Tag Archives: Internal Audit

Elements of a Comprehensive Trademark Licensing Audit

Internal Audit departments are focused and staffed to effectively address the risks and compliance requirements (e.g., SOX, FCPA, PCI, GDPR) facing their entity.  Internal Audit plans emphasize documenting, testing and improving the major business processes and supporting business change initiatives.  Trademark licensing audits do not fit this focus as these are contract compliance audits of the relevant books and records of a business partner.  There is no business process documentation for planning nor is there any testing of internal controls.  The focus of these audits is to ensure that the information provided for sales, purchases, advertising, payments, etc. is complete and accurate, and then to analyze this information for compliance with the terms and restrictions of the agreement.  The testing is substantive because the licensee is only required to supply information specific to the agreement.  The licensee may also need to provide some high-level information related to their overall business to support agreeing the information provided to their financial records on a sample basis.  The “thinking on your feet” necessary to obtain evidence that the information provided is complete and accurate requires either co-sourcing with specialists or a senior/seasoned member of the audit team.

The most important risk of trademark licensing is potential damage to the brand.  Aspects of product quality and the “fit’ of product with the brand image are beyond the scope of a financial audit.  Likewise, factory/social compliance risks are also beyond the scope and require proof from the licensee of qualified factory social compliance audits or the licensor co-sourcing for such audits.  The scope of the financial licensing audit should include the identification of sales in territories or channels (e.g., clubs, off-price, deep discount) that will degrade the brand, and which violate or exceed limits in the agreement.

Other trademark licensing risks are driven by the clauses in the contract.  Some clauses may make sense to lawyers and management on paper but are difficult to impossible to effectively abide by operationally.  One common clause that comes to mind is that any sales of product to the licensor must be at the lowest price previously sold to any licensee customer or even a certain percentage off that lowest price.   It is not practical for a licensee to program their sales order system to meet such a requirement which means the licensee must manually research prices prior to filling an order for a licensor.  Is it likely the licensee will incur the cost of the time required to manually determine such prices?  Identifying such challenging agreement clauses and developing effective audit tests is critical for a comprehensive trademark licensing audit.

Considering and identifying opportunity/risk for intentional/unintentional understatement of royalties or overstatement of required spend (e.g., advertising) by the licensee remaining undetected is a critical planning aspect of a comprehensive trademark licensing audit.  For example, shipments directly from factories to customers are commonplace and increasing in frequency in many industries.  This is particularly true of consumer products and especially sales to major retailers who have much more efficient supply chains than their vendors and can save time and money importing the products using their own logistics.  In today’s highly efficient supply chains, the company that designs and sells the product is now akin to a costly “middleman”.  Such activity presents significant risks of royalty understatement for licensors.  The licensee never takes physical possession of the product and therefore may not be able to invoice customers using their normal/structured process.   In most ERP systems, shipment triggers invoicing and ensures a “clean” sales cutoff.  Because they are not shipping the product, a different workflow, perhaps even manual invoicing, is required for these direct shipments.  Alternate workflows introduce the risk of intentional/unintentional understatements of sales.  An example of a licensee overstating required expenditures is including payments for product positioning (e.g., end caps) or co-operative advertising on schedules supporting required advertising spend.  Some agreements permit these as includable items, but many do not.  Most agreements require advertising in national magazines, digital advertising and mailers but do not permit including advertising support to customers.  A comprehensive trademark audit defines the specific advertising requirements and develops testing to ensure only such advertising is included on the schedules provided by the licensee to support this spend.  Some agreements require the licensee to remit any shortfall in advertising spend to the licensor whereas others require that these amounts are added to the required spend for a future year.  Either outcome is a significant benefit to the licensor.

Licensee miscoding of product is another risk leading to understatement of sales/royalties.  Some licensees build the brand coding into the SKU number whereas others use sequential SKU numbers and utilize another field in the product master file to indicate brand.  Given that all the reporting is from the licensee systems, the auditor has no basis to rely on reports as complete and accurate.  In the former example, perhaps the reports/queries do not capture branded SKUs in certain product categories.  In the latter example, perhaps the brand designation code was left blank or input incorrectly leading to no inclusion of sales for that branded product in the reports used to report royalties or used to provide reports to the auditor.  Complexity of coding expands further for licensees that ship and invoice multiple brands on a consolidated invoice.  Product coding challenges are typically not known until the auditor is in the field at the licensee’s offices.  A keen understanding of processing and reporting is required to quickly develop audit tests to establish the completeness of sales given such product coding challenges.

