APRIL 2007 — Stock options backdating does not inherently violate any federal mandates. But for companies that lack visibility into option issuance processes, options backdating can create real business risks because of SEC disclosure and IRS tax accounting requirements. Failure to comply with these rules can and does result in stiff penalties, adverse publicity, loss of employee morale, and damage to investor confidenceany of which can cause a companys market valuation to be reduced.

A company can avoid these occurrences with a robust governance solution that enables transparent oversight of the stock-option issuance process and that empowers the company to incrementally establish a risk-and-control framework that delivers a single point of management over other financial, privacy, and industry-specific governance issues.

A Symptomatic Governance Issue

More than 100 companies are under investigation for options backdating. Although this practice is not illegal, regulators may view the practice as an indicator of potentially greater wrongdoing. The SEC could consider requiring external auditors to inspect options backdating under the Sarbanes-Oxley Act (SOX) because of issues associated with expensing options and the volatility that can result from inaccurately reporting earnings. If options backdating problems are found at more companies, Congress may be driven to act. Last year the Senate Finance Committee (New York Times. September 5, 2006) indicated its intention to discuss the scandals associated with options backdating.

The risks associated with backdating options do not exist in a vacuum; they are simply part of a growing litany of governance challenges. Even though companies may have documented their processes and policies associated with issuing stock options in three-ring binders, this manual approach fails to provide the visibility and automated control tracking capabilities required to fully manage the risks associated with regulatory scrutiny of options backdating. Meeting this challenge head-on requires a holistic, enterprise-wide approach to governance that delivers the following:

• A control-monitoring mechanism that flags option grants that meet the defined criteria which qualify them as being backdated;
• An automated and auditable process that can ensure all required disclosures, earnings restatements, and tax-reporting actions are completed within allotted intervals; and
• A way to ensure that any impacts of these remediation actions on the organizations overall risk-management and governance positions are visible, understood, and proactively managed.

Solution Requirements

To establish a framework that will enable implementation of the policies, processes, and visibility required to support these three requirements, companies should look for a governance solution that can automate the process of inspection for instances of options backdating on any scheduled interval. These intervals vary by organization, but generally should occur after meetings of the organizations compensation committee, because these meetings are where options grants are most often made.

For existing staff, instances of options backdating can be identified with a technology solution that captures and stores the dates employees were granted their options, the number of options granted, and the strike price. The solution should provide a centralized repository where documents related to the compensation committees issues of stock options can be inspected and locked down, so that the actual strike price at the market close on the date the grants were made, and the strike price of those options as issued, can be compared. In addition, the solution must ensure that the option grant date, the option strike price, and the number of options granted all match the compensation committees specifications. Version control of the content in the repository will ensure that original documents cannot be changed or tampered with.

If these parameters do not match, then the technology solution should be able to automatically notify the option issuance process owner of the situation to determine if any wrongdoing has occurred, and then trigger a remediation workflow to the appropriate departments that will need to respond to the situation (e.g. finance, tax, treasury). An audit trail of these actions should be maintained in the central repository. Issuances need to be similarly treated in cases where new hires receive option grants before receiving their first payroll check. And, if remediation actions for either existing staff or new hires are required with a frequency that exceeds acceptable limits, the solution should launch a workflow that notifies the appropriate executives or compliance officers and offers suggested policy changes.

Finally, the solution should be able to determine if remediation actions affect other operational areas in the company, and how these actions may affect overall risk management and governance requirements. For example, if earnings need to be restated as a result of an options-backdating occurrence, any impacts on SOX compliance or on tax-filing reporting obligations need to be determined, and the appropriate workflows need to be launched. Stock-option risk dashboards, which provide rapid detection of potential problems, and trend-analysis reporting enable executives and audit committees to see patterns in option grant pricing that might cause regulators and financial markets to question their corporate ethics.

Time for Action

The short version of the options-backdating story is that organizations that retroactively date options must notify the SEC, expense the costs of the options against earnings in the appropriate quarter, and ensure that appropriate tax deductions are taken. Unfortunately, the story has become more complex because the difficulty of meeting these mandates has, all too often, translated into inactivity. As a result, many organizations face enormous risks as various government agencies start cracking down on options-backdating practices.

Why has this become such a focus of the government? According to a working paper by researchers at the University of Michigan (Eric Dash, Report Estimates the Cost of a Stock Options Scandal, New York Times. September 6, 2006), backdating options boosted surveyed executives compensation by an average of $600,000, but resultant investigations caused a $500 million decrease in shareholder value for their companies. Furthermore, according to research done by the Indiana University Business School, 19% of all option grants between 1996 and 2005 may have been backdated, so the potential losses to shareholders may be nothing short of startling. It comes down to this: The companies currently under investigation may represent only the tip of the iceberg, and regulatory pressures are almost certain to mount.

Against this backdrop it is clear that the time to control options-backdating risks is nowand the way for companies to do so is with a holistic governance solution that provides the process, policy, risk, and control framework that meets todays enterprise-wide mandates while positioning the company for tomorrows regulatory challenges.

Brian Cleary is vice president of marketing and product management for OpenPages (www.openpages.com ), a provider of business governance risk, and compliance technology solutions.