We have learnt the hard way..

• Enron Scam example

• The drive for better corporate governance came not out of any major financial collapse but as a consequence of liberalization and globalization of the economy which brought with it international competition

• The Harshad Mehta Scam, Ketan Parekh scam, UTI scam, Satyam scam, Stamp paper scam etc emphasized the demand for more stringent norms with respect to accountability by companies for their financial reports

What is it?

• A written statement signed by the chief executive and chief financial officers of a publicly traded company that attests to their control over and acceptance of responsibility for internal controls relating to financial reporting

• In other words, this certification certifies that the financial statements published by the Company fairly represent the financial condition of the Company and, further, that the accuracy of the Company's financial statements and the financial reporting processes do not contain any deficiencies and material weaknesses in their design or controls.

• In India, Clause 49 of Listing Agreements with stock exchanges provides details about the CEO/CFE certifications of financial statements and review of internal control of the company

• An example of CEO/CFO certification by ITC Ltd

Stakeholders Involved

• Company’s top management

• Employees

• Shareholders

• Competitors

• Suppliers

• Customers

• Government

Clause 49 of SEBI

• Clause 49 of the SEBI guidelines on Corporate Governance as amended on 29 October 2004 requires CEO/CFO certification of financial statements

• These requirements were introduced in the Listing Agreement with effect from 1st January 2006 and were framed in line with Sarbanes Oxley(SOX) Act of the USA

• These are a means of holding executives accountable for fraudulent financial statements

Clause 49 of the Listing Agreement with Stock Exchanges, inter-alia, provide that the CEO, i.e. the

Managing Director or Manager appointed in terms of the Companies Act, 1956 and the CFO i.e. the whole-

time Finance Director or any other person heading the finance function discharging that function shall

certify to the Board that:

(a) They have reviewed financial statements and the cash flow statement for the year and

that to the best of their knowledge and belief :

(i) These statements do not contain any materially

untrue statement or omit any material fact or contain statements that might be misleading;

(ii) These statements together present a true and fair view of the company’s affairs and are in compliance with existing accounting standards, applicable laws and regulations.

(b) There are, to the best of their knowledge and belief, no transactions entered into by the company during the year which are fraudulent, illegal or in violation of the company’s code of conduct

(c) They accept responsibility for establishing and maintaining internal controls for financial reporting and that they have evaluated the effectiveness of internal control systems of the company pertaining to financial reporting and they have disclosed to the auditors and the Audit Committee

(d) They have indicated to the auditors and the Audit committee

(i) Significant changes in internal control during the year;

(ii) Significant changes in accounting policies during the year and that the same have been disclosed in the notes to the financial statements; and

(iii) Instances of significant fraud of which they have become aware and the involvement, if any, of the management or an employee having a significant role in the company’s internal control system.

CEO/CFO responsibility as per Clause 49

Currently under clause 49 the requirement in so far as internal controls for financial reporting are concerned the CEO/CFO are required to –

(a) Establish and maintain internal controls for financial reporting(b) Evaluate the effectiveness of internal control systems of the company pertaining to financial reporting(c) Disclose to the auditors and the Audit Committee, deficiencies in the design or operation of such internal controls, if any, of which they are aware and the steps they have taken or propose to take to rectify these deficiencies

Purpose of Certification and Need for Strict Compliance

The signing officers :-

1. Are responsible for establishing and maintaining internal controls

2. Have designed such internal controls to ensure that material information relating to the issuer and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared

3. Have evaluated the effectiveness of the issuer’s internal controls as of a date within 90 days prior to the report

4. Have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date

Cont.

5. The signing officers have disclosed to the issuer’s auditors and the audit committee of the board of directors (or persons fulfilling the equivalent function)

a) all significant deficiencies in the design or operation of internal controls which could adversely affect the issuer’s ability to record, process, summarize, and report financial data and have identified for the issuer’s auditors any material weaknesses in internal controls

b) any fraud, whether or not material, that involves management or other employees who have a significant role in the issuer’s internal controls

6. The signing officers have indicated in the report whether or not there were significant changes in internal controls or in other factors that could significantly affect internal controls subsequent to the date of their evaluation, including any corrective actions with regard to significant deficiencies and material weaknesses.

Difference between CEO/CFO Certification in India and USA

India USA (Section 302 of SOX Act)

1. In India CEO/CFO certification isrequired only for annual financial statements

In USA the CEO/CFO certification is required for quarterly andannual financial statements

2. Internal financial controls the requirement in India is for the CEO/CFO to accept responsibility for establishing and maintaining internal controls for financial reporting and that they have evaluated the effectiveness of internal control systems of the company pertaining to financial reporting.

In the USA this is much wider and extends tosubsidiaries , covers evaluation of the effectiveness of the issuer’s internal controls as of a date within 90 days prior to the report and is not limited to internal control for financial reporting only.

3. Less costly to implement More costly to implement (the evaluation of effectiveness of internal control system as of a date within 90 days prior to the reporting date forces the organization to carry out this evaluation several times in a year which increases the cost)

WHAT HAPPENS IF A COMPANY FILES A FALSE CERTIFICATION ?

Real Life Examples

Rica Foods Inc.

