Posted by Nureen CHAN Wan Wei , Year 4 undergrad at the School of Accountancy, Singapore Management University
Last November, Francine McKenna reported in Forbes magazine how a stretched Securities & Exchange Commission, embarrassed at having missed Bernie Madoff’s $65 billion Ponzi scheme, had “reorganized its enforcement division, eliminating an accounting-fraud task force and adding new units to pursue crooked investment advisors and asset managers, market manipulations and violations of the Foreign Corrupt Practices Act.” Forbes wondered whether the SEC might end up overlooking the next Enron. Turns out, we weren’t the only ones worried. In April, former federal prosecutor Mary Jo White was sworn in as chairman of the SEC and quickly made clear there would be a renewed emphasis at the agency on detecting and punishing accounting shenanigans. In July, the agency announced formation of a new Financial Reporting and Audit Task Force which would, among other things, be using a new Accounting Quality Model (a.k.a. RoboCop).
In this fascinating guest post, John Carney, a former Securities Fraud Chief with the Department of Justice who is now head of BakerHostetler’s national White Collar Defense and Corporate Investigations Group and BakerHostetler associate Francesca Harker explain how RoboCop operates, what RoboCop 2.0 will do, and how corporate filers can avoid being profiled as potential wrongdoers by the SEC’s new tool.
Corporate Filers Beware: New “RoboCop” Is On Patrol
It may not be the superhuman robotic police officer who patrolled the lawless streets of Detroit in the 1987 sci-fi thriller, but corporate filers should be every bit as concerned about the Securities and Exchange Commission’s (“SEC”) new Accounting Quality Model (“AQM”), labeled not-so-affectionately by some in the financial industry as “RoboCop.” Broadly speaking, the AQM is an analytical tool which trawls corporate filings to flag high-risk activity for closer inspection by SEC enforcement teams. Use of the AQM, in conjunction with statements by recently-confirmed SEC Chairman Mary Jo White and the introduction of new initiatives announced July 2, 2013, indicates a renewed commitment by the SEC to seek out violations of financial reporting regulations. This pledge of substantial resources means it is more important than ever for corporate filers to understand SEC enforcement strategies, especially the AQM, in order to decrease the likelihood that their firm will be the subject of an expensive SEC audit.
The Crack Down on Fraud in Accounting and Financial Reporting
In his speech nominating Mary Jo White to take over as chairman of the SEC, President Obama issued a warning: “You don’t want to mess with Mary Jo.” That statement now seems particularly true for corporate filers given the direction of the SEC under her command. Previously a hallmark of the SEC, cases of accounting and financial-disclosure fraud made up only 11% of enforcement actions brought by the Commission in 2012. Since taking over as chairman, Ms. White has renewed the SEC’s commitment to the detection of fraud in accounting and financial disclosures.
“I think financial-statement fraud, accounting fraud has always been important to the SEC,” Ms. White said during a June interview “It’s certainly an area that I’m interested in and you’re going to see more targeted resources in that area going forward.” She has backed that statement up with a substantial commitment of resources. In July, the commission announced new initiatives which aim
to crack down on financial reporting fraud through the use of technology and analytical capacity, including the Financial Reporting and Audit Task Force and the Center for Risk and Quantitative Analytics (“CRQA”). These initiatives will put financial reports under the microscope through the use of technology-based tools, the most important of which is RoboCop.
RoboCop: Corporate Profiler
RoboCop’s objective – to identify earnings management – is not a novel one; rather, it is the model’s proficiency that should worry filers. Existing models on earnings management detection generally attempt to estimate discretionary accrual amounts by regressing total accruals on factors that proxy for non-discretionary accruals. The remaining undefined amount then serves as an estimate of discretionary accruals. The fatal flaw in this approach is the inevitable high amount of “false-positives”, rendering it useless to SEC examiners.
The AQM extends this traditional approach by including discretionary accrual factors in its regression. This additional level of analysis further classifies the discretionary accruals as either risk indicators or risk inducers. Risk indicators are factors that are directly associated with earnings management while risk inducers indicate situations where strong incentives for earnings management exist. Based on a comparison with the filings of companies in the filer’s industry peer group, the AQM produces a score for each filing, assessing the likelihood that fraudulent activities are occurring.
While the SEC will be keeping their factor-composition cards close to the chest, the “builder of RoboCop”, Craig Lewis, Chief Economist and Director of the Division of Risk, Strategy, and Financial Innovation (“RSFI”) at the SEC, has offered several clues about the types of information most likely to catch RoboCop’s attention (Is it just a coincidence that RoboCop’s movie partner was an Officer Lewis?).
“An accounting policy that could be considered a risk indicator (and consistently measured) would be an accounting policy that results in relatively high book earnings, even though firms simultaneously select alternative tax treatments that minimize taxable income,” said Mr. Lewis. “Another accounting policy risk indicator might be a high proportion of transactions structured as ‘off-balance sheet.’”
Frequent conflicts with independent auditors, changes in auditors, or filing delays could also be risk indicators. Examples of risk inducers include decreasing market share or lower profitability margins. This factor-based analysis allows for model flexibility, meaning examiners are able to add or remove factors to customize the analysis to their specific needs. The SEC will be able to continually update the model to account for the moves filers are taking to conceal their frauds.
Next Generation RoboCop
One of the perceived weaknesses of RoboCop is its dependence on financial comparisons between filers within an industry peer group. As Lewis points out, “most firms that are probably engaging in earnings management or manipulation aren’t doing it in a way that allows them to stand out from everybody else. They’re actually doing it so they blend in better with their peer group.”
