SEC Issues Final Rules on Certification of Disclosure in Quarterly and Annual Reports


To Our Public Company Clients and Friends:

The SEC has adopted final rules effective August 29, 2002, under Section 302 of the Sarbanes-Oxley Act of 2002 (the “Act”) requiring principal executive officers and principal financial officers of all public companies to certify the accuracy of their annual reports on Form 10-K and quarterly reports on Form 10-Q.

These representations are new and are not part of the certification required under Section 906 of the Act.  The Section 302 certification applies to quarterly and annual reports and requires extensive representations by the principal financial officers and principal executive officers of public companies, or others performing similar functions.  These representations include statements as to their responsibility for the company’s internal reporting controls, both financial and non-financial. The certifications include representations regarding both the design of disclosure controls and procedures, and the evaluation of effectiveness of the company’s disclosure controls and procedures within 90 days prior to the report.  Disclosure of any conclusion about the effectiveness of controls and procedures and changes in internal controls are now required to be disclosed in the public reports.

The rules apply to all public companies, including small businesses and foreign private issuers.  There is a special tailored form of certification for asset-backed issuers.

Certification of Quarterly and Annual Reports

Exchange Act Rules 13a-14 and 15d-14 require that the principal executive officer and the principal financial officer of each company filing periodic reports must certify in each annual or quarterly report filed with the SEC that, among other things:

  • the signing officer has reviewed the report;

  • based on the officer's knowledge, the report does not contain any untrue statement of a material fact or omit to state a material fact necessary in order to make the statements made, not misleading;

  • based on such officer's knowledge, the financial statements, and other financial information included in the report, fairly present in all material respects the financial condition, results of operations and cash flows of the issuer as of, and for, the periods presented in the report;

  • the signing officers-

    • are responsible for establishing and maintaining “disclosure controls and procedures”;

    • have designed such disclosure controls and procedures to ensure that material information relating to the issuer and its consolidated subsidiaries is made known to them;

    • have evaluated the effectiveness of the issuer's disclosure controls and procedures as of a date within 90 days prior to the report; and

    • have presented in the report their conclusions about the effectiveness of their disclosure controls and procedures based on their evaluation as of that date;

  • the signing officers have disclosed to the issuer's auditors and the audit committee-

    • all significant deficiencies in the design or operation of internal controls that could adversely affect the issuer's ability to record, process, summarize, and report financial data and have identified for the issuer's auditors any material weaknesses in internal controls; and

    • any fraud, whether or not material, that involves management or other employees who have a significant role in the issuer's internal controls; and

  • the signing officers have indicated in the report whether or not there were significant changes in internal controls or in other factors that could significantly affect internal controls subsequent to the date of their evaluation, including any corrective actions with regard to significant deficiencies and material weaknesses.

Disclosure Controls and Procedures Must Include Both Financial and Non-Financial Internal Controls

The SEC Release adopting the new Section 302 certification rules (Release Nos. 33-8124, 34-46427, IC-25722), as well as the SEC’s statement in Release No. 34-46079 (June 17, 2002) (the “June 17 Release”) providing supplemental information and requesting comments on this topic recently, make it clear that both internal controls for financial statement information and internal controls for disclosure of non-financial information are required.  The new SEC rules contain the previously existing requirement that each reporting company establish and maintain systems of “internal procedures and controls” with respect to its financial reporting and control of its assets.  However, the new rules also introduce the concept of “disclosure controls and procedures” which are intended to be broader than internal financial controls, and include compliance with securities law disclosure requirements generally.  The SEC believes that the new requirement is complementary to this prior requirement and will help ensure that commensurate procedures for gathering, analyzing and disclosing all information required to be included in a reporting company’s periodic and current reports are in place.

Accordingly, public companies must design disclosure controls and procedures to ensure that information required to be disclosed in the reports filed or submitted by it under the Securities Exchange Act of 1934, as amended (the “Exchange Act”), is effectively accumulated and communicated to the company’s management in order to allow timely decisions regarding required disclosure.  Additionally, although current reports are not covered by the new certification requirement, disclosure controls and procedures are required to be designed, maintained and evaluated to ensure full and timely disclosure in current reports, as well as definitive proxy materials and definitive information statements.

The rules do not require any particular procedures for conducting the required review and evaluation.  The SEC suggests that each company will develop its own process, based on its specific business, management, and supervisory practices.  The SEC does, however, recommend that each issuer create a committee with the responsibility for considering the materiality of information and determining disclosure obligations on a timely basis.  This committee would report to the principal executive and financial officers, and perhaps other senior management.

Fair Presentation versus Compliance with GAAP

The certification requires a statement that the financial statements and other financial information included in the report are fairly presented in all material respects.  This not only requires that financial information be presented in accordance with generally accepted accounting principles (“GAAP”), but that the financial information disclosed in the report, when viewed in its entirety, meet a standard of overall material accuracy and completeness that is broader than the financial reporting requirements under GAAP.  Additionally, the SEC states that a “fair presentation” includes the selection and application of appropriate accounting policies, disclosure of financial information that is informative and reasonably reflects the underlying transactions and events, and the inclusion of any additional disclosure necessary to provide investors with a materially accurate and complete picture of the company’s financial condition, results of operations, and cash flows.  The reference to cash flows was added by the SEC, even though Section 302 of the Act does not include explicit reference to cash flows.

Form and Location of Certification

The required certification must be in the exact form set forth in the amendments to the affected reports.  The wording of the required certification may not be changed in any respect.  The certification is to be included in each 10-K or 10-Q and follow immediately after the signature sections of these reports.  Since the signatures required by the certifications will be part of these reports, they will be subject to the signature requirements of the Exchange Act.


A signing officer that provides a false certification potentially could be subject to SEC action for violating Section 13(a) of the Exchange Act, and to both SEC and private actions for violating Section 10(b) of the Exchange Act and Exchange Act Rule 10b-5.  The SEC does not believe that the proposed certification requirement will change the underlying liability standard as to materiality.  Instead, the SEC notes in the June 17 Release that liability attaches “where a principal executive officer or principal financial officer fails to review his or her company's quarterly or annual reports or certifies the accuracy and completeness of these reports when, based on his or her knowledge and belief, the certification is false.”

Further Information

This Alert is a publication of Haynes and Boone, LLP and should not be construed as legal advice on any particular facts or circumstances.  This Alert is for general informational purposes only, and may not be quoted or referred to in any other documents or legal proceeding without our prior written consent.  The publication of this Alert is not intended to create an attorney-client relationship.

If you would like to learn more about the Act and the rules and regulations relating to the Act, please feel free to contact your regular Haynes and Boone attorney or any member of our Corporate Governance Practice Group.

Email Disclaimer