We know that excellent business reporting is always a challenge, mainly due to cost and resources.  Many functions require system reporting to effectively manage their responsibilities and they must compete for such resources.  As we might expect, the priority to have excellent reporting to determine sales to pay royalties to an outside party does not rise to the top of many licensee’s priority lists.  Certainly, front line reporting to manage and maximize sales should be a primary goal.  Both the licensee and licensor benefit from effective sales management.  An ERP system report with a heading for the SKU/product and then a listing of units and dollars by customer with totals is helpful for managing sales but not very helpful for the auditor because the SKU, customer, units and dollars are not on the same line.  The reporting challenge is greater with some of the more nuanced clauses of the agreement.  One example is royalty rates tiered by sales level.  Different royalty rates for different product types is another example.  A third example is different sales minimums by product category, territory, gender, etc. or maximum sales percentages to certain channels (e.g., off-price).  The auditor typically must accumulate sales data files by invoice line item with all the appropriate information on each line to then analyze compliance with all agreement clauses.  In some cases, the auditor must develop an elegant solution in EXCEL whereas in other cases the auditor must be willing to grunt through hours of cut/paste to arrive at the complete data file required for compliance analysis.  Experience allows the auditor to determine a solution quickly and get to it.  A bias for action is critical.  Each audit is different, and an auditor likely will not return to the same licensee for years.  There is no time to search for a best solution, just a solution that works.

The skills and experience to complete comprehensive trademark licensing audits on tight budgets require co-sourcing for most companies.  The contract analysis, test development and data analytic skills required for comprehensive trademark licensing audits is unique.  Co-sourcing must be approached with caution, however, because there are many providers that offer these services that simply do not have the skills.  Use the points above in your discussions when interviewing potential co-sourcing partners.  These are typical challenges of an audit and the provider should be conversant with quick and clear strategies to handle these challenges.  Choosing the right partner is the best way to leverage compliance to identify recoveries, ensure control, and deliver value to your entity.

 

About the Author

Glenn Murphy, the co-founder of BestGRC and founder of GRC Management Consulting LLC, primarily focuses on empowering entities to leverage their compliance activities through the BestGRC “cloud” software, his consulting work, publications, and the “Leverage Compliance” blog.  In addition, Glenn provides licensee compliance audits in conjunction with Licensing Compliance Group and IT Governance/Cybersecurity Assessments in conjunction with Ra Security Systems.  Find Glenn’s full profile at http://www.linkedin.com/in/glenntmurphy/, follow him @GlennMurphyGRC and subscribe to the Leverage Compliance blog at http://www.bestgrc.com/blog/

Why Internal Audit Should Oversee Trademark Licensing Audits

I performed thirteen trademark licensing audits in the past six months for five different corporations.  Theses audits were contracted and overseen by Internal Audit (IA) for only one of these five clients.  Upcoming audits we scheduled or are scheduling with three other clients are similarly contracted by functions other than IA.  All these clients have an IA function.  There are several reasons why IA should oversee trademark licensing audits.  So why is co-sourcing for trademark licensing audits left to others?  IA leaders must communicate the organizational necessity of their contracting and overseeing the trademark licensing program.

The Licensing Department is typically a small group in the enterprise.  For this reason, the function may be partly overlooked when preparing full process and controls documentation.  Royalty income from trademark licensing is typically not subject to the internal control procedures used for other sources of revenue.  If invoices are issued for royalties, these are typically for guaranteed minimum royalties or estimated royalties using manual invoicing either within or outside of your ERP system.  Internal control activities should include the oversight and analysis performed by the internal licensing accounting team to arrive at these invoiced/recorded revenues as well as tracking/recording other obligations of the licensee.  Do they analyze and recalculate all the royalty statements, submissions for advertising and other reporting provided by the licensees?  Do they reconcile all payments and follow-up on late/missing payments?  Is there sound internal communication of exceptions (e.g., sales to Warehouse Clubs outside the license agreement) from the licensing team to the accounting team so that they expect/accrue/invoice these additional royalty receivables?

