Disclosure Controls (Section 302) 836

  • I am sorry, if I am asking something that already has been discussed here.
    I am writing my thesis on SOA and have difficulties to understand the provisions of the Section 302 regarding disclosure controls as defined under the SEC Final Rule 33-8124.
    The SEC is not really giving any directions on how these procedures over disclosure controls should look like and I was wondering if someone here could give me a practical example as how his/her company has solved this.? Are these disclosure controls captured in the same manner as the internal controls, or is it just an established procedure like e.g. a monthly management meeting where the disclosure issues are discussed?.
    An answer would be appreciated, since you will agree that there is little sense in writing down the theory if one does not understand the essence of it.
    Thanks in advance.

  • Minnie:
    As I understand your question, the controls related to the disclosures are - typically to be included in the company’s audit charter in the first place. Failures within the internal control environment that are significant and have contributed to the misstatement of financial reporting are generally included the disclosures.
    The disclosures are a requirement by theSOA law- however this can be seen as a BOD’s obligation /gesture to the shareholders to admit that the company management has acknowledged the lapses in the control environment.
    The Control Objective for the disclosure control - is to identify and present the disclosures (could be Material Weakness WRF to SOA) the board of directors. The supporting controls would include the management’s intentions and abilities to charter the control environment and effectively execute control activities to detect, deter and prevent fraud / misstatements in the financial reporting.
    The Control Activities related to disclosures could include:

    1. A mechanism to conduct independent Internal Audit Assessments
    2. A mechanism to assess the audit findings with relevance to Materiality
    3. A mechanism to discuss the findings with External Auditors
    4. A mechanism to report the disclosure in a complete and timely fashion
    5. Ongoing Process owner certification (Quarterly, based on Process Owner Self Assessments)
      Hope this helps. I would encourage you to visit Edgar, Morning Star websites and actually look the recent disclosures in 10K filings. This could give you an insight of the types of disclosures. Some of these may elaborate the process as how they identified, documented, discussed and published, remediated their disclosures.

  • Thanks a lot for your quick respond.
    I have looked at some of 10-K filings already, but all I could find was a statement that the disclosure controls are effective.
    This is why I am so confused: the SEC Final Rule No. 46-46427 says:
    'While Section 302 requires an issuer’s principal executive and financial officers to make specific statements in their certifications and to take the actions satisfying the representations made in the statements as to the issuer’s disclosure controls and procedures, it does not directly address the issuer’s obligations with respect to these controls and procedures . ’
    For me, it sounds like the SEC is not imposing any strict rules on the design form of the controls. On the contrary, the internal controls are documented extensively. And even their design has to be evaluated. To make it even more confusing, further in the Final Rule it is said:
    ‘New Exchange Act Rules 13a-15 and 15d-15 also require the issuer, under the supervision of the principal executive and financial officers, to conduct an evaluation of the effectiveness of the design and operation of the issuer’s disclosure controls and procedures…’
    So, does a company has to document the disclosure controls in the same manner as the internal controls?
    And if not, how can the CEO and CFO then certify the effectiveness of the design and procedures as required by the Final Rule?
    This is all so confusing… :roll:
    Thanks again.

  • Nobody?. Please, guys… you must have filed already, so disclosure controls statement were included in it. 😉

  • Sorry, the ‘Guest’ was me, Minnie.

  • Minnie,%0ABased on my experience -european/ASIA subsidiaries of a US listed cy, we did not address special attention to disclosure. the processes were documented taking into consideration the end - hitting Financial accounts.%0AIn fact, no separate process for the closing process (except for translation and consolidation) and no special narrative and control matrix at all concerning the process of gathering data for the disclosures. %0AThought the EU/Asia reduced weight on the worldwide transactions (less than 20%), disclosures covers all and need to be as accurate as complete… but that what happened and we got certified at the end of 2004 by a big 4.%0ARegards

Log in to reply