We are concerned with what a company must have in place almost as soon as it becomes a public company in order to comply with the provisions of the Securities Acts added by Sarbanes-Oxley. The company and its counsel need an in depth understanding, but we will have to settle for less as an in depth understanding requires an extensive accounting background. Once the company files a registration statement under the Securities Act, assuming assuming, as can be expected< it becomes effective, the company becomes an “issuer” as defined by the Sarbanes-Oxley Act and subject to the major provisions of that Act. SOX ISSUER. Specifically, among other things, the financial statements of the company, including those that are part of the IPO registration statement, filed with the SEC have to be audited by a public company accounting firm registered with the Public Company Accounting Oversight Board (PCAOB). Sarbanes-Oxley provides that it is unlawful for any public accounting firm that is not registered with the PCAOB to “prepare or issue, or to participate in the preparation or issuance of, any audit report with respect to any issuer.”. As of November 29, 2007 there were 1,820 accounting firms registered with the PCAOB and you can go to the PCAOB Website to find a list of firms registered with the PCAOB.
We cannot ignore Section 404 of Sarbanes-Oxley, since it allegedly is the culprit driving some U.S. companies to go public and list abroad and keeping foreign private issuers from accessing U.S. capital markets. We do not expect you to be qualified as an expert witness in this area, but to know enough to advise a company contemplating going public what it faces in this regard and how to begin preparing for the transition it will require to being a public company. Public companies since adoption of the Foreign Corrupt Practices Act of 1977 have been required to maintain a system of what the SEC by rule now refers to as internal control over financial reporting (ICFR). Exchange Act, Section 13(b)(2)(B). Section 404(a) of SOX requires public companies (i.e. companies with a class of equity securities that are registered under the Exchange Act ('34 Act), or otherwise required to report under the Exchange Act) to file an annual management report assessing whether the company's ICFR are effective. Section 404(b) requires that the report be attested to in accordance with rules established by the Public Company Accounting Oversight Board (PCAOB) by the independent auditor reporting on its financial statements . The PCAOB is a creature of SOX and as noted above the annual financial statements of all public companies must be audited and reported on by an independent accounting firm registered with the PCAOB. The PCAOB adopted Auditing Standard No. 2 (AS-2) in response to Section 404(b). AS-2 required that the attestation include an audit and report on the effectiveness as of the end of the company's fiscal year of the company's ICFR. As a result, the annual auditor's report was (and is) both a report on the company's financial statements and the company's ICFR. This remains true notwithstanding the much criticized AS-2 as we discuss below was superseded by AS-5.
In lieu of our inability to do better we will rely on Exchange Act Rule 13a-15(f) to describe ICFR (Compare. Sarbanes-Oxley, Section 103(a)(2)(A)(iii), which definition is as follows:
Section 404 has been a source of complaints and controversy coming from several directions since the rules adopted by the SEC implementing Section 404(a) and AS-2 adopted by the PCAOB implementing Section 404(b) became effective for accelerated filers for fiscal years ending after November 15, 2004. The SEC rules and in particular the AS-2 adopted by the PCAOB were faulted for the cost of compliance; particularly with respect to smaller companies, both as to managements’ evaluation and the auditor’s audit and attestation. The cost among other things, according to the critics, was driving IPOs in particular to other world markets, including the Alternative Investment Market (AIM) of the London Stock Exchange. On September 19, 2006, Chairman Cox testified before the House Committee on Financial Services on the Impact of the Sarbanes-Oxley Act. Chairman Cox had mostly good things to say about Sarbanes-Oxley and as to concern about competitiveness with foreign capital markets he noted that many of them had adopted or were moving in the direction of adopting various aspects of Sarbanes-Oxley. With that introduction, he led into what he really wanted to discuss as follows:[3]
Let me turn now to the one notable exception to the largely positive record of change wrought by the Sarbanes-Oxley Act. The Section 404 internal control reporting requirements, as they have been implemented to date, have met with a variety of criticisms, particularly from smaller companies. What we have learned from our Section 404 compliance efforts to date is that the problems issuers have experienced thus far are not inherent in the language of the statute, but stem rather from the method of its implementation. We have also become convinced that there are no irreparable problems with Section 404 implementation, although fixing the problems that have been identified will be challenging. We are working with the PCAOB to help insure that this provision of the law is implemented efficiently and effectively.