There are two aspects to the controls over the licensing function.  The internal processes of the licensing/accounting team to oversee and record the current activity and the audit of licensee books and records to validate the complete and accurate reporting and compliance with the licensing agreement.  To the extent that non-compliance is identified by licensee audits and additional amounts are due, there is a shortfall in the overall internal control process because such recoveries are recorded in an accounting period subsequent to the period in which they are earned.  This risk of understatement is inherent to licensing due to reliance on complete information from an outside partner.  To reduce this risk to an acceptable level, the trademark licensing annual risk assessment (see my prior blog) which determines the frequency of audit of each licensee should be a key control.  Those licensees deemed of a higher risk should be audited more frequently to ensure the complete and accurate revenues are captured during or close to the appropriate financial reporting period.  Performance of the licensee audits by IA either directly or through co-sourcing partner with IA setting the parameters and scope becomes an extension of the Internal Audit plan and a service that IA provides to the business.  Oversight of licensee audits by a business function requires IA to document and test the oversight performed by this function.  Direct oversight of licensee audits by IA is a more timely and effective approach.

The independence of the IA function and especially the reporting to the Audit Committee should not be understated.  My experience as a Chief Audit Executive (CAE) for a company with more than 30 licensees highlights this distinction.  The licensee audit co-source partner was overseen by the Finance function for many years prior to IA adding this oversight to our responsibilities in the early 2000s partly as an extension of oversight in response to SOX requirements.  Many of the licensee audits ended in negotiated settlements prior to our oversight.  We brought the rigor and structure of an IA approach in coordination with the same co-sourcing partner which eliminated many of the “gray areas” in the findings.  More importantly, the licensees recognized IA as an independent function with the weight of reporting to the Audit Committee and knew that there was little room for negotiation of amounts due.  The result was incremental recoveries of several hundred thousand dollars each year and a more responsive attitude on the part of licensees to address the issues that led to the findings.  Following IA leadership of licensee audits, the only negotiated settlements were related to contract terms that were truly ambiguous and for which we tracked such issues to a future contract addendum to clarify the ambiguity.

Our experience was that IA oversight and follow-up led to a higher level of licensee contract compliance over time.  The number and amounts of recoveries decreased, which was our goal.  The decrease in recoveries directly reflected an improvement in the completeness and accuracy of licensee reporting and payment.  This meant that the accounting for licensee activity likewise improved as did the timeliness of cash flow from licensing.   Adding the oversight of trademark licensing audits to your audit plan is one more way to leverage compliance to improve business process and profitability for your Company.

About the Author

Glenn Murphy, the co-founder of BestGRC and founder of GRC Management Consulting LLC, primarily focuses on empowering entities to leverage their compliance activities through the BestGRC “cloud” software, his consulting work, publications, and the “Leverage Compliance” blog.  In addition, Glenn provides licensee compliance audits in conjunction with Licensing Compliance Group and Cybersecurity/NIST/Penetration Tests/SOC for Cyber/SOC 2/3 Assessments in conjunction with Ra Security Systems.  Find Glenn’s full profile at http://www.linkedin.com/in/glenntmurphy/, follow him @GlennMurphyGRC and subscribe to the Leverage Compliance blog at http://www.bestgrc.com/blog/

Risk Assessment of the Trademark Licensing Process

Organizations typically license their trademarks with several partners in different channels, product categories or geographies.  While the overall trademark licensing business process should be part of your internal audit risk assessment along with all other business processes; trademark licensing requires a sub-assessment of risk using a different process due to the inclusion of many business partners, the reliance on accurate data reported from external parties using their systems, and the characteristics of the agreements.

