The U.S. Government Accountability Office (“GAO”), a government watchdog group, recently reported the results of its 2014 audit of the Securities and Exchange Commission (“SEC”) financial statements. The findings included (i) troubling reports of internal control failures at the very agency tasked with policing the reporting activities of others and (ii) warnings of vulnerability to cyber attacks on the highly confidential information stored at the SEC.
The most serious area of deficiency involves financial reporting controls over accounting for disgorgement and penalty transactions. Such deficiencies were so significant that the GAO reported that they may adversely affect the accuracy and completeness of information used and reported by the SEC. In addition, the GAO found that 15 of its prior internal control recommendations with regard to information system controls (information security) were still open, albeit in process. This related article provides more detailed descriptions of the findings and recommended internal controls.