Although it took a few months and events we do not detail, on May 23, 2007, the SEC in response to the criticism adopted Guidance as an Interpretive Release, which, if followed, constitutes compliance with Section 404. On May 24, 20007 the PCAOB adopted AS-5 to supersede AS-2, which is “designed” to reduce the cost of preparing-the Section 404(b) attestation and audit of ICFR. Before discussing either, we note relevant compliance dates.
To understand where we are at today we have to understand what has taken place with respect to Section 404 compliance dates, and to understand that we have to understand what was intended to be the unrelated process of accelerating filing dates of the Exchange Act periodic reports (annual report on Forms 10-K and quarterly report on Form 10-Q for domestic issuers). On December 27, 2005 the Commission adopted revised definitions of accelerated filers and established the final accelerated filing dates.[6] Under the revised definition there are two categories of accelerated filers—large accelerated filers and other accelerated filers. A large accelerated filer is one that has an aggregate worldwide market value of the voting and non-voting common equity held by its non-affiliates of $700 million or more; has been a ’34 Act reporting company for at least 12 calendar months and has filed at least one annual report.[7] An accelerated filer that is not a large accelerated filer is one that has aggregate worldwide market value of the voting and non-voting common equity held by its non-affiliates of $75 million or more, but less than $700 million; has been a ’34 Act reporting company for at least 12 calendar months, and has filed at least one annual report.[8] Non-accelerated filers have an aggregate worldwide market value of the voting and non-voting common equity held by its non-affiliates of less than $75 million
Large accelerated filers and other accelerated filers must file quarterly reports on Form 10-Q within 40 days of the end of each of the first three fiscal quarters, whereas non-accelerated filers continue to file them within 45 days of the end of the quarter. Large accelerated filers must file the annual report on Form 10-K within 60 days of the end of the fiscal year.[9] Other accelerated filers must file the annual report on Form 10-K within 75 days of the end of the fiscal year.[10] Non-accelerated filers continue to file annual reports on Form 10-K within 90 days of the end of the fiscal year.[11] The definitions are also applicable for foreign private issuers who file an annual report on Form 20-K, but the time within which the Form 20-K must be filed remains six months after the close of the fiscal year for all foreign private issuers filing annual reports on Form 20-K.[12]
All accelerated filers (including large accelerated filers) filing annual reports on Form 10-K have been required to comply with Section 404 since fiscal years ending after November 15, 2004. Accordingly, a number of accelerated filers have filed several annual reports that included the Section 404(a) report and the Section 404(b) auditor’s attestation and auditor’s audit report as to the company’s internal control over financial reporting ((ICFR). For purposes of exposition we may use (as we have been) ICFR as an acronym to refer to a company’s internal control over financial reporting
There have been several extensions of filing dates for non-accelerated filers, but we fast forward to what was the current situation[16] at December 11, 2007. Non-accelerated filers (i.e. filers that are not either accelerated or large accelerated filers) were not required to file an initial Section 404(a) annual evaluation of ICFR until they filed an annual report for fiscal years ending on or after December 15 2007. If filed for a fiscal year ending after December 15, 2007 (the initial Section 404(a) report for non-accelerated filers) but before December 15, 2008, the Section 404(a) report filed that year is not deemed filed for purposes of Exchange Act Section 18 liability unless it is incorporated by reference into a ’33 Act report or other Exchange Act filing.[17] Further non-accelerated filers were not required to file the auditor’s Section 404(b) attestation of the ICFR until the company is required to file its annual report for fiscal years ending on or after December 15, 2008.[18] Non-accelerated filers are required when filing their initial Section 404(a) report for a fiscal year ending on or after December 15, 2007, which includes managements assessment, to state as follows: [19]
This annual report does not include an attestation report of the company’s registered public accounting firm regarding internal control over financial reporting. Management’s report was not subject to attestation by the company’s registered public accounting firm pursuant to temporary rules of the Securities and Exchange Commission that permit the company to provide only management’s report in this annual report.”
