Today’s Compliance Week article, “SEC Pursues Small Company Over Lax Internal Controls,” [subscription required] discusses the SEC settlement with Koss Corp over the $34 million embezzlement by former Vice President of Finance Sujata (Sue) Sachdeva.
The article explains the settlement, which is essentially a clawback of some of Michael Koss’s compensation:
Michael Koss, who remains president and CEO, agreed to pay back bonuses totaling more than $450,000 in cash and 160,000 options. The company faced no monetary penalty. Sachdeva is already serving 11 years in prison for helping herself to more than $30 million from corporate accounts beginning in 2005 to support her lavish personal spending.
The SEC charged that the company and its CEO didn’t maintain a system of internal controls that would have reasonably assured accurate and reliable financial reporting. The scope of the embezzlement scheme was significant compared to the company’s sales and retained earnings, according to the SEC. In 2009—the first of two fiscal years and three subsequent quarters that Koss restated as a result of the fraud—Sachdeva skimmed $8.5 million in corporate funds on sales of $41.7 million and retained earnings of $17.1 million. Sachdeva and Mulvaney hid their embezzlement through an accounting fraud.
The article recounts some specific problems within Koss:
- Koss Corporation prepared materially inaccurate financial statements, book and records, and lacked adequate internal controls from fiscal years 2005 through 2009.
- Michael Koss was supposed to approve the payment of invoices greater than $5,000, but no approval was needed for wire transfers or cashier’s checks (the primary method of theft by Sachdeva).
- The computer system was more than 30 years old, and did not lock the accounting system at the end of a month to prevent later changes to the books.
- Many account reconciliations were either not prepared or were not maintained as part of Koss’s accounting records. To the extent that reconciliations were conducted, they were improperly performed by the same persons who initiated or recorded the transactions, enabling those persons to make modifications to the reconciliations to cover up fraudulent entries.
- While Sachedeva provided Michael J. Koss with reporting certifications for his review, he did not conduct an adequate review of Koss’s accounting in connection with these certifications.
One lawyer thinks the punishment was too harsh:
Keith Bishop, a partner in the corporate and securities practice at law firm Allen Matkins, is disturbed by the SEC’s pursuit of the company and its CEO. “It smacks of punishing the victim and second guessing,” he says. “I have a concern that the SEC is using this as a message case without really recognizing that no matter how well you have designed internal controls, they only provide reasonable not absolute assurance that there won’t be fraud.”
In Bishop’s view, the SEC singles out Michael Koss and criticizes him for not inspecting the general ledger trial balance, not investigating unusual or frequent journal entries, and not looking behind certifications that were provided to him. “In any environment, the person who signs the certification and the SEC reports is going to have to rely on other people,” he says. “You can’t expect them to double check everything.”
I disagreed, and stated that I thought the penalty was mild:
“The penalty was so insignificant,” say Tracy Coenen, a forensic accountant and founder of forensics firm Sequence. “There was absolutely no internal control in place. (Michael) Koss was signing off of the financial statements without doing any due diligence on any company records. While he may not have directly perpetrated the fraud, his inaction allowed it to go on for so long.” She expected more criminal liability for a failure to carry out basic duties to the company, she says.
With relatively lax punishment for Michael Koss, a CFO who thoroughly neglected his financial duties at the company, other CFOs might as well roll the dice and forget to do their jobs too:
Coenen points out that Koss more closely resembles a family-owned business than a public company, with the majority of its shares held by family members or insiders. It helps explain why the company had a small finance and accounting staff, with very few people holding key roles in managing books and records. She worries the SEC enforcement action doesn’t come down hard enough, giving companies some cause to weigh the costs and benefits of internal controls. “It almost feels like a roll-the-dice situation,” she says. “If that’s the only penalty, maybe I don’t have to go through the cost and trouble of shoring up controls.”
Uppermost in anyone’s mind should be the amount of compensation paid to executives that is unusually high because it must be paid to get the “best and the brightest” – they are supposed to know what they are doing.
Internal controls have to be internalized (through experience) in the minds of these highly paid exectutives – if not, then they do not deserve their pay.
[…] Bishop’s blog, California Corporate & Securities Law on November 23, 2011. It offers us a different view from that of Tracy Coenen regarding the SEC’s action against Michael Koss and Koss Corp. for the embezzlement […]
I agree that the CEO should know his business a little bit better, but that’s is also why he hires accountants. This is why any company hires accountants. This is an example of an accounting firm being steered away from problems by the person stealing, all for the all mighty dollar (fearing they would be fired as accountants). I worked for a large company and the companies accountants dictated what the auditors saw and what was material or not.
[…] Coenen, a Milwaukee forensic accountant who criticized Koss management on her Fraud Files blog, said the company should shoulder the blame for not detecting Sachdeva’s crimes […]