What GAO Found
GAO found (1) the United States Securities and Exchange Commission’s (SEC) and its Investor Protection Fund’s (IPF) financial statements as of and for the fiscal years ended September 30, 2017, and 2016, are presented fairly, in all material respects, in accordance with U.S. generally accepted accounting principles; (2) SEC maintained, in all material respects, effective internal control over financial reporting for SEC and for IPF as of September 30, 2017; and (3) no reportable noncompliance for fiscal year 2017 with provisions of applicable laws, regulations, contracts, and grant agreements GAO tested. In commenting on a draft of this report, SEC expressed pleasure that GAO found that SEC’s financial statements and notes were presented fairly, in all material respects, and in accordance with U.S. generally accepted accounting principles. SEC stated that it will continue to build upon this positive result in financial reporting by continuing to improve its internal control environment. SEC stated that it plans to take actions to help strengthen the agency’s enterprise risk management program, modernize the tracking of disgorgement and penalties resulting from enforcement actions, and to enhance the processing of registration fees. SEC also stated it is already taking a number of proactive steps to enhance the agency’s information security, related to deficiencies in its controls over operations that were identified as a result of the 2016 cyber intrusion involving the Electronic Data Gathering, Analysis, and Retrieval system (EDGAR). GAO plans to monitor SEC’s actions in response to the intrusion as a separate matter.
Why GAO Did This Study
The Accountability of Tax Dollars Act of 2002 requires that SEC annually prepare and submit audited financial statements to Congress and the Office of Management and Budget. The Securities Exchange Act of 1934, as amended in 2010 by the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act), requires SEC to annually prepare and submit a complete set of audited financial statements for its IPF to Congress. In accordance with the authority conferred in the Chief Financial Officers Act of 1990, as amended by the Government Management and Reform Act of 1994, GAO audited the SEC and IPF financial statements. Section 963 of the Dodd-Frank Act further requires that (1) SEC annually submit a report to Congress describing management’s responsibility for internal control over financial reporting and assessing the effectiveness of such internal control during the fiscal year, (2) the SEC Chairman and Chief Financial Officer attest to SEC’s report, and (3) GAO assess the effectiveness of SEC’s internal control over financial reporting and evaluate, attest to, and report on SEC’s assessment. Accordingly, this report also includes GAO’s reporting in response to the requirement under the Dodd-Frank Act.
For more information, contact James R. Dalkin at (202) 512-3133 or firstname.lastname@example.org.