 |
|
|
|
|
Sarbanes-Oxley and Corporate Fraud — Does One Size Fit All? By Steve Ernst, CPA  There is a storm brewing over the cost and complexity of compliance with the provisions of Sarbanes-Oxley (SOX) and the relative impact on large-cap and smaller-cap reporting companies. Over a year ago, the U.S. Securities and Exchange Commission (SEC) chartered the Advisory Committee on Smaller Public Companies. The objective was to assess the current regulatory system for smaller reporting companies under the SEC's securities laws, including SOX, and to make recommendations for change as appropriate.
The Advisory Committee unanimously adopted its final report on April 20, 2006, and issued that report to the SEC on April 23. In its 33 recommendations, the report includes three primary recommendations, of which the most controversial is the need for "scaled" or "proportional" securities regulation for smaller public companies as defined by specific measurements. However, a number of the SEC commissioners have already stated they are not in favor of "scaling" compliance for varying levels of reporting companies based on a size measurement. This leads one to believe that the SEC will decide to ignore the primary recommendations of its own Advisory Committee. The question We know where this all started. For the most part, it was large companies creating and consolidating market leadership via acquisition and expansion, and the never-ending quest to hit the quarterly target. They were constantly issuing "guidance" on the current quarter's anticipated results, and then going back inside the company to create ways to meet analysts' predictions of revenue and earnings. The methods concocted were, in some cases, blatant fraud perpetrated throughout the organization, from loading dock to boardroom. When viewed in the light of day, the rationalizations for these actions were laughable at best, and criminal at worst. While the WorldComs and the Enrons were the most visible, were they and their ilk representative of large-cap corporate behavior, or were they an anomaly that stands in stark contrast to the preponderance of corporate governing behavior and ethical management's decision making? Moreover, if SOX and its requirements were in existence in 1997 and 1998, would the fraudulent and criminal behavior detected and brought to light in the 2000 and 2001 time frame have been eliminated or reduced? In their separate statement, the Advisory Committee's co-chairs indicated a high level of concern over the Public Company Accounting Oversight Board (PCAOB) and its impact on the use of judgment by accounting professionals, as well as how closely the PCAOB's guidance was being followed in the field. The co-chairs, however, agreed that the overall impact of SOX has been positive. "Although costly, the bulk of the provisions of the Sarbanes-Oxley Act appear to be working and, at least, the smaller and mid-cap companies that responded to our many inquiries, believe in large measure that they can live with most of the Sarbanes-Oxley provisions, and that these provisions provide a path to better corporate governance, disclosure, and transparency, and will help to avoid (but not eliminate entirely) the scandals that precipitated the adoption of the Sarbanes-Oxley Act." The small-cap versus large-cap disconnect According to the Advisory Committee's definitions, smaller public companies make up only 6% of the U.S. equity market's capitalization, while comprising fully 78.5% of all U.S public companies. The co-chairs and the committee concluded that SOX, specifically Section 404, had to be "fixed" by both scaling its impact and reporting requirements, and by reducing the requirement for an independent review and opinion on the internal controls surrounding the financial reporting of smaller-cap companies. As the co-chairs stated in their separate statement in Section IV of the Final Report, "As expressly stated, our goal is to have a framework (for assessing internal control over financial reporting) that works before smaller public companies are forced to undergo a process that almost everyone recognizes needs a major overhaul. The critics of our recommendations do not really dispute that 404 needs fixing; instead they argue that other solutions are better. Hence, we firmly believe that future debates should concentrate on how to fix 404 and not whether it needs fixing." In this column, I have previously stated my view that SOX has had a positive impact on raising the discussion of corporate governance and the importance of sound, well-thought-out business processes, and a strong system of internal controls. But what's new about that? Although SOX focuses its requirement as to controls on financial reporting, can the controls surrounding operations and other areas of the business where management is exercising its decision-making responsibilities be any less important? And, because the reporting of financial results and position for a specific period is a reflection of the overall ongoing business, can you talk about controls over financial reporting in the abstract? I think not. You have to talk about a framework and system of controls that surrounds and supports the individual business model as a whole. The reporting of financial information is but one result or culmination of the business cycle. The answer In answer to the questions above, I believe the extreme examples of fraud and corporate failure would have occurred had SOX existed at the time. The existence of SOX would not have and does not now prevent fraudulent acts from being perpetrated, does not prevent pervasive internal and external collusion to cover up the fraud, and does not prevent decisions being made at the highest levels inside a company in contravention of stated corporate practices and policies. |
|
|
|
1-866-609-6146  |