The starting point is to identify all the licensees, obtain all the agreements and develop an agreement extract template to complete for all agreements.  The template will likely expand as you proceed through the agreements and you identify unique clauses that are of interest to audit.  I typically perform the initial abstract in a Word table.  There are numerous clauses in these agreements that are arguably all important, however, this process requires determining which clauses are important for Internal Audit to consider.  For example, the agreement should include social compliance requirements (i.e., factory audits designed to ensure no child labor, no prison labor, environmental compliance, etc.).  These are only relevant for inclusion if your organization does not have a factory compliance function which includes licensees in their scope.  Typically, product approval and product quality considerations are not relevant for the Internal Audit risk assessment, but the absence of such oversight in your organization may bring these considerations into scope.  Certainly, gross sales and the permissibility of/limitations on deductions to arrive at net sales for royalty purposes is relevant.  Advertising spend requirements are relevant because validation via audit sampling is necessary to verify compliance.  Territory restrictions are particularly important if your organization has agreements with more than one licensee for the same channel or product category.  Agreements typically restrict certain channels (i.e., wholesale, retail, internet, military bases, corporate gifts programs) and the magnitude of the opportunities in these channels dictates the relative importance of these to your organization, and your risk assessment.

Once the agreement extracts are complete, transfer certain key data from these to a spreadsheet for risk-scoring and scheduling of the licensee audit plan for the next three years.  The completed risk-assessment will determine how many audits per year are expected, the estimated total audit cost and allow you to plan/schedule resources accordingly.  Involve the Licensing Team every step of the way because their input and agreement are invaluable.  You also need to demonstrate the service internal audit provides to their division to ensure compliance, maximize revenue and advertising spend, and identify the licensees that require the most oversight.  I’ve had more than one audit year where licensee audit recoveries pushed the licensing divisions earnings into a higher bonus tier for the licensing team.

After all the licensees are added to the spreadsheet, the risk scoring can proceed.  I suggest you consider scoring of the following Risk Factors:

  • Prior Audit Results – the number of issues, their importance (monetary or not) and the amount of recoveries. Certainly, a recovery of greater than $50,000 or an issue that negatively impacts the brand earns an elevated risk score typically leading to annual audits.
  • Sophistication of Systems – a licensee with multiple divisions on more than one system earns an elevated risk score. Licensees that migrated to new systems also earn an elevated risk score.
  • Sophistication of Reporting – a licensee that must compile the information for royalty reports offline in EXCEL earns an elevated risk score due to the introduction of spreadsheet error.
  • Recording of Activity – establishing the completeness and accuracy of the detail sales data supplied by the licensee and agreeing this to the general ledger are critical activities for the auditor. Reasonably agreeing the sales in units from an inventory roll-forward to these sales reports also establishes confidence in the completeness of the data.  The licensee recording activity by brand into a separate “division” typically makes these reconciliations easy.  Recording activity by product category for multiple brands, especially for retail location sales, typically makes such reconciliation and agreement to financials difficult to impractical.   The latter circumstance earns an elevated risk score.
  • Drop Shipment (Back-to-Back) Activity – circumstances where the licensee never takes physical possession of goods but rather releases them directly to customers or sub-licensed distributors significantly increases the risk of un-reporting error and fraud. Reconciliation to the inventory roll-forward discussed above will not identify this under-reporting.  Drop shipment activity earns an elevated risk score.
  • Use of Foreign Distributors (sub-license) – the sales transactions of the licensed product occur in the systems of an entity other than your licensee which increases the risk of intentional or unintentional under-reporting by the licensee or sub-licensee. Permission of sub-licensees earns an elevated risk score.
  • Sales to Licensor at Required Pricing – licensors that purchase products from their licensees (e.g., to sell in direct-to-consumer channels) typically include a “most favored nation” clause in the agreement to ensure that they always receive the lowest price. This makes sense to those negotiating the agreement, however, in practice the order processing team of the licensee does not readily have the information and resources to identify and process pricing that complies with these terms.  Inclusion of such clauses earns an elevated risk score.
  • Multiple Currency Reporting – conversion of sales data from more than one currency earns an elevated risk score.
  • Reported Sales as Compared to GMS – most agreements have Guaranteed Minimum Sales (GMS) that the licensee must achieve. Guaranteed Minimum Royalties typically follow from the GMS.  If the licensee is well below the GMS it is unlikely an audit will identify unreported sales to the extent that additional royalties are due and, as such, this factor earns a reduced risk score.  A licensee well above the GMS earns a moderate risk score.  A licensee that is just below the GMS earns the most elevated risk score because they are in a position that may motivate under-reporting and avoidance of royalty on the incremental sales that push them past the GMS.
  • Deductions from Gross Sales to Arrive at Net Sales – the magnitude of deductions typically taken as a percentage of gross sales drives the magnitude of the risk score. Licensees that sell to department stores and Amazon typically have higher deductions.  If the agreement specifies limits on deductions and the deductions are at/near this limit, an elevated risk score is assigned.
  • Advertising Requirements – agreements typically require spending a certain minimum percentage of sales on advertising and promotion. Some agreements further break down what types of advertising satisfy these requirements and may further specify percentages of the total that must be spent on each category.  The more the complex the agreement requirements, the more elevated the risk score.
  • Co-operative Advertising – the agreement treatment of co-operative advertising as either a deduction or as part of required advertising is an important distinction. Licensees typically do not properly segregate these amounts.  Agreements where the co-operative adverting is classified as adverting rather than as a deduction earn an elevated risk score.
  • Territory – a world-wide license has no risk for this factor, whereas a territory specific license increases the risk, and a circumstance where either your organization or another licensee sells the same product category in a different territory earns an elevated risk score.
  • Channel Restrictions – like territory, channel risk increases as there are others permitted to sell in the restricted channels (e.g., Corporate Gift Programs).
  • Complexity of the Agreement – the more clauses in the agreement subject to audit the more elevated the risk score.
  • Years Since Last Audit – change occurs over time (new systems, customers, management, persons compiling the royalty reports) and the passage of time earns an elevated risk score.
  • Right to Audit – agreements specify the number of prior years that are subject to audit. Typically, this is three years.  The closer to this limit earns an elevated risk score.  Before an audit year is permitted to lapse, both the licensing team and internal audit must explicitly agree to allow the year to lapse.
  • Club Sales – Restrictions on sales to Clubs (e.g., Costco, Sam’s Club) requiring special arrangements and permissions are rather typical. In many cases sales to these customers do not count against GMS.  Such clauses increase risk of underreporting or underpayment of royalties and earn an elevated risk score.
  • Off-Price Channel Limitations – Limitations on sales to “Off-price” channels as either an outright exclusion, an exclusion on current season product, or an upper cap on these sales as a percentage of total sales increase complexity and risk and thus lead to an elevated risk score.

