transactions by officers and directors and Regulation BTR. On the disclosures, Sarbanes-Oxley itself changed the reporting deadlines for corporate insiders from 10 days after month end to two business days of the transactions, and the Commission amended its rules accordingly. Regulation BTR prohibits corporate insiders from trading in company equity securities during pension fund blackouts and requires issuers to notify employees of impending blackouts. I supported the rule because it is only fair that corporate insiders should be subject to the same rules as rank and file employees in these situations. However, given the infrequency of pension fund blackouts, it seems to me that the sun, moon and stars would have to be aligned - in a negative way -- for Regulation BTR to come into play.
We also took action that is expected to have a significant impact on the mutual fund industry. The Commission voted to require mutual funds and investment advisers to disclose their proxy votes, and we published for comment a requirement that funds and investment advisers adopt compliance policies and procedures and designate a chief compliance officer to implement them.
As an economist, an important part of my evaluation of proposed rulemakings is normally a cost/benefit analysis. The rulemakings under Sarbanes-Oxley required even more focus on an expanded cost/benefit analysis, but one constrained by very specific legislative requirements.
While we obviously wanted to do everything possible to prevent future Enrons and WorldComs, it was important to maintain a balanced approach. We tried our best to ensure that our rules targeted the root causes of past problems without overreaching our objectives or creating negative unintended consequences. In analyzing the Commission's new rules, I looked to several factors. What are we really trying to accomplish with this rule? Will the rule be effective in achieving its purpose or is it merely cosmetic? Does it make practical sense? Does it serve the purpose for which it was intended? Does it meet the spirit and the letter of the law? Do the benefits outweigh the costs? Does the rule go too far or not far enough? And finally, will it raise unrealistic expectations or create unintended consequences?
I will take you through my analysis with some of our new rules, starting with the analysts. Analyst conflicts came into the Sarbanes-Oxley spotlight for several reasons. Regardless of whether conflicts stemmed from the brokerage houses' desire to attract and retain investment banking business or a firm's or an analyst's holdings in stocks they were recommending, the impact of these conflicts became especially apparent in the aftermath of Enron, WorldCom, Tyco and others. Analysts continued to recommend these stocks even as the companies' prospects were deteriorating, and it was the retail investor who bore the brunt of the misleading recommendations.
Sarbanes-Oxley required the SEC to direct the New York Stock Exchange and the NASD to adopt rules dealing with analyst conflicts, and both organizations have done that and are working on more. I particularly support the requirement that research reports include price charts that track the price movements of the stock over a historical period relative to the analyst's recommendation. The price charts will give investors a basis to evaluate the accuracy and quality of an analyst's recommendation. If an analyst was recommending a buy while the stock was tanking, that will be apparent to investors who are thinking about trusting the analyst's views in the future.
The Commission will soon consider a $1.4 billion settlement with several Wall Street firms that will impose certain structural separations between the research and investment banking divisions of brokerage firms by prohibiting analysts' compensation from being based on investment banking revenues. In addition, for a five-year period, brokerage firms will be required to contract with independent research firms to provide independent research reports to their customers along with brokerage firm research.
While I hope that these measures will contribute to reducing analyst conflicts, I am more hopeful about the additional disclosures required under the global settlement -- disclosures cautioning investors to take research "with a grain of salt" and advising them not to base their investment decisions solely on a research report. In my view, one of the best things we will do for investors through the proposed settlement is to require the disclosure of an analyst's performance over an extended period. Whether or not research is characterized as "independent," the accuracy of the analyst's prior recommendations is something that I, as an investor, would want to know to assess that analyst's recommendations.
But no matter how much good information is available, it won't have an impact unless investors can make appropriate use of it. That's why I'm proud to say that I was a major proponent of the settlement providing for $85 million to be used for investor education. This is more money than we have ever had for investor education, and we want to use it wisely. The details have yet to be worked out, but we expect to create a foundation with strict accountability standards that will fund proposals for investor education programs from both the public and private sectors.
Let me turn now to the auditors. Auditor independence is another area in which the Commission recently adopted rules to carry out the Sarbanes-Oxley mandate. In the 1990's, changing business conditions placed pressure on auditors to diversify the services they offered public companies. At the same time, company management, which was increasingly being compensated through incentive-based stock and option packages, placed pressure on auditors to go along with whatever it took to meet Wall Street expectations. The pace of SEC enforcement actions against auditors -- primarily individual auditors -- quickened towards the end of the 1990s, and the recent demise of Arthur Andersen focused attention on the role of the public independent auditor as never before.
