Conflicts of InterestIndependence For management and employees Where

Conflicts of Interest/Independence For management and employees: ¡ Where the independent judgment of an employee is swayed, or might be swayed from making decisions in the organization’s best interest. Important Issues: ¡ ¡ ¡ Usual Causes: self-interest, misunderstanding Slippery slope Inevitable. . . So how to manage to avoid harm Appearance is vital Guidance needed

Types of Conflict of Interest Potential Actual Decision Point Non-existent Apparent Imaginary

Conflicts of interest - Causes ¡ How might judgement be swayed … any interest, influence, loyalty, concern, emotion, or other feature tending to make judgement less reliable than normal. D&S, 9. ¡ Self-interest - bribes, kickback, gifts, free travel, favors, special advantages or treatment, dealings with family, relatives or relations ¡ ¡ Fraud - misappropriation of funds or property Misunderstanding - confused signals or incentives, boss/ everybody’s doing it, cultural differences, slippery slope

Judgement Based on Common and Conflicting Interests Judgements Investors’ Interests Congruent Self-interested Executives’ Interests

Management of Conflicts of Interest ¡ ¡ Awareness and understanding- training Guidance and compliance - code, signoff Avoid - can’t always Additional controls: l l ¡ disclosure and consultation - ethics officer+ additional approvals Chinese walls/Firewalls - confidentiality prohibition and scrutiny International aspects, www. transparency. de

Gift or Preferential Treatment Guidelines for Acceptance/Giving: l l l l Is it nominal or substantial? What is the intended purpose? What are the circumstances? What is the position of sensitivity of the recipient? What is the accepted practice? What is the firm/company policy? Is it legal?

Conflicts of Interest/Independence for Professional Accountants Mandate relies upon: ¡ Services that can be trusted by members of the public to serve their interests Fiduciary Responsibilities ¡ Fiduciary services l l l Reliance Knowledge or skill differential Important Credibility ¡ Trust, confidence, expectations

Part of the Livent Affair: Drabinsky v. KPMG Livent – Phantom of the Opera, Showboat, restores theatres On Nov. 29, 1999, Drabinsky (D) sues KPMG (KC) Canada for damages, costs and other relief for breach of contract, breach of duty of confidence, & breach of fiduciary duties l l l D alleges KC was his accountant … tax & bus. Advice …KC North Toronto (KCNT) Office says only personal tax KPMG Los Angeles had examined Livent books using KCNT for tax review to give report to purchaser. Purchase goes forward. D doesn’t complain even though report not rosy. Deloitte’s audits Livent. Purchaser believes Livent accounts mask true condition due to D Purchaser suspends D Purchaser hires KC Downtown Toronto Office forensic unit to investigate. Case settled, some files sealed, Drabinsky indicted in US Discuss possible conflicts of interest

Ethical Regime - International Guidance framework includes… ¡ IFAC Code of Ethics, CICA Independence Exposure Draft ¡ IFAC Code at www. ifac. org/Ethics/ ¡ GAAP, GAAS ¡ SOX, SEC Rules – released Nov. 19, 2002 www. sec. gov A professional accountant must adhere to a set of rules aimed at neutrality and at protecting the public interest – s/he should not go to absolutely any lengths to serve a specific client’s interests, unless the public interest is also served

Conflict of Interest/Independence for Professional Accountants - IFAC 1. Protect the Public Interest 2. Professional Service to Clients Judgement Integrity of Services Objectivity

IFAC Conflict of Interest/Independence ¡ ¡ ¡ “Regardless of service or capacity, professional accountants should protect the integrity of their professional services, and maintain objectivity in their judgement. ” (Sect. 1. 2) Integrity … honest, fair dealing, truthful and free of conflicts of interest (1. 1) Objectivity … a combination of impartiality, intellectual honesty and a freedom from conflicts of interest (Definitions, p. 5)

Limits to Serving Clients SEC Proposal/Ruling…SEC Registrant Auditors “not independent whenever, during the audit and professional engagement period, the accountant: 1. Has a mutual or conflicting interest with the audit client; 2. Audits the accountant’s own work; 3. Functions as management or an employee of the audit client; or 4 Acts as an advocate for the client. ” July 2000, Nov. 2000 SOX/SEC Proposal/Ruling Released Nov. 19, 2002 Letters of Engagement Legalities Post-engagement time frame restrictions