As you proceed through this exercise, the categories of low, moderate, and high-risk licensees become apparent.  Include the high risk on the current audit plan, the moderate on a two-year schedule and the low on a three-year rotation.  The risk-assessment should occur annually, but you need to be cognizant of the initial assessment and especially the limitations on how many years the agreements allow you to audit.  Therefore, you need to “lock in” the two/three year from the prior assessment and only adjust these if circumstances have changed.  The focus of year two and future assessments is the high-risk licensees and if circumstances have improved to migrate them to a two-year rotation.

The main goal of the licensee audit program is to improve compliance.  It is far better for your organization to collect all royalties due timely and to ensure the brand is properly protected.  The financial recoveries of a successful program should diminish over time.  You must emphasize this goal up front because there may be those in management who see reduced financial recoveries as an indication of complacency or lack of focus.  Reduced recoveries indicate reduced risk and a program that is well managed.  As the program succeeds over time, the frequency of licensee audits will decrease as their risks scores also decrease.  Proper communication allows the licensing team and your senior management to realize how you leverage compliance to maximize revenues, protect the brand and reduce risk.

About the Author

Glenn Murphy, the co-founder of BestGRC and founder of GRC Management Consulting LLC, primarily focuses on empowering entities to leverage their compliance activities through the BestGRC “cloud” software, his consulting work, publications, and the “Leverage Compliance” blog.  In addition, Glenn provides licensee compliance audits in conjunction with Licensing Compliance Group and Cybersecurity/NIST/Penetration Tests/SOC for Cyber/SOC 2/3 Assessments in conjunction with Ra Security Systems.  Find Glenn’s full profile at http://www.linkedin.com/in/glenntmurphy/, follow him @GlennMurphyGRC and subscribe to the Leverage Compliance blog at http://www.bestgrc.com/blog/

Does Internal Audit Devote Enough Resources to Managerial Accounting?