As a result, Sarbanes-Oxley created the Public Company Accounting Oversight Board, and called on the Commission to adopt new auditor independence standards. The rule we have just adopted is intended to make sure that auditors are truly independent of management. While our original proposal applied to a greater number of partners, both on and off the engagement team, we narrowed the final rule to require a five-year rotation for the lead partner of the audit team and the concurring partner, and a seven-year rotation for the lead partners of audit teams of major subsidiaries and other partners with a close relationship with the issuer.
While partner rotation provides the benefit of a "fresh set of eyes" and objectivity, I was not convinced that the expanded audit team rotation requirement originally proposed represented the correct balance between costs and benefits. Not only would it have imposed huge human resource and monetary costs, but it would have led, in my opinion, to confusion and, most likely, a decline in the quality of audits, especially in foreign jurisdictions -- certainly, an outcome that would have been counterproductive.
Besides, no matter how frequently partners rotate, there will be no improvement in the audit process if the concerns identified by members of the audit team are ignored by more senior partners within the accounting firms if their chief motivation is to keep the client at all costs. The audit team must be able to spot the issues, but the "tone at the top" is just as critical. We have seen too many cases in which an auditor identifies a concern, but influential partners higher up the ladder direct the auditor to look the other way on accounting irregularities.
Audit committees were another focus of Sarbanes-Oxley. Given apparent audit committee failures, Sarbanes-Oxley required the Commission to adopt rules to make sure that audit committee members are qualified to oversee the auditing and the financial reporting process and can do so independent of management and from the perspective of public shareholders. A rule in this area that I would put in the category of "helpful, but not sufficient" is the audit committee financial expert designation. The listing standards of the major exchanges and Nasdaq require audit committee members to be independent and financially literate and require one member with financial expertise, as they define that term. The Commission's new rule does not mandate that a company have a financial expert serving on its audit committee, but only to disclose whether or not it has one. If the company has an expert, it has to name the person and state whether the person is independent of management. The practical effect of the rule is, however, that boards will likely feel compelled to designate an expert.
Based on the comments we received and other public reaction, our original proposal clearly defined "financial expert" too restrictively. You read the press reports, I'm sure, about how neither Alan Greenspan nor Warren Buffett would have qualified as experts under the proposed rule. So we expanded the definition and did a reality check to make sure that the kind of person with the expertise we're looking for -- a person who has an understanding of, and experience with, financial reporting and U.S. or home country GAAP -- satisfied the definition, and I think we came out about right.
Still, no matter how financially expert an audit committee member is, he or she must also be truly independent. And I'm not just referring to technical compliance with the definition of independence contained in exchange listing standards. I have in mind a person with the intelligence, experience and understanding to know the right questions to ask of management or the auditors and the forcefulness and tenacity to ask a direct question and insist on a straight answer. Ideally, of course, all audit committee members - in fact, all board members -- should have these qualities.
And finally, the lawyers. Sarbanes-Oxley directed the Commission to adopt minimum standards for lawyers of public companies, including an "up-the-ladder" reporting mechanism for securities law violations. The Commission's rule proposal required attorneys, including foreign attorneys, "appearing and practicing before the Commission in the representation of an issuer," to report evidence of material violations of the federal securities laws and breaches of fiduciary obligations up the ladder to the chief legal counsel or the chief executive officer. If the chief legal or executive officer failed to respond appropriately, the attorney would be required to report the evidence to the audit committee, another committee of independent directors or the full board.
Lawyers accepted the necessity for "up the ladder" reporting, but many were opposed to the Commission's proposal to require an attorney to make a "noisy withdrawal" when the board of directors failed to respond appropriately. For you non-lawyers, and I am one of you, this means that the attorney would have to withdraw from representation of the company and report publicly to the Commission that the withdrawal occurred as a result of a material violation by the company. Commenters stated that the "noisy withdrawal" provision would turn lawyers into whistleblowers, force them to breach the attorney-client relationship, and chill communications between client and attorney.
In response to the comments, the Commission decided to put this part of the proposal back out for comment, along with a new proposal that would require the company to make the "noisy withdrawal," not the attorney. Our heightened governance standards may ultimately eliminate situations in which a lawyer would have to withdraw from representing a client and report the withdrawal to the Commission. I continue to believe, however, that some form of "noisy withdrawal" would be an important safeguard for shareholders. When a board is corrupt, I do not believe that shareholders would want the attorney, who in representing the company represents the shareholders as a whole, to do nothing to correct the situation. As I stated at our open meeting, I feel strongly that we should readdress this issue soon.
