In late 2020, the Securities and Exchange Commission (SEC) issued a Final Rule for financial statement disclosures. The update impacts requirements in Regulation S-K Items 101, 103, and 105, which cover the Description of Business, Legal Proceedings, and Risk Factors.

According to the Final Rule, the updates are an effort to modernize these items in the financial reports “to improve the readability of disclosure documents, as well as discourage repetition and the disclosure of information that is not material.” We break down the rule amendments and the impacts of SEC disclosure modernization on internal audit below. 

Modernization to Disclosure Items

Before the update, the disclosure items were routine and prescriptive, but also very lengthy and hard to read. The modernization of the regulation provides guidelines that allow businesses to disclose details that matter while making the document more readable.

Amendments to Item 101 - Description of Business 

The amendments to Item 101 revised to rules to make “disclosure principles-based, requiring disclosure of information material to an understanding of the general development of the business, and eliminating the previously prescribed five-year timeframe.” Also, businesses are no longer required to repeat the full descriptions in every disclosure. They only need to give updates and refer back to a previous full description.

In keeping with the principles-based approach, the SEC now requires disclosures about human capital, like the number of employees, to only include information material to understanding the business. The changes expanded the description item to include a statement about all regulatory compliance, not just environmental compliance as in the past.

Consistent with the amendment to the business description, the item on Legal Proceedings now allows the discloser to cross-reference to places in the document that explains legal proceedings without having duplicate text.

In Legal Proceedings, the disclosure threshold for “governmental environmental proceedings resulting in monetary sanctions” increases from $100,000 to $300,000. Alternatively, Management can choose a different threshold that does not “exceed the lesser of $1 million or one percent of the current assets.” 

Amendments to Item 105 - Risk Factors 

Finally, the amendments to the Risk Factors area of the financial statement disclosure encourage brevity. If the section is more than 15 pages, the business has to add a two-page summary to aid the reader. The more extended section also needs to be organized with subheadings. Plus, the section only requires the disclosure of material risk factors, which should help cut down on the length of the section.

How Does SEC Disclosure Modernization Impact Internal Audit?

The SEC modernization effort to make financial disclosures more accessible to an everyday reader is now in effect. While Internal Audit is not generally as involved in financial reporting as external auditors, we have at least two obligations related to the disclosure modernization.

First, we must determine if management has implemented the changes from a primary control point of view. Implementation should also include a mechanism for tracking which disclosure threshold management selected for legal proceeding disclosures related to Item 103.

Second, we must always know the risks that have been disclosed and discussed in Item 105. Our duty as risk-based auditors includes awareness of management’s strategic objectives and risks related to those objectives. The risks outlined in Item 105 are the concerns your organization has publicly announced. It would be neglectful for auditors to ignore these risks. 


Learn how AuditBoard's integrated suite of easy-to-use software (audit management software, SOX compliance software, risk management software, audit workflow software, and compliance management software) can empower your team.