Top law firm Akin Gump recently published an Alert containing their in-depth analysis of the letter from Senator Leahy and others to SEC expressing views on the final SEC conflict minerals regulation yet to be promulgated. Akin Gump noted Leahy’s comments on the SEC’s apparent position that the conflict minerals report (CMR) be “furnished” rather than “filed”.
The practical impact of the “furnished” vs. “filed” distinction is that “furnished” information is not automatically incorporated by reference into a reporting issuer’s filings with the Commission and is not subject to liability under Section 18 of the Exchange Act. Section 18 of the Exchange Act makes reporting issuers liable for “false or misleading statements” if investors rely on such statements when purchasing or selling securities at a price which was affected by such statements. Reporting issuers who are required to “furnish” information to the SEC as an exhibit to an annual filing may still be subject to liability for violations of Sections 13(a) or 15(d) of the Exchange Act if they fail to furnish a required exhibit or if the required exhibit is “unreliable”. Penalties for such violations may be injunctive, civil or criminal and may also extend to individual executives of the issuer.
This point is not insignificant, having pragmatic impacts on broader due diligence matters, the CMR itself and the independent private sector audit.
Broader due diligence. The preamble to SEC’s proposal declared that “Two of the Congressional sponsors of Section 1502 of the Act have indicated their belief that the due diligence requirement should not be limited to determining whether the smelter uses due diligence.” 75 Fed. Reg. 80961. As a practical matter, we have long stated that, while suppliers may not be required to conduct conflict minerals audits, they should expect an increased level of scrutiny from their customers. Electronic industry association IPC asserted in their most recent comments, “It is highly unlikely that a CEO/President of a company would sign off on an SEC filing where the information was taken from a supplier letter or form without any verification of its completeness.” These points express the sense that due diligence activities are likely to be more “invasive”, proactive and affirmative than a simple document collection and review process, making Akin Gump’s commentary on reporting liability all the more relevant to both the audited entity as well as the auditor themselves.
CMR audit. Key drivers of risk under Sections 18, 13(a) or 15(d) will be the depth of CMR audit reviews undertaken – how the auditor assesses the due diligence process and supporting information. Akin Gump’s point about senior management liability highlights the role and background of the auditors involved. CMR auditors should be qualified to the highest relevant auditor standards and conduct data/information/process/controls testing that is appropriate to SEC filings and reporting risk. Such competence and independence qualifications include auditor standards set forth by SEC, AICPA and EHS audit standards organizations like BEAC. But other (voluntary and supporting) conflict minerals due diligence standards/audits do not mandate stringent auditor competence/independence qualifications or practices.
This potential inconsistency and concern was a key point in our opening comments at the October 18 SEC Roundtable:
If there is nothing else that I impress upon the Commissioners and the staff here today – recognize one element: the auditor standards currently referenced in OECD and ancillary audit initiatives are the lowest common denominator globally for auditor qualifications in the environmental, health and safety audit profession. And yet the global supply chain of 3TG is resting on the shoulders of that lowest level of auditor competence.
Regardless of SEC’s final position on “filed” v. “furnished”, how much will CMR auditors be willing to rely on these sources of the supporting information? And should anyone in the C-suite facing potential Section 18, 13(a) or 15(d) risk allow their CMR auditor to do so?