IFAC Code of Ethics, Nov. 2001 Duty to Society, Serve the Public Interest Objectives Meet Expectations for Professionalism, Performance, Public Interest Basic Needs Credibility, Professionalism, Highest Quality Services, Confidence Fundamental Principles Integrity, Objectivity, Professional Competence and Due Care, Confidentiality, Professional Behaviour, Technical Standards

IFAC Code of Ethics ¡ ¡ Public Interest Requirement: Responsibility to the public. . . who rely on the objectivity and integrity of professional accountants to maintain the orderly functioning of commerce. (9, p. 10) Objectives involved: l l l to work to the highest standards of professionalism to attain the highest levels of performance and generally to meet the public interest requirement (14, p. 11)

IFAC Code of Ethics ¡ ¡ Four basic needs must be satisfied: credibility, professionalism, highest quality services, and confidence (14, p. 11, 12) Prerequisites or Fundamental Principles to be observed to meet objectives: l Integrity l Objectivity l Professional competence and due care l Confidentiality l Professional Behaviour l Technical Standards (16, p. 12, 13)

IFAC Conceptual Approach to Independence Objective: Independence of Mind & Appearance To Protect the Public Interest Identify and Evaluate Circumstances and Relationships that create Threats To Independence Eliminate Threats or Reduce to an Acceptable Level By Applying Safeguards

IFAC Conceptual Approach to Independence Objective: Independence of Mind & Appearance To Protect the Public Interest Threats To Independence Apply Safeguards Self-Interest Self-review Advocacy Familiarity Intimidation Profession Legislation Regulation Within Client Within Firm

IFAC Conflict of Interest/Independence of mind - the state of mind that permits the provision of an opinion without being affected by influences that compromise professional judgement, allowing an individual to act with integrity, and exercise objectivity and professional skepticism Independence of appearance - the avoidance of facts and circumstances that are so significant a reasonable and informed third party, having regard knowledge of all relevant information, including any safeguards applied, would reasonably conclude a firm’s, or a member of the assurance team’s integrity, objectivity or professional skepticism had been compromised. (Def. , p. 4)

Categories of Conflict of Interest Stakeholder categories _________ Sphere of activity affected ____________ Examples ___________ Self vs others Services offered Improper use of influence Misuse of information Conflicting services, shaving quality Improper purchases of client goods Improper investments by relatives Self & others vs others Services offered Consulting and other services, and/or over-involvement with management or Directors erodes objectivity Client vs client Employer vs employer Services offered Serving competing clients at the same time Stakeholder vs stakeholder Misuse of information (confidentiality) Whistle-blowing, reporting to government or regulators _______________________________________ (Source: Brooks, L. J. , Business and Professional Ethics for Directors, Executives & Accountants, South-Western, a division of Thomson Learning, 2004, Table 4. 11

Frequent Conflicts of Interest ¡ ¡ ¡ ¡ Profit vs. . . the Public Interest Consulting & assurance services Multi-disciplinary practices (MDPs) Fiduciary or Professional Responsibility Confidentiality Serving Multiple Clients Employees vs. . Profit and the Public Interest Whistle-blowing & Resignation

Safeguards created by the Profession, Legislation, or Regulation ¡ ¡ ¡ Education, training, experience requirement for entry Continuing Education Professional standards, monitoring, and disciplinary processes External review of firm’s quality control system Legislation governing independence requirements of the firm IFAC Code, 8. 37

Safeguards Within the Client ¡ ¡ ¡ Appointment of auditors ratified/approved by other than management Client has competent staff to make managerial decisions Policies and procedures emphasizing client’s commitment to fair financial reporting Internal procedures to ensure objective choices in commissioning non-assurance engagements A corporate governance structure, such as the audit committee, that provide appropriate oversight and communications regarding a firm’s services IFAC Code, 8. 38

