CHARTER OF THE AUDIT COMMITTEE
OF THE BOARD OF DIRECTORS
As adopted on April 19, 2012
The purpose of the Audit Committee (the "Committee") of the Board of Directors (the "Board") of Proofpoint, Inc. (the "Company") is to assist the Board in fulfilling its oversight responsibilities relating to the Company's financial accounting, reporting, and controls. The Committee's principal functions are to:
- oversee the integrity of accounting and financial reporting processes of the Company and the audits of the Company's financial statements by the Company's independent auditors (the "Independent Auditors");
- monitor the periodic reviews of the adequacy of the accounting and financial reporting processes and systems of internal control that are conducted by the Independent Auditors and the Company's financial and senior management;
- review and evaluate the independence and performance of the Independent Auditors; and
- facilitate communication among the Independent Auditors and the Company's financial and senior management and the Board.
This charter (the "Charter") sets forth the authority and responsibility of the Committee in fulfilling the purposes described herein. In fulfilling its responsibilities, it is recognized that members of the Committee are not full-time employees of the Company and are not, and do not represent themselves to be, professional accountants or auditors. The functions of the Committee are not intended to duplicate or substitute for the activities of management and the independent auditor, and the Committee members cannot provide any expert or special assurance as to the Company's financial statements, internal controls or management of risk or any professional certifications as to the work of the independent auditor.
While the Committee has the responsibilities and powers set forth in this Charter, it is not the duty of the Committee to plan or conduct audits or to determine that the Company's financial statements are complete and accurate and are in accordance with generally accepted accounting principles in the United States. This is the responsibility of management and the independent auditor. In addition, the Company's management is responsible for managing its risk function and for reporting on its processes and assessments with respect to the Company's management of risk. Each member of the Committee shall be entitled to rely on (a) the integrity of those persons and organizations within and outside of the Company from which it receives information, (b) the accuracy of the financial and other information provided to the Committee by such persons or organizations absent actual knowledge to the contrary (which shall be promptly reported to the Board) and (c) representations made by management as to any audit and non-audit services provided by the independent auditor.
The Board has formed the Committee to assist the Board in directing the Company's affairs and this Charter has been adopted in furtherance of this purpose. While this Charter should be interpreted in the context of all applicable laws, regulations and listing requirements, as well as in the context of the Company's Certificate of Incorporation and Bylaws, it is not intended to establish by its own force any legally binding obligations.
The Committee will consist of three or more members of the Board, with the exact number determined by the Board. Each member of the Committee will:
- be an "independent director" as defined under the applicable rules, regulations and listing requirements of the NASDAQ Stock Market, as amended from time to time (the "Exchange Rules"), except as may otherwise be permitted by the Exchange Rules;
- be "independent" as defined in Section 10A(m) of the Securities Exchange Act of 1934, as amended (the "Exchange Act") and Rule 10A 3 and any other rules and regulations promulgated by the Securities and Exchange Commission (the "Commission") under the Exchange Act (the "Commission Rules"), except as may otherwise be permitted by the Commission Rules;
- not have participated in the preparation of the financial statements of the Company or any current subsidiary of the Company at any time during the past three years;
- have the ability to read and understand fundamental financial statements and meet the financial sophistication and experience requirements of the Exchange Act, the Commission Rules and the Exchange Rules; and
- be free from any relationship that, in the opinion of the Board, would interfere with the exercise of independent judgment as a Committee member.
In addition, at least one member of the Committee will have prior experience in accounting, financial management or financial oversight, as required by the Exchange Rules, and be an "audit committee financial expert" as defined in Item 407(d)(5)(ii) of Regulation S K promulgated by the Commission.
All members of the Committee will be appointed by, and will serve at the discretion of, the Board. The Board may appoint a member of the Committee to serve as the chairperson of the Committee (the "Chair"); if the Board does not appoint a Chair, the Committee members may designate a Chair by their majority vote. The Chair will set the agenda for Committee meetings and conduct the proceedings of those meetings.
The principal responsibilities and duties of the Committee in serving the purposes outlined in Section I of this Charter are set forth below. These duties are set forth as a guide with the understanding that the Committee will carry them out in a manner that is appropriate given the Company's needs and circumstances. The Committee may supplement them as appropriate and may establish policies and procedures from time to time that it deems necessary or advisable in fulfilling its responsibilities.
The Committee will:
A. Financial Statements and Disclosures
- Review and discuss with management the Company's quarterly results and the related earnings press release prior to distribution to the public.
- Review the Company's quarterly and annual financial statements, including any report on the Company's internal control over financial reporting, and any report or opinion by the Independent Auditors.