The ultimate goal of all of these new rules is to restore investor confidence, which is at the core of your client relationships. Technical compliance with these rules is not enough, however, to cure the problems of the past. The ultimate effectiveness of all of the new corporate governance rules will be determined by the "tone at the top." Adopting a code of ethics means little if the company's chief executive officer or its directors make clear, by conduct or otherwise, that the code's provisions do not apply to them. Designating a financial expert means little if the person designated, while technically qualified, does not possess the personal qualities required to do the job effectively. Auditors must be truly independent of management and carry out their responsibilities from the perspective of the public shareholder. Lawyers should take their up-the-ladder reporting responsibilities seriously and support and encourage their corporate clients to do the right thing, not just avoid doing the wrong thing.
And it is in this spirit of "doing the right thing" that we will approach the next phase of the implementation of Gramm-Leach-Bliley. As a starting point, we recognize that there are important distinctions between the main goal of banking regulation - which is safety and soundness - and the purpose of securities and broker-dealer regulation - which is investor protection. Congress' goal in enacting Gramm-Leach-Bliley was to ensure that U.S. investors receive the protections of the securities laws -- whether they purchase securities from a bank or a broker-dealer -- and the law made the Commission responsible for adopting rules that will achieve the goal of functional regulation.
When I began to work with the staff on this, the first thing I wanted to do was to improve the process and - hopefully - the outcome. The Commission's interim final rules were not well received -- an understatement, I know -- and we wanted to get back on a more positive, interactive track with the banks and the banking regulators. The problem was not just the substance of the rules, but also how we got there. To improve the process, we decided to tackle the bank dealer rules first. We reached out to the banks and held numerous meetings not just with lawyers, but with the banks' operational personnel as well to understand the practical business problems banks would face in complying with the new definition of "dealer" under Gramm-Leach-Bliley. It took us a long time to figure out what different banks do and how they do it, assess their transactions under the statutory framework, and develop proposals that would accommodate bank securities transactions.
After drafting rule proposals, the staff met with the bank industry groups and bank regulatory agencies to describe the new proposals and gauge the extent to which they met the needs of the banking industry. This process permitted the staff to make adjustments to accommodate industry concerns before presenting them to the Commission to be published for comment. On the whole, the bank representatives gave us very positive feedback. Feedback from the bank regulators was slightly less positive, but I think that everyone was pleased with our more transparent and interactive process.
The Commission adopted the bank dealer rules on February 6, 2003, setting a compliance date of September 30, 2003. The rules amended definitions in the asset-backed transactions exception from the definition of dealer, permitted both legs of a riskless principal transaction to count as a single transaction for purposes of the 500 transaction de minimis exemption, and added exemptions for custodial securities lending and non-custodial securities lending activity with "qualified investors."
We will now turn to the much more difficult task of defining terms under the "broker" exceptions. I do not have answers for you today on what the rules will be. I am sure, though, that you will be pleased to know that we will extend the deadline for compliance with the broker provisions well past the May 12th deadline. We have no illusions about the difficulty of the task ahead. There is more bank activity on the broker side than the dealer side and there are more exceptions to consider - 11 instead of 4. We have had very little consensus in the past on key exceptions for trust and fiduciary activities and for custody and safekeeping. But my chief goal in appearing here today is to assure you that we have an open mind and want your constructive and pragmatic input. I do not know where we will come out in the end. But we will continue to work with you to develop workable solutions. We have already begun meeting with banks on the broker exceptions to understand their businesses and the problems they face. Once we complete our process, we will discuss our new proposed rules with industry groups and bank regulators before we formally propose them for comment.
As an economist, I will approach the new process for the bank broker rules using the same factors that I used for Sarbanes-Oxley -- to provide maximum investor protection, while minimizing regulatory and practical burdens. The transparent process we now have in place should help us achieve workable exemptions that will satisfy my cost/benefit analysis. I cannot promise that we will have consensus on each and every point, but we are committed to a constructive and transparent process and to reducing regulatory burdens wherever possible, consistent with the protection of investors and the statutory goal of functional regulation.
Thank you. I know I've covered a lot of ground. I would be happy to take your questions.
http://www.sec.gov/news/speech/spch022603cag.htm