This situation became fluid as to the Section 404(b) auditor's attestation and audit of ICFR when SEC Chairmen Cox testified before the U.S. House of Representatives Committee on Small Business that he intended to recommend to the Commission that it extend for another year (i.e. to fiscal years ending after December 15, 2009) the filing of the auditor's Section 404(b) auditor's attestation and audit report as to ICFR. Non-accelerated filers, however, would have to file the Section 404(a) management report as to the effectiveness of the company's ICFR for fiscal years ending on or after December 15, 2007. There will be no Section 404(b) auditor's attestation or audit of ICFR until at least two years later.
The Commission also adopted in the same Release[21] extending compliance dates a number of amendments as a result of which companies that were not previously public companies (newly public companies) have a transition period so that they do not have to file management’s Section 404(a) assessment in their first annual report or the Section 404(b) accountant’s attestation and audit report in their initial annual report. This is clear if nothing else from the fact that a new Note 1 was added to Item 308 of Regulations S-K and S-B to the effect that newly public companies do not have to include either the information called for by Item 308(a) (management’s evaluation of the company’s ICFR) or 308(b) (the auditor’s attestation) until they have been a reporting company and filed at least one annual report Such companies, however, must include a statement in the annual report in which they are allowed to omit the Section 404(a) assessment and the Section 404(b) attestation a statement to the effect that the annual report does not include either management’s report on internal control or the auditor’s attestation report because of the transition period “established by rules of the Securities and Exchange Commission for newly public companies.”[22] The amendments require a newly public company to fully comply with the internal control over financial reporting requirements when filing its second annual report with the Commission, allowing a company at least one annual reporting period from the time it becomes a public company to prepare for compliance.
We assume that after the one year transition period expires they will comply with the applicable Section 404(a) and Section 404(b) compliance dates then in effect.
On December 20, 2006, the Commission published proposed guidance for preparing the Section 404(a) management’s annual report.[1] On May 23, 2007, the SEC in an open meeting[2] adopted the Guidance as an Interpretive Release. The May 23 press release announced that the Commission “today unanimously approved interpretive guidance to help public companies strengthen their internal control over financial reporting while reducing unnecessary costs, particularly at smaller companies.” Chairman Christopher was quoted as follows:[3]
Congress never intended that the 404 process should become inflexible, burdensome, and wasteful. The objective of Section 404 is to provide meaningful disclosure to investors about the effectiveness of a company’s internal controls systems, without creating unnecessary compliance burdens or wasting shareholder resources. With the Commission’s new interpretive guidance for management on the evaluation and assessment of its internal controls over financial reporting, companies of all sizes will be able to scale and tailor their evaluation procedures according to the facts and circumstances. And investors will benefit from reduced compliance costs.
On June 20, 2007 the Commission issued its Adopting Releases with the specific language of the Interpretative Release[4] (hereinafter the Guidance or SEC Guidance) and the adoption of amendments to Rule 13a-15(c) (15a-15(c)), which requires the annual management’s evaluation of the company’s ICFR, to provide as follows:
Although there are many different ways to conduct an evaluation of the effectiveness of internal control over financial reporting to meet the requirements of this paragraph, an evaluation that is conducted in accordance with the interpretive guidance issued by the Commission in Release No. 34-55929 will satisfy the evaluation required by this paragraph.