• August 18, 2003 , the Securities & Exchange Commission settled its first civil injunctive actions against Rica Foods Inc. a poultry producer with headquarters in Costa Rica; its CEO, Clixto Chaves & its CFO, Gina Sequeira.

• Violation of CEO & CFO certification requirements of Sarbanes Oxley Act of 2002.

• On January 13, 2003, Rica Foods filed a Form 10-K annual report with the Commission containing a purported unqualified independent auditor's report from Deloitte & Touche representing that Rica Foods' consolidated financial statements were presented fairly and in conformity with GAAP.

• At the time of this filing, however, Rica Foods had not received an authorized and issued audit report from Deloitte.

• Reasons :– The financial statements contained a number of material

classification errors. – The Company's financial statements recorded $5 million in loans

due from its shareholders as an asset (thereby increasing Rica Foods' assets from $91 million to $96 million on the Balance Sheet) instead of as a reduction of its shareholders' equity.

• Despite these shortcomings, Chaves and Sequeira, the Company’s Executives, certified, in the Form 10-K annual report, that the filing fairly and accurately presented Rica Foods' financial condition.

Consequences

• Deloitte resigned from the Rica Foods audit engagement on January 23, 2003.

• AMEX halted trading in Rica Foods common stock for failure to file audited financial statements.

• The SEC said the final judgment directs Rica Foods to no longer violate the SEC rules that govern the accuracy of issuer books and records and financial disclosures and directs Chaves and Sequeira to no longer aid and abet violations of the rules.

• Among the implications of the ruling, the SEC added, Chaves must pay $25,000 in civil penalties.

HealthSouth Corporation

• In March 2003, the SEC charged HealthSouth, a provider of health care services, and its CEO and chairman, Richard M Scrushy with accounting fraud.

• Company’s earnings were falsely inflated by $1.4billion. $100 million of stocks were sold several days before company reported a huge loss.

• In 1996, Scrushy allegedly instructed the company's senior officers and accountants to falsify (“fix it”) company earnings reports in order to meet investor expectations at Wall Street and control the price of the company's stock.

• Vice President of Accounts Payable at HealthSouth Corporation, Barbara Patton was the whistle blower.

EBIT overestimated by HealthSouth

Note: On August 14, 2002, Scrushy and HRC's Chief Financial Officer certified under oath that HRC's 2001 Form 10-K contained no "untrue statement of material fact." In truth, the financial statements filed with this report overstated HRC's earnings, identified as "Income Before Income Taxes And Minority Interests" on HRC's income statement, by at least 4,700 %.

Consequences

• HealthSouth was the first company charged under the provisions of the Sarbanes-Oxley Act. Under the Act, corporate executives are required to sign SEC filings to indicate that they have reviewed the financial statements for accuracy and compliance with GAAP. Executives are then personally responsible if the financial statements are found to be fraudulent.

• HealthSouth' Board of Directors asked Scrushy to resign on March 31, 2003. The Board also dismissed Ernst & Young on the same date, for failing to detect the fraud.

• On November 4, 2003, Richard Scrushy was indicted on 85 criminal counts, including conspiracy to commit fraud. He was arrested on November 5, 2003.

Satyam

• On November 30, SFIO filed case against Satyam promoter B Ramalinga Raju, his brother B Rama Raju, ex-CFO Vadlamani Srinivas, senior finance manager D. Venkatapathy Raju and finance manager C. Srisailan, along-with company’s former statutory auditors S Gopalakrishna and Srinivas Talluri under various provisions of the Indian Penal Code, Companies Act and IT Act.

• Artificially increasing profits & revenues in the books.Loopholes were deliberately left in weak ERP system to insert fictitious invoices and fictitious bank statements to balance them without being detected.

• Ramalinga Raju confessed to SEBI and the board of directors that he had fudged the accounts of Satyam and that the balance sheet as on September 30, 2008 carried an inflated (non-existent) cash and bank balances of Rs 5040 cr, non-existent interest of Rs376 cr and understated liability of Rs 1230 cr.

• PwC ignored this fact and certified the company. PwC did not check even 1%of the invoices, neither did they pay enough attention to verification of sundry debtors, which according to SFIO report was overstated by almost 50 per cent nor the cash at hand of Rs 5040 crwas cross checked.

Conclusion

• CEO/CFO certification is a very important comfort for the Directors who are not involved in day-to-day management and operations of the company

• The CEOs and CFOs should not take this requirement as just one more requirement but address the requirements very seriously.

• CEOs and CFOs need to become much more sensitive and knowledgeable about financial reporting and required disclosures, and to re-evaluate their systems of internal control.

• Gone forever are cavalier CEO attitudes that protest that they need not know much regarding financial accounting and reporting.

Conclusion (cont.)

• At the heart of this series of certification requirements is CEO/CFO personal oversight and responsibility for the content and quality of financial information, and increased involvement with internal control.

• Long-run adherence to the spirit as well as the letter of the requirements will effectively increase the actual level of reporting accuracy and transparency of public companies.

• No doubt it is a costly affair if the job is to be done properly but perhaps in the current complex business environment no one can afford not to take this seriously as implications could be very far reaching.

• It leads to more reliable financial information and improved corporate governance