Private companies looking to go public will need to be ready to prepare periodic financial reports, demonstrate effective internal control over financial reporting and manage investor relations, among other things.
If they're not ready, companies may face many challenges meeting these requirements, including problematic IT systems integration, high maintenance costs of IT infrastructure, as well as a lack of efficiency and the cybersecurity risks associated with outdated IT systems. This can include financial reporting systems, a lengthy financial close process, complex technical accounting and significant audit and operational risks resulting from a lack of internal control over financial reporting.
Uplifting processes, systems, technical accounting, and internal controls well ahead of going public may help a company's initial public offering process as well as ongoing financial reporting requirements.
Technology systems
Although most private companies that prepare to go public put much of their focus on financial and legal processes, it is essential to also ensure they have the right IT systems to support and enable the company's growth. Specifically, private companies should have secure networks, scalable infrastructure, and modern, integrated IT platforms and software systems. When a structured approach in assessing a company's IT systems is not seen as a top priority, it leads to instances where the technology stack is not sufficient to support growth, facilitate efficient operations, and ensure data and system security. A common issue arises when private companies use an entry-level accounting software system that may have been valuable at the initial stages of its growth but has become cumbersome and inefficient as the company has grown. However, during the process of becoming public, companies often need a modern, customizable financial system with advanced features and reporting capabilities that optimize the company's resources and support planned growth.
Additionally, it is important for companies that prepare to be public to have confidence in their data and forecasting process. Data governance and integrity are critical in providing accurate financial metrics. Companies that do not invest in their central data repository could have competing data sets for the same metrics, which could negatively impact their decision-making abilities for financial reporting or operational purposes.
Additionally, it is not uncommon for private companies to improperly implement cybersecurity measures because they do not have a solid understanding of cyber-risks resulting from their IT infrastructure. There are specific data compliance obligations, risks and cybersecurity vulnerabilities and weaknesses that can lead to compliance violations and the erosion of brand value and a company's valuation. A poorly secured network, the absence of IT system hardening policies or a lack of cybersecurity training for employees are common reasons for data breaches.
Companies that want to go public should consider investing early in assessing their IT systems to understand significant risks and vulnerabilities. They should take the necessary steps to make sure their technology platforms support effective financial reporting and key performance indicators, as well as ensure SOX compliance. A forward-looking approach will help companies select the right IT systems that facilitate continued, sustainable growth. Companies can take specific steps to proactively avoid technology-related issues that can affect their IPO, including:
- Evaluate IT infrastructure and assess all software and hardware components;
- Modernize and update outdated legacy IT systems;
- Implement scalable architectures that improve system efficiencies;
- Assess cybersecurity processes, identify cyber-risks, and establish a rigorous cybersecurity and data framework;
- Evaluate the financial management/ERP system and consider moving to a more advanced software system;
- Invest in a more robust Master Data Management strategy with an advanced analytics engine for accurate financial reporting and forecasting; and
- Ensure that the IT systems provide the capabilities needed for Securities and Exchange Commission compliance and public reporting
Financial statement close process
During periods of rapid growth, private companies often focus heavily on sales and development but overlook devoting time and resources to maturing vital back-office functions, such as accounting and financial planning and analysis, and key processes such as the financial statement close process. This often results in a lengthy financial statement close process which delays the filing of SEC registration statements.
Companies often have lengthy financial statement close processes due to some common factors, including a lack of a defined process and procedures, incomplete or inaccurate data, mistakes resulting from rushing the process requiring rework, a lack of systems integration, and a lack of automation to reduce risk for human error. A lengthy financial close process could be problematic after going public when trying to meet SEC financial reporting requirements because filing delays can result in significant audit findings, non-compliance with debt or equity arrangements, and inaccurate financial reports, all of which can result in significant loss of investor confidence. Companies can do a number of things to reduce such timing risks, including:
- Assessing their accounting infrastructure and needs, including people, processes and software systems;
- Automating key processes such as accounts receivable, accounts payable, and time and expenses;
- Using advanced data analytics tools to comply with revenue recognition rules;
- Streamlining the close process by creating and customizing a close checklist, standardizing journal entries and reconciliations, and tailoring financial reporting packages; and
- Developing and implementing scalable accounting and finance processes.
With the current volatility in the markets, delays in the filing of SEC registration statements could have a negative impact on the initial public offering price and/or proceeds raised. Addressing these close process challenges early could help mitigate such impact.
Technical accounting and financial reporting
Uplifting private company financial statements to comply with SEC accounting requirements and Public Company Accounting Oversight Board audit requirements can be a substantial amount of effort. This includes preparing complete and accurate quarterly financial statements that may be part of a registration statement. Companies should assume this will take months versus weeks in the timeline for filing the initial registration statement. If meeting the timeline for the initial registration statement is critical, which is usually the case, companies should think about performing the following at least six to nine months from the estimated filing date:
- Uplifting financial statements and disclosures for SEC reporting, including earnings per share, preferred stock and private company policy elections to public company standards;
- Uplifting technical memos for PCAOB audits;
- Assisting in the preparation and/or review of audit support;
- Assisting with the adoption of new accounting standards; and
- Quarterizing annual financial statements.
Within three to six months from the estimated filing date, companies should also begin drafting the initial registration statement and, if needed, Article 3-05 financial statements and related Article 11 pro forma financial statements for significant acquisition.
Internal control over financial reporting
Public companies must include their own assessment of internal control over financial reporting in their annual report filed with the SEC as proscribed by the Sarbanes-Oxley Act. Certain public companies must also include their external auditor's assessment of internal control over financial reporting. In both of these cases, management should have established an effective internal controls environment and performed SOX assessments to progress toward compliance with these requirements. Companies too often neglect internal controls until they get within a year of going public, in which case they are already at significant risk for significant audit findings and a negative impact to investor confidence. Implementing appropriate internal controls well before going public gives companies a chance to assess the effectiveness of their key business functions and processes, identify and address inefficiencies, and remediate material weaknesses before they must be disclosed in the annual report filed with the SEC. SOX implementation should include:
- Performing an overall risk assessment to understand the company's overall risk profile;
- Designing and documenting SOX-compliant controls;
- Performing tests of design and operating effectiveness and evaluating the results;
- Identifying key deficiencies and control gaps; and
- Remediating identified control deficiencies and gaps.
Outsourcing
The advantages of outsourcing to a third-party specialist are the knowledge that the provider has significant expertise and will leverage best practices to optimize systems, processes and overall strategy. Using a third-party specialist also enables finance and IT departments to focus on core responsibilities to meet financial reporting deadlines, while the service provider advises and executes on high-priority tasks, increasing the likelihood of accurate financial reporting and reducing audit risk. Selecting the right provider is part of the puzzle to successfully addressing the challenges. Companies should consider the following when choosing a provider:
- Does the provider have the capabilities?
- Does the provider have the resources to meet the deadlines?
- Will the project leader maintain a high level of involvement on the project to ensure high-quality and timely deliverables?