Safeguards Within The Firm’s Own Systems & Procedures ¡ ¡ ¡ Leadership stressing importance of independence, and expectation of service/action in the public interest Policies and procedures to implement and monitor control of assurance engagements Documented independence policies regarding the identification and evaluation of threats to independence, applications of safeguards to eliminate or reduce those threats to an acceptable level Policies and procedures to monitor and manage the reliance on revenue from a single assurance client Using partners with separate reporting lines for the provision of non-assurance services to an assurance client +6 other firm-wide +9 specific items IFAC Code, 8. 41, 2

Interesting Questions ¡ ¡ ¡ Is it wrong for an employee to seek a special deal/ discount/benefit from being employed within a company? Is it acceptable to hold stock in a supplier, customer, client, or other organization doing business with your company/client? Should you snitch on a fellow worker who snorts cocaine on the job? If an accountant learns that a client has deliberately violated building codes, should (s)he report the violation? To? Should a secretary lie to a boss' spouse about his/her whereabouts when the boss is having an affair? What should the secretary do?

Risk Assessment / Ethics & Conflicts of Interest

Comprehensive Risk Management requires understanding the business Risk Events Causing Drops of Over 25% Share Value, Percentage of Fortune 1000 companies, 1993 -1998 Strategic ………………. 58% Customer demand shortfall (24) M & A Integration problems (7) Competitive pressure (12) Mis-aligned products (6) Operational ……………. 31% Cost overruns (11) Management ineffectiveness (7) Financial ………. . 6% Hazard ……. 0% Accounting irregularities (7) Supply chain pressures (6) [Foreign macro-eco, interest rates ] [Lawsuits, natural disasters] Source: Mercer Management Consulting/Institute of Internal Auditors, 2001

Comprehensive Risk Management includes Ethics Risk Management Ethics Risk Reputation Success Reputation is important ¡ Arthur Andersen…………… survival ¡ RT Capital…………reputational capital ¡ Tylenol ……………competitive advantage Selling trust and credibility, not pills, … © L. Brooks

Comprehensive Risk Management depends upon the Corporate Ethical Culture ¡ Comprehensive Risk Management utilizes both: A. Key risk factor identification & measurement B. Review of key business processes including the ethical culture that underpins process integrity ¡ Ethical culture provides guidance for employees about when to adhere to the Code, when actions are not covered in Code, in a grey area, or in a crisis - tools to measure ethical culture do exist Enron’s Board failed to consider any of this! Few corporations do A, fewer do B!

Emerging Risk-oriented Decision Criteria for Directors Criteria (New) Interests/Risks Considered ¡ Profitability & legality …… Shareholders + ¡ Fairness & rights …… Specific Stakeholders ¡ Expectations Gap ………. the Public Interest

Risk Assessment The Auditor’s Emerging Role Why is it important? What risks are critical? How can risks be assessed and conveyed?

Risk: Why are auditors interested? Better achievement of strategic objectives of: l the organization involved to manage risks to reduce problems ¡ to take advantage of opportunities ¡ l the audit to assess risks likely to affect org. policies and compliance, and operational health of the organization ¡ to ensure significant risks examined ¡

Traditional Audit Model vs. Business Risk Audit Models “…the failure to detect processing errors is rarely the cause of audit problems. Rather, the major issues … are more likely to be associated with the manner in which the business entity is managed to achieve its objectives. Factors such as the business environment, governance issues and the nature of managerial control will ultimately have significance for the financial statements – their accuracy, issues of fraud and going concern. ” Developments in the Audit Methodologies of Large Accounting Firms Lemon, Tatum & Turley, May 2000 (See www. abgweb. com)

Why Manage Risk? ¡ More likely to achieve objectives: l l l ¡ ¡ ¡ Identify and exploit opportunities Identify risks and avoid before problems arise Respond effectively to unexpected events Adapt and mitigate negative impacts Make good decisions quickly Preserve and enhance reputation More complex environment Faster pace requires faster response Greater downside and upside Ref: Managing Risk in the New Economy, CICA/AICPA, 2001

Understanding Risk is the chance of something happening that will have an impact on objectives. Risk Management includes the culture, processes, and structures that are directed towards the effective management of potential opportunities and adverse effects Risk Management Process includes the systematic application of management policies, procedures, and practices to the tasks of establishing the context, identifying, analyzing, assessing, managing, monitoring, and communicating risk Managing Risk in the New Economy AICPA & CICA, 2001, p. 4