Sarbanes-Oxley compliance (SOX) is more routine than in the past but continues as a major distraction to the internal audit profession.  The continued PCAOB scrutiny with published Inspection Report Findings continue to pressure external audit firms performing 404 Reviews, who in turn require expanded SOX compliance activities at their clients to earn a “clean” opinion.  More recently, cybersecurity and data governance have garnered a lot of attention and resources.  Perhaps lost in these distractions is the appropriateness, accuracy and availability of information management needs to effectively direct and oversee the strategic, financial and operational objectives of the business.  Certainly, compliance professionals can “walk and chew gum at the same time”, but is scrutiny of the most important business information “taking a back seat”?

Financial accounting reports follow generally accepted accounting principles (GAAP).  The users of financial accounting results are mostly external parties to the organization (investors, analysts, banks, government).  Financial accounting is of some value for management, mainly to retrospectively compare their results to others in their industry using the same baseline accounting principles (GAAP).  Managerial accounting provides organizational leaders with the accounting information to run the business, assess current performance, and forecast future performance.  This information is critical to directing operations, setting near term funding needs, and communicating goals to internal stakeholders.

Much of the Management Discussion and Analysis (MD&A) section of financial filings and the information discussed on the earnings call is the information management uses to assess performance.  This information falls more in the realm of managerial accounting.  How deeply do we audit this information?  Do we only make sure there is evidence that is it is prepared and reviewed w/ appropriate sign-offs or do we audit the accuracy of the information?  Do we question the appropriateness of the information versus other managerial accounting measures that perhaps gives better insight into the performance of the firm?

Management accounting helps management to discern between value-added activities and those activities that do not add value.  Financial accounting only concerns proper classification of the expenditures related to either activity type.  While it is certainly helpful to understand the cost of activities, it is much more important to identify and eliminate wasteful activities.  Moreover, to choose optimal value-added activities over those that add less value.  Regardless of the core mission of the business, whether profit or not-for-profit, profits are necessary to sustain the mission over time.

How does internal audit refocus on ensuring the information management needs for decision-making in available and accurate?  Are internal auditors equipped to assess management reporting?  The answer is to simply expand the tools and techniques we use for all internal control activities.  The COSO Framework is as appropriate for managerial accounting and reporting as for all other critical business functions.  As the use of “Non-GAAP” measures expand in financial filings and the need for immediate information for management to make informed decisions grow, the reporting risks increase and the assessment of the processes and controls to ensure ongoing accurate and timely managerial accounting information should become an important part of the annual internal audit plan.  Auditors frequently speak about earning a “seat at the table”.  The best way to earn this “seat” is to provide assurance to key decision makers regarding the accuracy and appropriateness of the information they receive, which is typically managerial accounting information, not financial accounting information.  Look at your risk-assessment and audit plan process to make sure that there is an appropriate identification and focus on managerial accounting information and controls.  If necessary, refocus your process to ensure you effectively leverage your compliance activities optimize your service to all key business constituents.

 

About the Author

Glenn Murphy, the co-founder of BestGRC and founder of GRC Management Consulting LLC, primarily focuses on empowering entities to leverage their compliance activities through the BestGRC “cloud” software, his consulting work, publications, and the “Leverage Compliance” blog.  In addition, Glenn provides licensee compliance audits in conjunction with Licensing Compliance Group and Cybersecurity/Penetration Tests/SOC for Cyber/SOC 2/3 Assessments in conjunction with Ra Security Systems.  Find Glenn’s full profile at http://www.linkedin.com/in/glenntmurphy/, follow him @GlennMurphyGRC and subscribe to the Leverage Compliance blog at http://www.bestgrc.com/blog/

Why Trademark Licensing Audits Must Be an Integral Part of the Internal Audit Plan

“Retail and related revenue generated globally by the trademark licensing business in 2017 rose 3.3% to US$271.6B, according to results from the Annual Global Licensing Industry Survey released today by LIMA. Royalty revenue from sales of licensed merchandise and services rose 2.6% to $14.5 billion.” source – LIMA.org  For some perspective on these revenues, if the trademark licensing business were a corporation, it would rank second on the Fortune 500 following only Walmart.  Further, trademark licensing is less labor-intensive than most other business processes leading to licensing activity contributing a far higher proportion of corporate profits than of corporate revenues.  Given the size and importance of trademark licensing, we should expect widespread coverage in internal audit publications and resources, but that does not seem to be the case.  Financial and audit management, as well as audit committee members, must ensure there are appropriate resources devoted to trademark licensing audits (licensor) and to trademark licensing accounting (licensors and licensees) in the internal audit plan.

