Are Your IT Systems Ready to Go Public?
A privately owned company may transition to an SEC registrant for many reasons, including access to capital, monetizing its own stock, or sometimes to enable a business transaction. Most companies understand that being an SEC registrant requires a significant uplift to their accounting and financial reporting requirements. As a company prepares for registration, it must prepare the historical and current financial statements that are compliant with all SEC rules and regulations, and those financial statements must be audited in accordance with PCAOB standards. This is typically a complex process that requires prescribed disclosures that may have never been considered before. Often, company staff must gather, analyze, and prepare data manually to comply with these rules. Manual processes are likely not sustainable once a company is subject to quarterly SEC reporting. One of the considerations that a company should assess prior to “being public” is whether its information technology systems are sufficient to meet its accounting and reporting needs.
The following are specific technology needs that a company should assess:
- General Ledger
Many first-time registrants are relatively small, or even startup entities. These types of organizations typically do not require sophisticated general ledger systems, as basic systems can usually meet the accounting and reporting needs. However, there may be limitations to such systems. Simple general ledger systems may have limits to the number of accounts employed or may not allow for customized reports. Other systems do not allow for foreign currency transactions. Some systems may limit reporting fields that may be required to tag certain data needed for new footnote disclosures. To help ensure your company can meet not only your current needs, but also the ongoing SEC reporting needs, it’s important to implement a general ledger system that will allow you to manage and extract data easily and reliably.
- Internal Controls
The SEC requires that all registrants establish and maintain an appropriate internal control framework and activities that are consistent with COSO regulations. Depending on the size of the company becoming a registrant, the company’s management may have to sign an assertion that its controls are effective for the period reported. This can be a challenging task if the company has not documented its control activities and the results of testing those activities. Most public companies document these via specialized software that permits a company to set forth its overall framework and then document specific control activities. These also permit the company to document the results of its testing of those control activities, the remediation actions required, and the status of those remediations. While this information could be maintained outside of specialized software, most companies find it useful to have the information in one place and on a platform that can be updated in real time and is accessible to all of their constituents.
- Risk Management
The SEC requires significant qualitative and quantitative disclosures on the financial risk that a company manages. Depending on the nature of the company’s operations, the quantitative disclosures can be the result of highly complex calculations. This is particularly the case when the company uses derivatives and similar instruments to manage exposures such as interest rates, commodity prices, and foreign currency movements. The company will struggle to meet the quantitative disclosure requirements without a suitable platform and reliable data.
- Data Management
A public company has access to a multitude of data, from vendors and inventories to sales and customer data. Financial data is only a portion of the data that a company will use to manage its business. While not all of this data is required to be disclosed, there is a heightened scrutiny on how a public company manages its data. This scrutiny may include how the company safeguards confidential information, proprietary data, and formulae. Investors also will want to know how the company uses its data to maximize operational and financial efficiency. Many private companies have not had to address these concerns as their investors may already have comfort on the overall operations. However, being public brings increased accountability. A company will want to consider what data it needs to collect and how it is managed and protected as part of its registration process.
The examples above are just a few of the many technology issues that a company should consider before starting its SEC registration process. Once an entity has registered, the stakes to the company are significantly higher. Being public requires accurate financial statements, appropriate internal controls, strong risk management, and efficient data management. These activities are challenging even with the best information platforms. A comprehensive review of technology needs is strongly encouraged.
If you have questions or need assistance, reach out to a professional at FORVIS or submit the Contact Us form below.