The referenced Release being to the Interpretive Release setting forth the guidance, which if complied with constitutes compliance with the Rule. The Commission at the same time adopted a definition of “material weakness” and proposed for adoption a definition of “significant deficiency”[5] that it subsequently adopted.[6] The PCAOB on May 24, 2007, the day following the SEC announcement, announced the adoption, subject to SEC approval, of “Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements” (AS-5), to replace its previous internal control auditing standard, Auditing Standard No. 2 (AS-2). The Commission on June 25, 2007 unanimously approved Auditing Standard No. 5.[9]
The Guidance became effective immediately on its publication, although public companies (i.e., those required to file ’34 Act reports) that are neither accelerated nor large accelerated filers were not required to file the Section 404(a) annual report until fiscal years ending after December 15, 2007. The other side of that coin is that all public companies that are non-accelerated filers with calendar year fiscal years had to file their first Section 404(a) report for the fiscal year ending December 31, 2007.[1] The initial Section 404(b) audit (attestation) of effectiveness of the ICFR of non-accelerated filers, however, was not required until fiscal years ending after December 15, 2008.[3]
we leap forward to the end game, which is to determine based on the evaluation covered by the Guidance whether or not management identifies a deficiency or combination of deficiencies in ICFR that is (are) determined by management to constitute a material weakness. A single material weakness, precludes management from concluding that the company’s ICFR is effective.[1] In that event, the company's Form 10-K would have to disclose that management determined that its ICFR were not effective.
A material weakness is defined as:[2]
[A] deficiency, or a combination of deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of the registrant’s annual or interim financial statements will not be prevented or detected on a timely basis.
In the light of the foregoing, it makes sense that the first principle of the Guidance focuses on “the risk that a material misstatement of the financial statements would not be prevented or detected in a timely manner.” If the evaluation concludes that there is a reasonable possibility that the company’s ICFR will not prevent or detect timely a material misstatement, there is a material weakness in the company’s ICFR, and management will have to report the company’s ICFR is not effective. The first principle is but the first sentence of a paragraph that as bulleted by the author adds the following:
· The guidance describes a top-down, risk-based approach to this principle,
- including the role of entity-level controls in assessing financial reporting risks and the adequacy of controls.
· The guidance promotes efficiency by allowing management to focus on those controls that are needed to adequately address the risk of a material misstatement of its financial statements.
· The guidance does not require management to identify every control in a process or document the business processes impacting ICFR.
- Rather, management can focus its evaluation process and the documentation supporting the assessment on those controls that it determines adequately address the risk of a material misstatement of the financial statements.
- For example, if management determines that a risk of a material misstatement is adequately addressed by an entity-level control, no further evaluation of other controls is required.
The second principle of the Guidance focuses on using a risk-based approach in determining the evidence needed to evaluate the operation of controls designed to detect and prevent material misstatements in the financial statements. The one-sentence statement of the second principle also is the first sentence of a paragraph that we have also bulleted to elaborate as follows:
· The guidance provides an approach for making risk-based judgments about the evidence needed for the evaluation.
· This allows management to align the nature and extent of its evaluation procedures with those areas of financial reporting that pose the highest risks to reliable financial reporting (that is, whether the financial statements are materially accurate).
· As a result, management may be able to use more efficient approaches to gathering evidence, such as
- self-assessments, in low-risk areas, and
- perform more extensive testing in high-risk areas.
The Commission is confident that “[b]y following these two principles . . . companies of all sizes and complexities will be able to implement our rules effectively and efficiently.” This is a simplification as the Guidance expands on the two principles in detail that we do not pursue. We do provide a link to a "brochure" the Commission's staff subsequently published that purports to be a "plain English" explanation of Section 404(a) assessment for small business issuers. The brochure assures "it doesn't have to be a chore."
Give this treatment LITE as the details are for auditors of the future. Although AS-2 was applicable immediately to companies that are accelerated filers, it appears that it will not be applicable to non-accelerated filers (approximately 5,000 or 42% of all public companies) until fiscal years ending on or after December 15, 2009. This appears to be a 2007 "Christmas present" of the SEC and Chairman Cox since non-accelerated filers were expected to commence compliance with Section 404(b) for fiscal years ending on or after December 15, 2008.
