By Cydney Posner
The SEC has posted some new CDIs regarding conflict minerals. The questions relate primarily to the audit that would be required for products that are not "DRC conflict undeterminable." Of course, audits will probably be on the rare side this year. However, a few of the CDIs do clarify some previously open issues (see, e.g., the extremely welcome second bullet.) Remember that Form SD is due on June 2.
- CPA not required for IPSA. The independent private sector audit (IPSA) of the Conflict Minerals Report (CMR) does not need to be performed by a CPA. The IPSA must be conducted in accordance with standards established by the GAO, which has stated that the "Yellow Book" is applicable. Under the Yellow Book, auditors are permitted to perform either Attestation Engagements or Performance Audits. While Attestation Engagements must be performed by licensed CPAs, Performance Audits may be performed by other auditors so long as they meet the applicable requirements under the Yellow Book.
- No IPSA required if any product is "DRC conflict undeterminable." As long as the company, after exercising due diligence on the source and chain of custody of its conflict minerals, determines that at least one of its products may be described as "DRC conflict undeterminable," the company is not required to obtain an IPSA of its CMR during the temporary transition period.
- No IPSA, no "DRC conflict free." However, if the company does not obtain an IPSA (because, e.g., one of its products is "DRC conflict undeterminable"), it is not permitted to describe any of its other products as "DRC conflict free." (ok, that's a deal.)
- Single mineral can affect "conflict-free" determination. Where products are composed of a number of conflict minerals from different sources, a single conflict mineral can affect the outcome of the "conflict-free" classification of the product. During the temporary transition period, if the company has a product that would qualify as "DRC conflict free" except that one of the conflict minerals is "DRC conflict undeterminable," the company may not describe the product as "DRC conflict free." However, if one of conflict minerals is determined to have financed or benefitted armed groups in the DRC countries, the company must describe that product as "having not been found to be ‘DRC conflict free,'" both during and after the temporary transition period.
- IPSA has a narrow scope. The IPSA does not include the completeness or reasonableness of the company's due diligence, such as which suppliers are covered by the due diligence measures. Rather, the IPSA scope is limited to the IPSA objective provided in the rule:
- whether the design of the company's due diligence measures as set forth in, and with respect to the period covered by, the CMR is in conformity, in all material respects, with the criteria set forth in the nationally or internationally recognized due diligence framework used by the company (generally, the OECD framework), and
- whether the description of the due diligence measures it performed as set forth in the CMR, with respect to the period covered by the Report, is consistent with the due diligence process that the company undertook.
The two distinct parts of the IPSA objective are illustrated below:
A. Design of the issuer's own due diligence framework
B. Nationally or Internationally recognized due diligence framework used by the issuer
→ IPSA Objective Part 1: Is A consistent, in all material respects, with B?
C. Description of the process in the issuer's Conflict Minerals Report
D. Process actually undertaken by the issuer to perform due diligence
→ IPSA Objective Part 2: Is C consistent, in all material respects, with D?
The objective is to compare A to B and C to D. Any other comparison would be outside the IPSA scope.
- IPSA need not include the RCOI, even if it is part of the due diligence framework. The due diligence framework, generally, the OECD framework, seems to encompass the procedures for the reasonable country of origin inquiry (RCOI) that the SEC rule requires. However, because the SEC's rules (confusingly) treat the RCOI as a step that is separate from the due diligence process, the IPSA does not need to include the RCOI. As a result, the IPSA opinion can be limited to the portion of the due diligence framework beginning after the RCOI. Similarly, the opinion on the second part of the IPSA objective regarding the due diligence measures undertaken need only cover the due diligence measures described in the CMR after the company determined it had reason to believe its conflict minerals may have originated in the DRC countries.
- Where only some minerals are recycled, CMR required for non-recycled minerals; no IPSA for recycled minerals. Under the rules, products that include conflict minerals from recycled or scrap sources do not require the company to file a CMR with its Form SD. However, if the product also contains conflict minerals that are not from recycled or scrap sources, the company does need to file a CMR. The company should include the disclosures required for minerals from recycled or scrap sources in its Form SD, not in the CMR. However, for the conflict minerals that are not from recycled or scrap sources, the company must file a CMR as an exhibit to the Form SD that includes the required disclosures about the non-recycled minerals, including a description of the due diligence undertaken. Because the IPSA covers only the CMR, not the Form SD, the IPSA would not cover the conflict minerals from recycled or scrap sources.
- Due diligence may extend beyond calendar year. The second part of the IPSA objective regarding the description of the due diligence measures performed applies to the calendar year, the "period covered by the report." That does not mean that the company must perform due diligence constantly throughout the entire calendar year. The company's due diligence measures described in the CMR may begin before or extend beyond the calendar year.
- Description required of due diligence performed, not design of due diligence. Although the rule does not require the company to include a full description of the design of its due diligence in the CMR, the auditor is required to opine about the design of the due diligence measures "as set forth in" the CMR. That does not mean that the company must include a full description of the design of its due diligence in the CMR, but it must describe the due diligence measures in sufficient detail for the auditor to be able to form an opinion or conclusion about whether the description in the CMR is consistent with the process the company actually performed.