In connection with the Committee's review of the annual financial statements:
- discuss the financial statements and the results of the Independent Auditors' audit of the financial statements with the Independent Auditors, any internal audit department, and management;
- discuss any items required to be communicated by the Independent Auditors in accordance with the applicable requirements of the Public Company Accounting Oversight Board (the "PCAOB") Statement on Auditing Standards ("SAS") No. 61, as amended (AICPA, Professional Standards. Vol. 1 AU section 380) as adopted by the PCAOB in Rule 3200T;
- discuss with the Company's management and the Independent Auditors the Company's selection, application and disclosure of critical accounting policies and practices; and
- review the Company's specific disclosures under "Management's Discussion and Analysis of Financial Condition and Results of Operations."
- Recommend to the Board whether the annual financial statements should be included in the Company's Annual Report on Form 10 K.
In connection with the Committee's review of the quarterly financial statements:
- discuss with the Independent Auditors and the Company's management the results of the Independent Auditors' SAS No. 100, Interim Financial Information (Codification of Statements on Auditing Standards, AU § 722), or similar, review of the quarterly financial statements;
- discuss significant issues, events and transactions and any significant changes regarding accounting principles, practices, policies, judgments or estimates with the Company's management and the Independent Auditors; and
- resolve any disagreements between the Company's management and the Independent Auditors regarding financial reporting.
- Discuss on a general basis the type of information to be disclosed and type of presentation to be made regarding financial information and earnings guidance to analysts and rating agencies.
B. Internal Controls
- Periodically discuss with the Company's principal accounting officer and principal in house legal counsel the function of the Company's disclosure controls and procedures and any disclosure committee that may be established by the Company. Discuss with the Company's Chief Executive Officer and Chief Financial Officer their conclusions regarding the effectiveness of the Company's disclosure controls and procedures.
- Review and discuss with the Independent Auditors and the Company's management their periodic reviews of the adequacy of the Company's accounting and financial reporting processes and systems of internal control, including any significant deficiencies and material weaknesses in their design or operation.
- Review any fraud involving management or any employee of the Company with a significant role in the Company's internal controls over financial reporting that are disclosed to the Committee.
- Discuss any comments or recommendations of the Independent Auditors outlined in their annual management letter or internal control reports. If appropriate, approve a schedule for implementing any recommended changes and monitor compliance with the schedule.
- Periodically consult with the Independent Auditors out of the presence of the Company's management about internal controls, the fullness and accuracy of the Company's financial statements and any other matters that the Committee or these groups believe should be discussed privately with the Committee.
- Meet separately, periodically, with management and with internal auditors (or other personnel responsible for the internal audit function).
- Review with management the Company's major financial risk exposures and the steps management has taken to monitor such exposures, including the Company's procedures and any related policies, with respect to risk assessment and risk management.
- Establish procedures for (i) the receipt, retention and treatment of complaints received by the Company regarding accounting, internal accounting controls or auditing matters, and (ii) the confidential anonymous submission by employees of the Company of concerns regarding questionable accounting or auditing matters, and coordinate with the Nominating and Corporate Governance Committee the inclusion of such procedures in the Company's whistleblower policy. Oversee the review of any such complaints and submissions that have been received, including the current status and the resolution if one has been reached.
- Consider the establishment, and oversee the activities, of any internal audit function within the Company.
C. Independent Auditors
- Be directly responsible for the selection, compensation, retention and oversight of the work of the Independent Auditors. The Independent Auditors will report directly to the Committee.
Review the continuing independence of the Independent Auditors, including:
- obtaining and reviewing, on an annual basis, a letter from the Independent Auditors describing all relationships between the Independent Auditors and the Company required to be disclosed by applicable requirements of the PCAOB (e.g., Ethics and Independence Rule 3526, Communication with Audit Committees Concerning Independence, or any successor);
- reviewing and discussing with the Independent Auditors their independence, including the nature and scope of any such relationships; and
- taking, or recommending that the Board take, appropriate action to oversee the independence of the Independent Auditors, including discontinuing any relationships that the Committee believes compromises the independence of the Independent Auditors.
- Approve the Company's hiring of employees or former employees of the Independent Auditors, as required by regulations and by applicable listing standards.
- Review the Independent Auditors' audit planning, scope and staffing.
- Approve the fees and other compensation to be paid to the Independent Auditors, and pre approve all audit and non audit related services provided by the Independent Auditors permitted by the Exchange Rules, Commission Rules and applicable law or regulation. The Committee may establish pre approval policies and procedures, as permitted by the Exchange Rules, Commission Rules and applicable law, for the engagement of the Independent Auditors to render services to the Company, including without limitation policies that would allow the delegation of pre approval authority to one or more members of the Committee, provided that any pre approval decision is reported to the Committee at its next scheduled meeting. The Committee shall receive certain disclosure, documentation and discussion of non prohibited tax services by the Independent Auditors based on PCAOB Rule 3524, Audit Committee Pre-Approval of Certain Tax Services, or any successor.