The SEC Guidance and AS-5 each stand on their own. This is apparent from the fact that a company that follows the Guidance is deemed to have complied with Rule 13a-15(c)[1] (and counterpart 15a‑15(c)),[2] which requires the Section 404(a) annual management assessment of effectiveness of the company’s ICFR. AS-5 as adopted requires a representation from management that in making its assessment of the effectiveness of ICFR “management did not use the auditor’s procedures performed during the audits of internal control over financial reporting or the financial statements as part of the basis for management’s assessment of the effectiveness of internal control over financial reporting.” Par. 75(c). It also is relevant in this respect that AS‑2 (pars. 40-46) required the auditors to evaluate management’s process under the Commission’s rules implementing Section 404(a) in determining the effectiveness of the company’s ICFR. AS-5 eliminates the need to evaluate management’s process.
The six Introductory paragraphs to AS-5 make clear that a single material weakness in the company’s ICFR precludes the auditor from determining that the company’s ICFR is effective. Par. 2. In order to form an opinion as to whether a material weakness exists, the auditor must audit the company’s ICFR. Par. 4. This requires the auditor “to obtain competent evidence that is sufficient to obtain reasonable assurance about whether material weaknesses exist as of the date specified in management’s assessment.” Par. 3. Generally Accepted Accounting Standards (GAAS) are applicable as to, among other things, the auditor’s independence “and the exercise of due professional care, including professional skepticism.” Par. 4. The auditor should use the same “control framework” in making the required evaluation of effectiveness of ICFR as is used by the company (par. 5), which in most instances is the COSO framework.
Since so much emphasis has been placed on a top-down risk-based approach that emphasizes what is really important (“top-down, risk-based approach and focus on the most important matters”),[1] we move on to that part of AS-5 headed “Using a Top-Down Approach,” commencing at paragraph 21. This approach expects the auditor to start at the top with what is now referred to as “entity-level controls” to conform with SEC Guidance being the controls previously referred to by the PCAOB as “company-level controls.”
AS-5 refers to “scalability” in a single paragraph 13 as an aspect of planning the audit, noting the size and complexity of a company may affect how “the company achieves many of its control objectives,” and “also might affect the risks of misstatement and the controls necessary to address those risks.” Scalability should be viewed “as a natural extension of the risk-based approach and applicable to the audits of all companies. Accordingly, a smaller, less complex company, or even a larger, less complex company might achieve its control objectives differently than a more complex company.”
Since determining whether a material weakness exists involves evaluating deficiencies in ICFR, we go to paragraph 62 and the process of evaluating deficiencies. Not surprisingly, the severity of a deficiency depends upon (1) whether it may fail to prevent or detect a misstatement in the financial statements (account balances or disclosures), and (2) the magnitude of the potential misstatement. Par. 63. It does not require that a misstatement actually occurred, but whether there is a “reasonable possibility” that it will fail to prevent or detect a misstatement. Compensating controls are to be taken into account in determining whether it is a material weakness, and relevant in this respect is whether the compensating control “would prevent or detect a misstatement that could be material.” Par. 68.
Paragraph 69 lists four indicators of material weakness that because of their importance we list verbatim:
· Identification of fraud, whether or not material, on the part of senior management; [“senior management” include the chief executive and financial officers who sign the Section 302 certification, and as well as any other members of senior management who play a significant role in the company’s financial reporting process.]
· Restatement of previously issued financial statements to reflect the correction of a material misstatement;
· Identification by the auditor of a material misstatement of financial statements in the current period in circumstances that indicate that the misstatement would not have been detected by the company’s internal control over financial reporting; and
· Ineffective oversight of the company’s external financial reporting and internal control over financial reporting by the company’s audit committee.
Paragraph 70 of AS-5 evaluating the severity of deficiencies focuses on assuring that financial statements are prepared in accordance with GAAP, and adds a prudent official to the equation in applying the definition of a material weakness. :
When evaluating the severity of a deficiency, or combination of deficiencies, the auditor also should determine the level of detail and degree of assurance that would satisfy prudent officials in the conduct of their own affairs that they have reasonable assurance that transactions are recorded as necessary to permit the preparation of financial statements in conformity with generally accepted accounting principles. If the auditor determines that a deficiency, or combination of deficiencies, might prevent prudent officials in the conduct of their own affairs from concluding that they have reasonable assurance that transactions are recorded as necessary to permit the preparation of financial statements in conformity with generally accepted accounting principles, then the auditor should treat the deficiency, or combination of deficiencies, as an indicator of a material weakness.
