On March 14, 2023, the SEC charged DXC Technology Co. (“DXC") with making material misstatements with respect to its non-GAAP financial performance measures, stating that, DXC “negligently misclassif[ied] tens of millions of dollars of expenses as [transaction, separation and integration-related (“TSI")] costs and improperly exclude[ed] them in its reporting of non-GAAP measures." The SEC's order also found that DXC, and specifically its controllership function and disclosure committee, failed to maintain “adequate" disclosure controls and procedures relating to DXC's non-GAAP disclosures, citing the following shortcomings:
- DXC had insufficient processes to ensure that proposed expenses were accurately classified as TSI costs, as described in its periodic reports and earnings releases.
- DXC did not have “adequate" disclosure controls and procedures in place specific to its non-GAAP financial measures.
- DXC did not have a formal non-GAAP policy.
The SEC stated that these shortcomings caused employees within the business units and financial planning & analysis to “make subjective determinations about whether expenses were related to an actual or contemplated transaction, regardless of whether the costs were actually consistent with the description of the adjustment included in the company's public disclosures." For example, although DXC's public description of TSI costs remained unchanged for two full years, “the company had no process by which its employees evaluated whether proposed TSI costs were consistent with the description of TSI costs included in its non-GAAP disclosure."
The SEC also cited several factors that prevented DXC's controllership from engaging in a meaningful review of proposed TSI costs, including the large number of line items contained in the TSI cost spreadsheet, the short time period within which to complete its review, and the lack of access to project and cost descriptions. Notably, when controllership employees questioned particular expenses or raised other concerns, they often received incomplete or inaccurate information, and no supporting documentation was provided.
Without admitting or denying the findings in the order, DXC consented to a cease-and-desist order, to pay an $8 million penalty, and to undertake to develop and implement appropriate non-GAAP policies and disclosure controls and procedures, including providing a certification of compliance with such undertakings.
Below are some key takeaways to consider based on the SEC's order and applicable SEC rules:
- Companies Should Have Disclosure Controls and Procedures in Place to Identify and Disclose Non-GAAP Adjustments. It is crucial for accounting, legal and other personnel responsible for public reporting to be familiar with SEC reporting requirements as they pertain to non-GAAP measures, and the company's disclosure controls and procedure documentation should specifically address steps and controls in place to identify amounts relevant for non-GAAP adjustments and make non-GAAP disclosures. Employee determinations of non-GAAP adjustments should be guided by, and evaluated in light of, such disclosure controls and procedures and any other non-GAAP policies that a company determines may be appropriate to adopt. In addition, policies and procedures should be designed to help ensure the accounting and legal departments are able to engage in a thorough review and approval process of proposed non-GAAP adjustments, with a view to accuracy, consistency and overall compliance.
- Descriptions of Non-GAAP Measures Should Be Kept Consistent with Actual Accounting Practices. To be effective, companies' disclosure controls and procedures should include processes designed to help ensure that non-GAAP financial measures and adjustments are described accurately in periodic filings, earnings releases and other public statements. Companies should routinely assess whether the descriptions of non-GAAP measures used historically continue to be consistent with their actual accounting practices for identifying, reviewing and approving non-GAAP adjustments.
- An Active and Engaged Disclosure Committee Should Be Part of the Control Environment. An important lesson of the SEC's order is the need for coordinated oversight of non-GAAP and other disclosures across a company's various departments to promote a consistent and accurate disclosure control environment. An active and engaged disclosure committee should play a prominent role in reviewing and commenting on non-GAAP disclosures. The disclosure committee should also periodically review the disclosure controls and procedures with respect to non-GAAP disclosure to ensure they remain up-to-date, consistent with the company's actual business practices, and accurate overall.
- Regulation G Has a Broad Scope and the SEC Continues to Focus on Non-GAAP Disclosures. Regulation G applies whenever a public company discloses non-GAAP financial measures, including outside of SEC filings. Further, non-GAAP financial measures continue to be an area of focus for the SEC, as seen by recent enforcement actions, public remarks, an uptick in SEC comments focusing on non-GAAP disclosures and the SEC's recent December 2022 update to its non-GAAP C&DIs. Companies should ensure that they are approaching their non-GAAP disclosures, including controls and procedures regarding these disclosures, with the care and scrutiny consistent with the SEC's expectations.
We would like to thank Michael Svedman and David Korvin in our Washington, D.C. office for their work on this post.
 In public remarks before the 2017 Baruch College Financial Reporting Conference, then SEC Chief Accountant Wesley R. Bricker highlighted, among other things, the importance of companies having adequate disclosure controls and procedures in place with respect to non-GAAP measures.