Review and discuss with the Independent Auditors the reports delivered to the Committee by the Independent Auditors regarding:
- critical accounting policies, estimates and practices used;
- alternative treatments of financial information within generally accepted accounting principles that have been discussed with management, the ramifications of the alternatives, and the treatment preferred by the Independent Auditors; and
- other material written communications between the Independent Auditors and the Company's management, such as any management letter or schedule of unadjusted differences.
- On a regular basis, review the status of any legal matters that could have a significant impact on the Company's financial statements.
- Annually prepare a report to the Company's stockholders for inclusion in the Company's annual proxy statement as required by the Commission Rules.
- Review and approve any proposed transaction between the Company and any related party (other than transactions that are subject to review by the Board as a whole or any other committee of the Board), as defined by applicable law, the Commission Rules and the Exchange Rules.
- Consider waivers of the Code of Business Conduct and Ethics (other than transactions that are subject to review by the Board as a whole or any other committee of the Board), including waivers requested for executive officers and directors (other than where the potential waiver involves a member of the Committee, in which event, such waiver shall be subject to the review of the Board), and retain authority to grant any such waivers.
- Perform any other activities required by applicable law, rules or regulations, including the Commission Rules and the Exchange Rules, and take such other actions and perform and carry out any other responsibilities and duties delegated to it by the Board or as the Committee deems necessary or appropriate consistent with its purpose.
The Committee, in discharging its responsibilities, may conduct, direct, supervise or authorize studies of, or investigations into, any matter that the Committee deems appropriate, with full and unrestricted access to all books, records, documents, facilities and personnel of the Company. The Committee has the sole authority and right, at the expense of the Company, to retain legal and other consultants, accountants, experts and advisers of its choice to assist the Committee in connection with its functions, including any studies or investigations. The Committee will have the sole authority to approve the fees and other retention terms of such advisers. The Company will provide for appropriate funding, as determined by the Committee, for:
- payment of compensation to any legal and other consultants, accountants, experts and advisers retained by the Committee; and
- ordinary administrative expenses of the Committee that are necessary and appropriate in carrying out its functions.
Meetings of the Committee shall be held at least once each quarter or more frequently, as determined appropriate by the Committee. The Chair, in consultation with the other member(s) of the Committee, will set the dates, times and places of such meetings. Subject to the requirements of this Charter, applicable law, the Exchange Rules and the Commission Rules, the Committee and the Chair may invite any director, executive or employee of the Company, or such other person, as it deems appropriate in order to carry out its responsibilities, to attend and participate (in a non voting capacity) in all or a portion of any Committee meeting. The Committee may exclude from all or a portion of its meetings any person it deems appropriate in order to carry out its responsibilities. The Chair will designate a secretary for each meeting, who need not be a member of the Committee. The Secretary of the Company shall provide the Committee such staff support as it may require.
The Committee will maintain written minutes of its meetings and copies of its actions by written consent, and will cause such minutes and copies of written consents to be filed with the minutes of the meetings of the Board. The Chair will report to the Board from time to time with respect to the activities of the Committee, including on significant matters related to the Committee's responsibilities and the Committee's deliberations and actions. The minutes of the Committee and actions by the unanimous written consent of the Committee members will be made available to the other members of the Board.
The Committee will evaluate the Committee's composition and performance on an annual basis and submit a report to the Board. The Committee also will review and reassess the adequacy of this Charter periodically, and recommend to the Board any changes the Committee determines are appropriate.
The Company shall make this Charter freely available to stockholders on request and, provided that the Company is subject to the periodic reporting requirements of the Exchange Act, shall publish it on the Company's web site.
R. Scott Herren has served as a director since 2016. Mr. Herren currently serves as the senior vice president and chief financial officer of Autodesk, Inc., a leading provider of cloud-based design and engineering software. Prior to joining Autodesk in November 2014, Mr. Herren was senior vice president of finance at Citrix Systems where he led the company’s finance, accounting, tax, treasury, investor relations, real estate and facilities teams. During his 14 years at Citrix, Mr. Herren held a variety of leadership roles including vice president and managing director for EMEA and vice president and general manager of the company’s virtualization systems group. Before joining Citrix in 2000, Mr. Herren spent 16 years in senior strategy and financial positions at FedEx and IBM.
Mr. Herren holds a Bachelor of Science degree in Industrial Engineering from Georgia Institute of Technology and a Master of Business Administration degree in Finance from Columbia University. The board of directors determined that Mr Herren should serve as a director based on his broad experience in operations, international business, accounting, financial management and investor relations at publicly held enterprise software companies.