The Securities and Exchange Commission (SEC), has extended the deadline for listed businesses to comply with internal controls over financial reporting to December 31, 2023, from December 31, 2021.
This was disclosed in a press release by the Securities and Exchange Commission titled, “Guidance On The Implementation Of Sections 60 – 63 Of The Investments And Securities Act, 2007 – Extension Of Compliance Date To December 2023.”
SEC requires that internal controls over financial reporting must be implemented by directors and auditors must assess them and make a statement on their presence, adequacy, and effectiveness.
What the SEC is saying
The Commission in a statement on its website yesterday said: “Further to our circular on the framework for the implementation of Sections 60 to 63 of the Investments and Securities Act, 2007, published on Monday, March 08, 2021, wherein directors are required to implement relevant internal controls over financial reporting, and auditors are required to review same and issue a statement on its existence, adequacy and effectiveness or otherwise, the Commission hereby approves a two-year extension for the implementation of the framework and compliance, from December 31, 2021, to December 31, 2023.
According to SEC, the Framework covers the following:
Personalised Certification
Chief executive officers and Chief financial officers or Officers or persons performing similar functions in public companies filing periodic or annual reports would each sign a personalized certification of their compliance with the requirements of the referenced sections of the ISA, 2007.
Duty of Directors on Internal Control
A public company shall establish a system of internal controls over its financial reporting and security of its assets and it shall be the responsibility of the board of directors to ensure the integrity of the company’s financial controls and reporting.
Management’s annual assessment of, and report on, the company’s internal control over financial reporting
The board of directors of a public company shall report on the effectiveness of the company’s internal control system in its annual report.
The annual report shall contain a statement of the management’s responsibility for establishing and maintaining adequate ICFR for the company and a statement identifying the control framework used by management to conduct the required evaluation of the effectiveness of the company’s internal control over financial reporting.
Duty of external auditors to report on internal controls of public companies
The external auditor of a public company shall issue a statement as to the existence, adequacy and effectiveness or otherwise of the internal control system of the public company.
The report shall be close to the corresponding attestation report (opinion page) issued by the company’s external auditor as a result of the normal audit, or in a portion of the document immediately preceding the company’s financial statement.