The Committees on Law and Accounting and Federal Regulation of Securities of the ABA (hereinafter the Committees) Section of Business Law in its comments on AS-5 was critical of both the PCAOB and SEC Guidance in this respect, stating in part as follows "The prudent official standard with the word “might” is not an indicator based on a conclusion but rather an imprecise subjective judgment."
Paragraph 85 of AS-5 sets forth the detail of what is to be included in the opinion from (a) to (n), and the form included as paragraph 87 is an example of an unqualified opinion including those elements. We selectively note that subparagraph (k) provides the auditor’s report on ICFR is to include “[t]he auditor’s opinion on whether the company maintained, in all material respects, effective internal control over financial reporting as of the specified date, based on the control criteria.” Based on the form of the opinion included in paragraph 87, an unqualified opinion in this respect might read as follows:
In our opinion, W Company maintained, in all material respects, effective internal control over financial reporting as of December 31, 20XX, based on [Identify control criteria, e.g., COSO].
If the auditor’s evaluation of deficiencies as described above results in the conclusion there is one or more material weakness, the auditor must express an adverse opinion. Par. 90.
[1] See Introduction to AS-5, PCAOB Release No. 2007-005 (May 24, 2007), at p.3. Available at http://www.pcaobus.org/Rules/Docket_021/2007-05-24_Release_No_2007-005.pdf.
[1] 17 C.F.R. § 240.15a-15(c).
[2] 17 C.F.R. § 240.13a-15(c).
[1] SEC Guidance Release, Pt. II.B.1., 2007 WL 1791162, at *15 (“Management may not disclose that it has assessed ICFR as effective if one or more deficiencies in ICFR are determined to be a material weakness”).
[2] Rule 12b-2, 17 C.F.R. § 240.12b-2.
[1] Regulation S-K (S-B), Temporary Items 308T(a), 17 C.F.R. § 229.308(a), 17 C.F.R. § 228.308(a). See Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644.
[2] Id.
[3] See Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644.
[1] Sec. Act Release No. 8762 (Dec. 20, 2006), 2006 WL 3740310.
[2] SEC Press Release No. 2007-102 (May 23, 2007), available at http://www.sec.gov /news/press/2007/2007-102.htm.
[3] SEC Press Release No. 2007-101 (May 23, 3007), available at http://www.sec.gov /news/press/2007/2007-101.htm.
[4] Exch. Act Release No. 55,929 (June 20, 2007), 2007 WL 1791162 (hereinafter SEC Guidance Release).
[5] Exch. Act Release No. 55,930 (June 20, 2007), 2007 WL 1790876.
[6] See SEC Press Release No. 2007-144 (July 25, 2007), available at http://www.sec.gov/news/press/2007/2007-144.htm.
[7] Exch. Act
Release No. 55,876 (June 7, 2007), available at
http://www.sec.gov/rules/pcaob/2007/34-55876.pdf.
[8] Exch. Act Release No. 55,912 (June 20, 2007), 2007 WL 1791162.
[9] See SEC Press Release No. 2007-144 (July 25, 2007), available at http://www.sec .gov/news/press/2007/2007-144.htm.
[1] Alan Murray,” Panel’s Mission: Easing Capital-Market Rules,” Wall St. J. (Sept. 12, 2006).
[2] Deborah Solomon and Michael M. Phillips, “How Paulson Will Press Beijing, But Also Reject China-Bashing,” Wall St. J. (Sept. 13, 2006).
[3] Testimony of Chairman Christopher Cox, “Concerning the Impact of Sarbanes-Oxley Act, before the House Committee on Financial Services (Sept. 19, 2006).
[4] John McKinnon and Christopher Conkey, “Bush Gives Hope to Foes of Sarbanes-Oxley Law”, W.St.J. (Online edition, Feb. 2, 2007).
