SEC’s Pot Calling the Kettle Black?

The securities regulator has deficiencies in some financial controls and weak cybersecurity measures, says the GAO.
Matthew HellerMay 1, 2015

The U.S. Securities and Exchange Commission needs to put its own accounting house in order, according to a government watchdog report that faults the financial regulator for “continuing and new deficiencies” in its financial controls.

In auditing the SEC’s fiscal 2014 financial statements, the U.S. Government Accountability Office identified a “significant deficiency” in the agency’s accounting for disgorgement and penalties it collects from defendants in civil cases.

“SEC’s controls were not effective in providing reasonable assurance that disgorgement and penalty receivables were recorded timely and accurately in SEC’s general ledger,” the GAO said, adding that routine monitoring procedures “did not consistently and timely detect and correct errors.”

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

In one instance, the report to SEC Chair Mary Jo White says, a disgorgement and penalty accounts receivable was recorded twice in the general ledger because it was initially recorded to an incorrect customer number, resulting in an overstatement of gross accounts receivable of $4.4 million for several months.

“This significant internal control deficiency may adversely affect the accuracy and completeness of information used and reported by SEC’s management,” the GAO said.

The report also found the SEC’s systems for maintaining accurate property and inventory equipment records are deficient and that it has weak cybersecurity controls. Of six SEC network devices the GAO reviewed, each had insufficient passwords that were susceptible to guessing.

“If unresolved, these weaknesses can jeopardize the reliability of the data processed by key financial systems and increase the risk that unauthorized individuals could gain access to financial systems and intentionally or inadvertently access, alter, or delete sensitive data or computer programs,” the GAO warned.

The watchdog included eight recommendations in the report to address the SEC’s deficiencies, among them that the chief operating officer and the CFO update current procedures for recording disgorgement and penalty receivable amounts and notify staff that an incorrect customer number could result in an accounts receivable amount being recorded twice.

In an April 23 letter to the GAO, White said the SEC is “committed to strong financial reporting” and is “working diligently to address findings related to disgorgement and penalties.”

4 Powerful Communication Strategies for Your Next Board Meeting