Trademark Licensing

How to proceed?  Expand your Audit Universe by following the COSO Framework to define the Activity of “Plan and Manage Licensee Audits”.  Assign the Process/Sub-Objectives of “Ensure royalties, advertising and other trademark licensing agreement (Agreement) amounts are completely identified and collected” (SO1) and “Ensure Licensee abides by Licensing Agreement Territory, Distribution, Customer, and other requirements and limits/minimums (e.g., Off-Price Sales %, Gender Minimum %)” (SO2) to this Activity.  Defining Sub-objectives enables the identification and assessment of Risks to the achievement of these Sub-objectives.

A key risk for SO1 is “Under-reporting of sales, advertising or amounts due per the License Agreement” (R01).  The under-reporting may be intentional and executed through sales outside the territory, drop-shipments/direct import/back-to-back deliveries to customers at factories or via freight forwarder, or simply under-reporting with the expectation of no licensor audit or a poorly executed one.  The under-reporting may be unintentional and the result of old systems, errors in a system conversion, or a manually intensive need to “flag” every individual product with a licensor code.  Expanding on the last cause, a licensee system or business process that assigns the next sequential number to each new product irrespective of brand/trademark increases the risk that some products sold bearing your company’s trademarks were not reported because complete reporting by brand is dependent on another, typically not required, data field in the Product Master File.  Do you understand which of your licensees use structured/intelligent style/item numbers versus those using a sequential assignment?

Under-reporting of advertising amounts expended or due to the Licensor associated with R01 is more difficult to assess than royalties due.  Many Agreements require a minimum amount of expenditures on advertising, typically 2% of net sales, with any shortfall in the amount spent due to the Licensor.  The goal of such advertising clauses is to drive product/brand awareness and thereby increase sales, and therefore increase royalties.  Many Licensees do a poor job of advertising reporting, even though such reporting is required by the Agreement.   For many licensee audits I’ve performed, the advertising support is only compiled for the audit rather than reported to the Licensor quarterly, as is typically required by the Agreement.  Even given complete reporting of advertising spend as compared to the required amount, the only way to assess this spend is to sample invoices and compare the expenditures to the acceptable types of advertising defined by the Agreement.  Such analysis typically requires a licensee audit or, at a minimum, the licensing and/or the licensing accounting department of the Licensor to request a copy of invoices supporting this spend.  Do you know if such a review of advertising spend occurs within your organization?

A second key risk for SO1 is “Ambiguity in the wording of a Licensing Agreement” (R02).  Are the permitted types of advertising to satisfy the advertising requirement spelled out in enough detail and agreed to by both parties?  For example, charges to the Licensee by their customers for store end-caps may or may not satisfy this requirement.  The definition of deductions and allowances from gross sales to arrive at net sales subject to royalties is another critical area that may be subject to ambiguity.  Is a discount for early payment (e.g., 2% net 30) allowed as a deduction?  Is co-operative advertising allowed as a deduction, allowed to satisfy minimum advertising or neither?  Licensee customer operations charges for late or non-compliant shipments are typically not permitted as valid deductions by the Agreement, but I have seen numerous instances of these amounts included in deductions.  Some Agreements do not include a clause for interest on late payments or the reimbursement of audit fees if amounts due from the audit exceed a certain percentage (typically 3-5%) of total amounts due.  Without such clauses, what is the disincentive for the Licensee to under-report, over-deduct, or pay late?

A key risk for SO2 is “Licensee sale out of Territory, Approved Distribution, Approved Customer or other violations.” (R03).  The trademark/brand is perhaps the most important asset of a Company.  Think of all the activities and resources devoted to developing, supporting, expanding and maintaining your brand through the years and in current budgets.  Perhaps the most significant risk of licensing is allowing another entity to represent your brand with their design, products and services.  This risk is heightened if the business relationship with the Licensee has soured or in the final years/months of an Agreement not slated for renewal.  Related to territory, a licensor that engages with multiple licensees for the same product category in different territories bears the prime responsibility to ensure these licensees do not encroach on each other’s territory.  Related to distribution, the unexpected presence of your brand in a retail outlet you would never sell your product to can damage your brand reputation or exclusivity.  To a consumer, anything with your brand is you.  An example of other violations is that the Agreement may permit the licensee to use multiple trademark of your Company, but they may not market using all these trademarks.  Most Agreements define minimum sales by trademark or gender within trademark with a related forfeiture of rights to use the trademark if the minimums are not met.  Identifying such deficiencies and enforcing this clause presents the licensor with the opportunity to license that trademark to another business partner to generate additional royalties and brand exposure.