To account for this, the SEC’s current endeavor is expanding the model’s capabilities to include a scan of the “Management Discussion & Analysis” (“MD&A”) sections of annual reports. Through a study of past fraudulent filings, analysts at RSFI have developed lists of words and phrasing choices which have been common amongst fraudulent filers in the past. These lists have been turned into factors and incorporated into the AQM
“We’re effectively going in and we’re saying: what are the word choices that filers make that maximize our ability to differentiate between fraudsters in the past and firms that haven’t had fraud action brought against them yet?” Mr. Lewis explained during a June conference in Ireland.
“So what we’re doing is taking the MDNA section, we’re comparing them to other firms in the same industry group, and we’re finding that in the past, fraudsters have tended to talk a lot about things that really don’t matter much and they under-report all the risks that all the other firms that aren’t having these same issues talk quite a bit about.”
Firms engaged in fraudulent activity have tended to overuse particular words and phrasing choices which are associated with relatively benign activities. They have also tended to under-disclose risks which are prevalent among a peer group. When a filer has engaged in similar behavior, RoboCop will flag these types of unusual choices for examiner review.
How the SEC Uses RoboCop
Although the SEC has cautioned that the AQM is not the “robot police coming out and busting the fraudsters,” filers would be wise to understand the power of this tool. RoboCop is a fully automated system. Within 24 hours from the time a filing is posted to EDGAR, it is processed by the AQM and the results are stored in a database. The AQM outputs a risk score which informs SEC auditors of the likelihood that a filing is fraudulent. The SEC then uses this score to prioritize its investigations and concentrate review efforts on portions of the report most likely to contain fraudulent information.
The results of RoboCop’s analysis will likely become the basis for enforcement scheduling and direction of resources in the near future. A filing’s risk score will determine whether a filing is given a quick, unsuspecting review, or whether it is thoroughly dissected by an SEC exam team, possibly leading to an expensive audit. The SEC has also said it plans to use the risk scores as a means of corroborating (or invalidating) the approximately 30,000 tips, complaints, and referrals submissions it estimates will be received each year through its Electronic Data Collection Systems or completed forms TCR.
Filing Successfully Under RoboCop’s Watch
The implementation of RoboCop is not necessarily bad news for filers. Those companies able to minimize their risk score will be less likely to face unnecessary SEC audits for innocent activity. With the SEC’s new whistleblower program in place, illegitimate tips from individuals seeking a payday are sure to increase dramatically. A low score from RoboCop will make tipsters’ claims less likely to be investigated. Similarly, an examiner suspicious of particular information in a filing may be less likely to seek a full audit for a corporation with a low risk score.
Avoiding an SEC audit in the age of RoboCop means companies should be sure to:
“Check your work.” When asked how companies can minimize the risk that their company is flagged, Mr. Lewis responded succinctly: “I would say check your work.” Because RoboCop is an automated system looking for oddities, it is unable to account for mistakes made. This is particularly important because the AQM relies on the newly-mandated XBRL data which is prone to mistakes by the inexperienced. Sloppy entries could land your company’s filing at the top of the list for close examination.
Adopt Accounting Polices Similar to Those in Your Industry Peer Group. A large part of RoboCop’s analysis involves comparison of accounting choices among industry peers. Because there are many industry-specific regulations, companies across an industry tend to make similar accounting choices. This is also true for the risks disclosed in the MD&A sections of filings. The new path to avoiding SEC investigations is blending in with the competition. When a company diverges from this path, RoboCop rings the alarm bells.
Stick With One Auditor. Because fraudulent filers of yore have frequently had multiple auditor disputes or frequently changed auditors, RoboCop now flags this behavior as a risk indicator. Last year, 866 (approximately 9%) of the companies that file with the SEC parted ways with their auditor. Of those companies, sixty-six had two auditors leave and two companies went through three auditors.
Reduce Off-Balance Sheet Transactions. While there are plenty of legitimate reasons a company may have significant amounts of off-balance sheet transactions, there are not as many legitimate reasons for this figure to be significantly higher than those in an industry peer group. Famous fraudsters Enron and Adelphia Communications Corp. used massive amounts of off-balance sheet transactions to conceal their ballooning debt.
Conservative Decision-Making Regarding Discretionary Accruals. RoboCop’s “Directive 1” is to identify accounting choices indicative of earnings management and chief among those indicators is questionable choices regarding discretionary accrual reporting practices. Any filer pushing the bounds of discretionary accruals should thoroughly explain their decisions in the filing, or they should expect to explain it to an SEC exam team shortly thereafter.
Be Prepared to Respond to SEC Inquiries. The presence of outliers in a filing does not mean your company is automatically viewed as an outlaw. According to Mr. Lewis, a filing flagged as risky “doesn’t necessarily mean the company’s done anything wrong.” Increased reliance on an automated model, even an accurate one, means examiners will come across filings with high risk scores which have not engaged in any fraudulent activity. Exam teams will be in more frequent contact with filers and will also more readily accept legitimate explanations for filing decisions. This means companies should be prepared to respond quickly to inquiries with a reasoned explanation for their accounting choices.
Perhaps the comparison of the SEC’s new AQM program to Robocop is a bit too fanciful, but RoboCop’s mantra that “anything you say can and will be used against you” still might be good cautionary advice for SEC filers.
John Carney, a former Securities Fraud Chief with the Department of Justice and a former senior enforcement lawyer with the SEC, co-heads the national White Collar Defense and Corporate Investigations Group at law firm BakerHostetler in New York. He can be reached at email@example.com. Francesca Harker is a litigation associate in BakerHostetler’s New York office who regularly works on white collar and corporate criminal matters. She can be reached at firstname.lastname@example.org. The authors want to thank Justin Sommerkamp, a summer associate at BakerHostetler in 2013, for his significant contribution to this article