Integrated Risk Management ¡ ¡ ¡ Enterprise-wide responsibility, not just by specialists Guidance of risk champion Based on understanding of multiple risks and the integration of risks Ref: Enterprise Risk Management: Trends and Emerging Practices, The Institute for internal Auditors Research Foundation, 2001

Approaches to ERM A. Key Risk Factors Assessment l l Identification Analysis Ranking Mitigation/planning B. Process-control Assessment l Identification of flaws, then as above Enterprise Risk Management: Trends and Emerging Practices, The Institute of Internal Auditors Research Foundation, 2001, p. xxxi

Establishing the Risk Context ¡ Appetite for risk depends upon: l ¡ Corporate philosophy, culture and strategic perspectives (vision, mission and values), relationships with key stakeholders, external environment, and internal environment Capacity for risk includes: l l The ability to exploit opportunities, and The resilience to market setbacks and catastrophes

Risk Management Context. RISK MANAGEMENT APPROACH SET OBJECTIVES …OPTIMIZATION ACCOUNTABILITY DETERMINE VALUES AUTHORITY CRITERIA FOR RISK ASSESSMENT

Risk Management Values ¡ ¡ Commitment to ethics, safety, customer service, product quality, corporate citizenship Risk tolerance Risk limits of lenders, creditors, shareholders Openness to questions

Risk Assessment Criteria Appetite and capacity for risk ¡ Policy, goals, objectives, stakeholder interests ¡ Operational, technical, financial, legal, social, humanitarian + ¡ Materiality ¡ Iterative ¡

Identifying Risks ¡ ¡ ¡ Consider both common risks & processes Internal interviewing and discussion – brainstorming, self-assessment, SWOT analysis External sources – comparison, discussion, benchmarking, risk consultants Tools, diagnostics – checklists, analysis: scenarios, value chain analysis, business processes, system engineering` process mapping Cases exist

Risk Categories - Usual Category/Approach Sub-category Governance Objectives Areas of Impact Reputation Assets Revenues Costs Performance People (Employees/Customers/Communities) Sources of Risk Environmental Strategic Operational Informational Specific Hazards/Perils Degree of Control/Ability To Manage Documentation None/Little/Influence only/Great Condition

Risk Aspects - Ministry Categories Sources Consequences Environment Human Safety Strategic Machine Reputation Operational/Financial Medium Environment Compliance Mission Service Delivery Informational Management Info. Integrity Organizational & Cultural Privacy/ Confidentiality Criminal Activity Compliance-laws, regs Security of assets

Analysing and Assessing Risk A Risk Map High Moderate Consequence Low Moderate High Likelihood of Occurrence Managing Risk in the New Economy, AICPA & CICA, 2001, p. 11

Analyzing and Assessing Risks Likelihood Consequence Qualitative ¡Almost certain, likely, possible, unlikely, rare ¡Numerical scoring 1, 2, 3 and so on ¡Percentage of volume, and so on ¡Insignificant, Quantitative ¡Time ¡Dollar frame hourly, daily, weekly, yearly, and so on ¡Percentage of Volume, and so on minor, moderate, major, catastrophic ¡Numerical scoring 1, 2, 3 and so on ranges ¡Percentage ¡Per capita Managing Risk in the New Economy, AICPA & CICA, 2001, p. 12

Reputation Ethics Because of the significant relationship between Ethics and Reputation, should Ethics Risks be a separate category of risk? ¡ An Ethics Risk exists whenever the expectations of the public are different than the action under review ¡ Ethics Risk is an idea under development By L. J. Brooks

Ethics Risk & Opportunity Identification & Assessment Phase 1 Develop a Projected, Ranked Understanding of Stakeholder Interests/ Expectations Phase 2 Compare Activities to Expectations to Identify Ethics Risks & Opportunities Phase 3 Reports By • Stakeholder Group • Product or Service • Corporate Objective • Hypernorm Value • Reputation Driver: Trustworthiness, Credibility, Reliability, Responsibility Identify Rank: Urgency, Power, Legitimacy Confirmation Dynamic Analysis Hypernorm: Honesty, Fairness, Compassion, Integrity, Predictability, Responsibility Performance: Inputs, Outputs, Quality