[5] Sec. Act Release No. 8089 (Apr. 12, 2002), 2002 WL 538911, available at <http://www.sec.gov/rules/final/33-8089.htm> (visited Apr. 12, 2002).
[6] See Sec. Act Release No. 8644 (Dec. 27, 2005), 2005 WL 3488696.
[7] Rule 12b-2, definition of accelerated filer and large accelerated filer, par. (a)(2), 17 C.F.R. § 240.12(b)(2).
[8] Rule 12b-2, definition of accelerated filer and large accelerated filer, par. (a)(1), 17 C.F.R. § 240.12(b)(2).
[9] Form 10-K, General Instruction A(2)(a).
[10] Form 10-K, General Instruction A(2)(b).
[11] Form 10-K, General Instruction A(2)(c).
[15] Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644, Adopting Release.. Sec. Act Release No. 8731 (Aug. 9, 2006), 2006 WL 2711999, Proposing Release, also available at http://www.sec.gov/rules/proposed/2006/33-8731.pdf.
[16] An objective observer would have a difficult time if grading this mechanism on a “plain English” basis to give it passing grades.
[17] See Regulations S-K and S-B Temporary Items 308T(a). The information will also be deemed filed if the registrant specifically so designate, but that is unlikely to happen. See Form 10-K, Temporary Item 9A(T) and Form 10-KSB temporary Item 8A(T).
[18] This is repeated several times in the Adopting Release, for example, the Summary states as follows: “A non-accelerated filer is not required to file the auditor’s attestation report on internal control over financial reporting until it files an annual report for its first fiscal year ending on or after December 15, 2008.” Item 9A and Item 8A both provide that the Form 10-K and 10-KSB respectively shall include the information called for by Item 308 of Regulation S-K and S-B respectively. Item 308(a) refers to the Section 404(a) assessment and Item 308(b) refers to the Section 404(b) attestation. Reference to 308(b) is conspicuous by its absence from temporary Item 308T and Item 9A of Form 10-K and Form 10-KSB temporary Item 8A reference Regulation S-K and Regulation S-B Item 308T respectively. In addition, the Adopting Release includes an amendment to Regulation S-X in the form of a temporary Section 2-02T, which provides that the requirements of Regulation S-X -2-02(f) shall not apply with respect to the accountants report included in a non-accelerated filers annual report “for a fiscal year ending on or after December 15, 2007 but before December 15, 2008.” Regulation S-X 2-02(f) presently provides that the accountant must provide an attestation report if it prepares a report on financial statements included in a registrant’s annual report if that annual report includes a Section 404(a) assessment. In this back-handed fashion, an attestation is not required with respect to non-accelerated filers who include a Section 404(a) assessment for fiscal years ending after December 1, 2007 but are for fiscal years ending on or after December 15, 2008.
.
[19] Regulations S-K and S-B, Temporary Item 308T(a)(4).
[21] Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644.
[22] See Regulation S-K, Item 308(a), 17 C.F.R. § 229.308(a), Note 1 as amended by Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644. See also Regulation S-K, Item 308T(a)(4), 17 C.F.R. § 229.308T..
[23] Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644, at *11-13.
[24] See Sec. Act Release No. 8731 (Aug. 9, 2006), 2006 WL 2711999
[25] Sec. Act Release No. 8760 (Dec. 15, 2006), 2006 WL 3702644, at *12, Although the Section 302 certification is not our focus, the Release relating to extended compliance dates and a transition period for newly public companies also states as follows: “The amendments also permit a newly public company, during the transition period, to omit the portion of the introductory language in paragraph 4 as well as language in paragraph 4(b) of the certification required by Exchange Act Rules 13a-14(a) and 15d-14(a) that refers to the certifying officers' responsibility for designing, establishing and maintaining internal control over financial reporting for the company, until it files an annual report that includes a report by management on the effectiveness of the company's internal control over financial reporting. This language is required to be provided in the first annual report required to contain management's internal control report and in all periodic reports filed thereafter.” Id. at *13.