The latest legal and logistical issues in subsidiary management
Of the many functions of the corporate secretary in a modern company, one of the most important – and often one of the most challenging – is the oversight and management of an organization’s subsidiaries and affiliates. It is not uncommon for a large US company to have dozens of subsidiaries, each of which may be its own legal entity for filing purposes. For multinational corporations, the number of entities can easily run into the hundreds.
Keeping track of these entities can be daunting. The task of ensuring each is correctly registered and compliant with local regulations as well as the ‘home’ jurisdiction of the parent company may seem simple, but it can take an incredible amount of time. The likelihood of errors is high, and the price for non-compliance even higher.
As regulation of public companies continues to increase both in the US and internationally, many corporate secretaries and others charged with entity management are turning to technology to assist them. Specific entity-management systems are being created to facilitate global compliance. Even with the existence of these new tools, however, certain best practices still need to be developed.
One of the major challenges facing the international company is ensuring information is up to date. To achieve this, entity management must begin at the local level. Any system needs to allow local professionals, who will best know the regulations in their jurisdiction, to input and update information. Attempting to transmit that information to a central location can result in gaps or transcription errors in the information. The users may not be native English speakers, so quality must be controlled. This information can then be combined with data from other areas and used to create a single global subsidiary-management system. This bottom-up approach ensures the greatest accuracy by capturing all the local nuances, thus ensuring users’ confidence in the system.
Filing and reporting requirements vary greatly between jurisdictions. For this reason, the entity-management tool should ‘know’ what specific information needs to be captured in each area and prompt users to input the data. In some cases it may be possible for the system to auto-fill some data, although this will still need to be monitored. Common variances such as date formats, currencies, company types, appointment titles and ownership information must be accurately and consistently represented.
Speaking the same language
Many countries, such as China, Japan and Greece, require company and individual names and addresses to be presented in the local language. Therefore, the system must easily maintain the native alphabet along with the English representation. Translation of this information into English and back is not an option due to the inevitability of translation inaccuracies.
A system that does not meet the needs of local users in all jurisdictions will result in local administrators establishing a locally compliant system to keep their own information. This second source can cause long-term problems for the organization: when there is a second source of information for the local user, the global system will lose timeliness and accuracy, and the overarching quality of the consolidated information will suffer. As errors are cumulative, this problem will only get worse with time.
A decentralized data-entry system that is updated by local users is able to be monitored and controlled, allowing users to maintain a transaction in a pending state and forward that pending transaction to the appropriate person, often the parent company’s corporate secretary, for approval. This control allows the corporate secretary to determine which data-entry types require authorization and from whom authorization should be obtained. Multiple levels of authorization can be established, allowing the secretary to implement multiple person/level authorizations.
Life-cycle management
Entities typically have a life cycle: formation, active period and dissolution. When forming an entity it is important to record who requested the new entity and why, who approved the entity, and who was informed that the entity was created. Once the entity is created, the secretary periodically may ask individuals or groups – business owners, local managers, record managers – to verify that the information is current. Finally, when it is time to deactivate the company, the system may assist by assuring that all facets of the entity, like contracts and ledgers, are properly closed.
Compliance requirements for entities have tightened dramatically since the enactment of SOX. Whenever a manager decides that he or she needs to create a new entity, that request should be entered into a central system and immediately date and time-stamped. This can be very simple – proposed name, company type, location and purpose of the new entity – or it can require much more information. The entity-management system should recognize which data are required at each step and ensure those data are provided before allowing completion of individual steps.
Once the record is complete, the appropriate individuals should then be alerted automatically. The rules can be quite specific as to who needs to be alerted; these rules can be based on the business unit, the country of origin or other internal criteria.
Ongoing maintenance
Once the data are collected, entered into the system and go live, the next step is to ensure details, documents and dates are properly maintained. This step is often as difficult as the initial data gathering, especially as it involves ongoing attention from decentralized representatives who may present span-of-control problems. Having the right system in place will help with ongoing maintenance, as the system forces periodic attention to the entity records.