Given a willingness to include or expand the focus on licensing in your Audit Universe, how best to proceed?  A typical licensing audit performed by a highly reputable firm costs less than $15,000 with expenses, so there is every reason to co-source.  Indeed, the inclusion of three or more licensing audits in the Plan is highly likely to more than pay for itself.  So, you broaden your Audit Plan to assess more risks at little to no cost without using any of your own resources.  The opportunity for CAEs to expand their audit plan at little to no cost are few and far between.  As previously noted, many Licensing Agreements include a clause that if the audit findings exceed a certain percentage of the full amount due for any year under audit, the licensee must pay the audit costs including expenses.  I’ve performed three audits in the last four months that resulted in audit fee reimbursement.

I was the CAE for a company engaged in more than thirty licensing agreements that were overseen by the finance function.  I expanded our Audit Universe to include the Activities/Objectives/Risks associated with licensing, engaged the same co-sourcing partner previously used by finance, formalized some of the audit testing to mirror the activities of our internal audit function, and issued our co-source partner a Company PC to allow him access to perform his audits in our internal audit software.  Previously, there were many negotiated settlements of amounts owed from licensee audits, however, by formalizing the audit process and bringing the activity within internal audit with reports going to the Audit Committee of a publicly-held company; the licensees knew that our well-supported findings must be paid in full.  Negotiated settlements only occurred due to ambiguous clauses subject to multiple interpretation.  These explanations were detailed in our findings and tracked to future amendments to the Agreement to remove the ambiguity for the future.  A more in-depth discussion of the reason for co-sourcing these audits is the subject of a future blog.

Through my experience, nine out of every ten audits more than pay for themselves with some reaping large amounts and the licensee paying the costs of the audit.  Everyone likes to identify recoveries, however, as a Chief Audit Executive, recoveries, especially large recoveries, were problematic for many reasons.  From an ICFR perspective, the recoveries were revenue in the current period but were earned in prior periods.  Recoveries indicate deficiencies in the Risk Assessment, Control Activities, and Monitoring Components of internal control.  A comprehensive risk assessment of the trademark licensing process should identify high-risk licensees for annual audits versus lower risk licensees for a two or three-year cycle.  This should reduce the overall dollar amount of recoveries and place them closer to the financial period earned.  Note that such a risk-assessment should also identify the permitted periods to audit per each Agreement.  If the right to audit an Agreement period is permitted to lapse without an audit, this must be a conscious decision of licensing and audit management.  Comprehensive risk assessment of the trademark licensing process is the subject of a future blog.

As Autumn approaches, reassess your Audit Universe to include or expand the activities, objectives and risk associated with trademark licensing.  If your firm is a licensee, a similar approach to expanding your Audit Universe is necessary.  The licensee perspective is the subject of a future blog.  Including objectives and related risks within the internal control framework at your organization is an excellent way to leverage compliance to improve ICFR, identify recoveries, enhance the service provided by internal audit and reduce risk for your organization.

About the Author

Glenn Murphy, the co-founder of BestGRC and founder of GRC Management Consulting LLC, primarily focuses on empowering entities to leverage their compliance activities through the BestGRC “cloud” software, his consulting work, publications, and the “Leverage Compliance” blog.  In addition, Glenn provides licensee compliance audits in conjunction with Licensing Compliance Group and Cybersecurity/Penetration Tests/SOC for Cyber/SOC 2/3 Assessments in conjunction with Ra Security Systems.  Find Glenn’s full profile at http://www.linkedin.com/in/glenntmurphy/, follow him @GlennMurphyGRC and subscribe to the Leverage Compliance blog at http://www.bestgrc.com/blog/