Home > RSM Resources > Articles > Advantage > Governance/Board Room > Warning signs potential and existing board members should heed

RSM Resources

Back to RSM Resources
Governance/Board Room
Warning signs potential and existing board members should heed
 
Warning signs potential and existing board members should heed

Driven by the Sarbanes-Oxley Act of 2002 (SOX),new stock exchange rules and court rulings, directors of publicly owned companies increasingly provide active oversight to minimize corporate risk and protect shareholders’ investments as part of their expected duties.

"We see board members requesting more information, evaluating it and becoming more proactive," says Carolyn Kay Brancato, co-author of The Conference Board’s "Corporate Governance Handbook 2005: Developments in Best Practices, Compliance and Legal Standards." "Board members are devoting more time to identifying and monitoring risk — strategic, operational and financial — and relying less on management for their information."

As fiduciaries, directors who fail to actively monitor management may face substantial liability, including personal financial penalties, according to The Conference Board report.

Assuming more responsibility
A growing number of board members are independent, whereas previously they often had an interest in the company as investors or senior managers, Brancato says. This independence extends to board functions. For example, more internal audit committees have at least dotted-line responsibility to the board, and directors are assuming oversight of risk-management strategies.

It’s no longer enough to just attend meetings.Board members are expected to talk with company officials, request information and act on their findings. Given the increased responsibility of the position,potential and existing directors should be able to recognize warning signs that may indicate corporate fraud or mismanagement.

Steps for potential board members
Experts say candidates for a board position at a public company should conduct their own due diligence on the organization, which can include the following steps.

  • Watch for a prior-period adjustment. Financial-statement fraud is the most costly form of fraud per occurrence, according to the Association of Certified Fraud Examiners (ACFE). ACFE says this preventable loss costs an average of $4.25 million per incident. Restating a Form 10-K or other financial statement does not necessarily indicate fraud or any weakness in the organization. A change in accounting policy, for example, could yield a material change that requires restating financial results for an earlier period. Financial restatements also could mean an external auditor or even the IRS caught a mistake.
  • Review past Securities and Exchange Commission (SEC) filings. These public documents are available through the SEC’s Electronic Data Gathering, Analysis, and Retrieval system, commonly known as EDGAR. Watch for trends such as a decrease in sales or available cash, and review the background and history of the chief financial officer (CFO) and controller to verify their qualifications. Also, check on the external auditor. A larger audit firm may have more resources and industry-specific knowledge than a small, local organization.
  • Conduct discussions. Inquire about short- and long-term planning and forecasting, and ask to see reports from the internal auditors. If the internal auditors are in-house, try to determine their level of independence — whether the internal audit is their exclusive responsibility and whom they report to in the organization. Optimally, the internal auditors won’t have conflicting duties and will report directly to the board of directors.

Signs for existing board members
"There is no such thing as an immaterial fraud involving upper management," according to Joseph T.Wells, chairman and founder of ACFE. To help ensure proper oversight, board members should look for warning signs in three areas.

  • Operational concerns. Watch for signals of internal problems such as changes in senior management, particularly in key financial positions such as CFO or controller. Other warning signs include high employee turnover, director resignations and major one-time events — a large bad debt or warranty claim, for example.
  • Managerial challenges. Effective companies require clear lines of authority, consistent reporting and clarity of responsibility. Beware of any management system that relies too heavily on one person for decision-making, creativity or new-product development.
  • Financial or reporting problems. Ask questions about potentially negative trends, including lower profit margins, sustained losses and increased debt. And pay attention to any changes in the internal control structure, particularly actions that threaten the independence of the internal audit committee. Their reporting structure and responsibilities should be well defined.

Private companies, not-for-profits also affected
Directors of privately owned companies and not-for-profit organizations also should heed warning signals for fraud and mismanagement. While SOX addresses only publicly owned companies, some private firms and not-for-profits may find SOX best practices useful, provided the organizations have the resources to implement them. And experts anticipate SOX-like regulations may apply to private and not-for-profit organizations in the future — placing the same level of risk on their board members as for-profit companies.

Not-for-profit organizations, in particular,experience unique challenges. The size and qualifications of a not-for-profit staff may not be equal to a comparable for-profit organization. So directors of not-for-profits should pay particular attention to financial controls,especially those handled by volunteers.

Where to address concerns
Board members have the right, power and fiduciary responsibility to act when they suspect mismanagement in their organization. The internal audit committee is the appropriate contact for any management concern. Board members should be able to discuss any uncertainties with the internal audit committee at any time, and vice versa.

If the company is privately owned and lacks an internal audit structure, board members should bring any issues to the owner’s attention.

The structure that best prevents abuse
The old saying, "An ounce of prevention is worth a pound of cure," holds true for fraud prevention. A company structure that best prevents abuses includes the following measures.

  • Culture of accountability. An ethics statement is effective when it’s not just words but rather a value that senior management demonstrates. Employee fraud-prevention training, communicating the importance of reporting abuses and management reassurance help prevent fraud and stop ongoing issues sooner.
  • Fraud-prevention hotline. The least expensive fraud-prevention measure has also proven the most efficient. Studies show employees, contractors, and key suppliers and vendors will report wrongdoing if they can do so confidentially.
  • Independent internal audit committee. The internal audit committee should function independently of management and report to the board of directors. Audit committee members don’t need to be certified fraud examiners or other specialists, but they should have the ability to review financial statements and spot inconsistencies. It’s preferable that they have industry financial experience and knowledge of internal controls.
  • Knowledgeable external auditors. It’s not necessary to frequently change external auditors, because most firms require partner rotations to maintain an independent perspective. Be sure to use an audit firm where you know the auditors can contribute needed industry knowledge and best practices.

Becoming a member of an organization’s board of directors is a significant opportunity that comes with growing responsibility.The more potential directors know about the organization, the better guidance they can provide. Conducting due diligence before assuming an assignment and watching for warning signals will help board members fulfill their fiduciary obligations.

 
RSM McGladrey Inc. and McGladrey & Pullen LLP have an alternative practice structure. Though separate and independent legal entities, the two firms work together to serve clients’ business needs. RSM McGladrey is not a licensed CPA firm.

RSM McGladrey Inc. is a member of RSM International - an affiliation of separate and independent legal entities.

2007 RSM McGladrey Inc. All Rights Reserved. Contact us toll-free at 800.274.3978