The periodic review requires a few basic steps to be successful: local users are identified and are responsible for reviewing key entity data such as ownership and officer/director information. Specific instructions should be sent to each of these users on their responsibilities. These users should electronically suggest changes and sign off when the data are accurate.
Building and maintaining an entity-management system is only the first step. Eventually, the information needs to become part of overall business-process management and various individuals will need to access the data to improve corporate operation. Proactive, automatic email notifications to individuals or groups are critical. Notifications may be triggered based on a broad range of variables and can be set by the overall administrator of the system.
Email alerts are generally batched and sent out daily: users will arrive in the morning with a ‘to do’ list from the system. Email alerts are especially valuable when an individual is an occasional user who does not log in to the system daily.
Automatically generated and recurring reminders can be set up and may be based on criteria entered against a field, such as an expiration field. This allows a reminder to be produced in advance of an expiration event. Tasks can also be set up by users for any subject, and these allow users to define the scope of entities for which the task should be performed, stipulate the type of task, provide an explanation for the task and identify the task’s originator, the request date, the due date and its status. Tasks may also contain authorization requirements.
At a global manufacturing firm, for example, the system can automatically email representatives from the tax and treasury departments when a new company is being formed or there have been changes to the entity’s ownership and/or organization chart information.
Collecting and coordinating
One recurring problem is a transaction that starts outside the corporate secretary’s environment – for example, when an employee in a foreign country who is also a director of several subsidiaries leaves the company. Many secretaries struggle to get this information, and it is often not communicated to the corporate legal department. The company then generates inaccurate reports showing this individual as a director for weeks or months after he or she has left the company.
To improve accuracy and timeliness, your system may exchange information with other systems – for example, information captured from HR/payroll may alert you when subsidiary officers or directors have left the firm. The entity-management system should be able to query other systems daily to look for employees who have left the company. When the module matches the name and employee number of an individual who has left the company with the name and employee number of an officer/director in the system, it automatically creates a pending event to remove that employee from the system, adds a calendar task and sends an email alert to the person responsible for that person’s record.
In today’s highly regulated and scrutinized corporate environment, it is critical that tax and legal ownership structures are synchronized for accurate financial and compliance reporting. Historically, tax and legal entity systems were rarely synchronized, so both systems had incomplete information. Sometimes this meant subsidiaries were missing from one of the systems; more often, it meant the tax system had incomplete or truncated company names and the legal system was missing or had inaccurate tax identification numbers.
Manually reconciling records takes significant blocks of time away from the relevant departments and creates substantial additional work for auditors. Building a link to synchronize the two systems ensures changes are accurately reflected in both. Periodic reports of discrepancies can assist in process remediation as users work to understand the source of any further inaccuracies.
A dynamic system is important and can result in significant time savings, but traceability is also vitally important. An audit trail provides historical perspectives, offers review and remediation of entity transactions and processes, and ensures the system automatically records time, date and name for actions taken. It also enables users to search and produce reports and organization charts ‘as of’ particular dates.
On the safe side
Security of corporate records is highly important, too; only those who are supposed to see information should be able to do so. Secure read-only access to business-critical information allows access to be tailored to specific users. In most environments, there is a small group with edit rights and a large group with read-only rights.
Implementation of an effective entity-management system can save the corporate secretary significant time and go a long way to minimizing reporting errors. With regulatory oversight on the increase and shareholder activism taking far more time to deal with now, these time savings become of even greater importance – not to mention the fact that accurate and complete filings ensure litigators do not have an opportunity to launch action claiming incomplete or misleading disclosure.
This article is an edited version of a July 2009 study entitled ‘Best practices in entity management’.
Top tips for subsidiary management
A major objective of entity management is a single repository of all entity-related information. To achieve this goal, several steps must be taken:
- Everyone must have confidence that the system accurately represents the information from all jurisdictions
- Processes must be in place to ensure those who are the source of the information are able to communicate it through the system. A person in a non-domestic country who has responsibility for entities in that country needs to be able to communicate changes
- There should be a process that periodically reviews the information in the database to ensure it is current and accurate
- Information originating in other parts of the company or in other computer systems should automatically feed into the entity-management system.