more-arw search

Sarbanes-Oxley, Risk and IPOs

SOX regulations may not have made financial reporting more reliable.

After almost a decade under the Sarbanes-Oxley Act, it seems as if financial reporting has not gotten any more transparent or reliable, and as a result, it may be time to revisit the law's provisions, Tim Leech writes for the Financial Post.

While it seems that SOX 404 has not done much to ensure that publicly traded companies' reports are error- and fraud free, Leech is not calling for a repeal, but rather an amendment that reviews and compares U.S. risk management processes to those used in other parts of the globe.

"Admitting you took a wrong turn is a key first step, and usually a hard one to make," he notes. "The next step is to determine the best available route to correct the navigation error."

Reforming SOX also has the support of President Barack Obama, who thinks it should be reworked to make it easier for smaller organizations to get listed publicly, Business Insider reports.

The source points to research from the administration's jobs council, which indicates that the proportion of IPOs worth less than $50 million dropped from 80 percent in 1990s to a level of 20 percent in the 2000s, due in part to the SOX act.  

Comments

Topic Expert
Brenda Morris
Title: Board of Directors, Audit Committee Chai..
Company: Boot Barn
(Board of Directors, Audit Committee Chair, Boot Barn) |

I agree that SOX has improved the quality of financials and of internal controls. In general, it has to, as it does require a higher level of controls and accountability. I do like the thought of some reduced scope for smaller companies, as I think IPO opportunities for smaller companies looking at the public markets for financing options are in a tougher spot contemplating SOX work.

Topic Expert
Bob Scarborough
Title: CEO
Company: Tensoft, Inc.
(CEO, Tensoft, Inc.) |

The cost of compliance, auditor control, and the quality of financial statements are important and probably do require a bit of rebalancing. However, there are a few things that SOX compliance did that should have been best practices but weren’t. Two specific items follow.

First, change management for business software solutions is required. This should be a best practice at the point where systems become mission critical and when they are too hard to troubleshoot on the fly. But many companies – including large public ones – were putting in business system changes without review by the effected user community. A public company should rise should not do things that knowingly put themselves at risk – but since they weren’t doing this on their own it needs to be defined for them.

Second, the assignment of responsibility in the organization where financial people are required to sign-off on the statements is critical for trust. A CFO should not be off the hook because they had no idea what was going on in their financial statements. They need to put into place the controls that ensure quality of the results.

Basic stuff related to accountability and responsibility – it may be hard to remember the craziness of some of the things that occurred prior to SOX but there were reasons for the regulation even with the imperfect results.

Greg Carrier
Title: Director of Internal Audit
Company: Drew Industries
(Director of Internal Audit, Drew Industries) |

I don't see an imporvement in quality of financial statements. I would even carry that farhter to say the amount of rule changes and new pronouncements confuse statement readers as opposed to making statements more clear. I think the fundamental problem with SOX is that as it was rolled out via CPA's it emphasizes audit of systems as almost as an increase to the traditional financial audit while ignoring more difficult subjective risks. Having been in public accounting, corporate accounting and internal audit, I would eliminate it completely. It is not needed in the rest of the world, I don't believe it is required here either.

Greg Carrier
Title: Director of Internal Audit
Company: Drew Industries
(Director of Internal Audit, Drew Industries) |

I don't see an imporvement in quality of financial statements. I would even carry that farhter to say the amount of rule changes and new pronouncements confuse statement readers as opposed to making statements more clear. I think the fundamental problem with SOX is that as it was rolled out via CPA's it emphasizes audit of systems as almost as an increase to the traditional financial audit while ignoring more difficult subjective risks. Having been in public accounting, corporate accounting and internal audit, I would eliminate it completely. It is not needed in the rest of the world, I don't believe it is required here either.

Greg Carrier
Title: Director of Internal Audit
Company: Drew Industries
(Director of Internal Audit, Drew Industries) |

I don't see an imporvement in quality of financial statements. I would even carry that farhter to say the amount of rule changes and new pronouncements confuse statement readers as opposed to making statements more clear. I think the fundamental problem with SOX is that as it was rolled out via CPA's it emphasizes audit of systems as almost as an increase to the traditional financial audit while ignoring more difficult subjective risks. Having been in public accounting, corporate accounting and internal audit, I would eliminate it completely. It is not needed in the rest of the world, I don't believe it is required here either.

Jason Bertuzzi
Title: Vice President
Company: Barclays Capital
(Vice President, Barclays Capital) |

While the benefits of Sarbanes-Oxley are difficult to measure, I disagree that the overall quality of financial reporting has not increased. I would however argue that the cost of the increase in quality is greater than legislators anticipated and is a direct result of regulatory scrutiny on public account firms via the PCOAB, as well as allowing public account firms too much leverage in interpreting the regulation and defining the guidiance to comply with it. This has put public accountants in a position of managing down their audit risk and managing up their margins, by interpreting the legislation in a way that results in highly conservative testing procedures and sampling which in turn increases the amount of work required and cost of compliance to meet regulation. This additional cost is pushed to clients, and serviced by other public accounting firms or consulting firms.

Public accounting firms should not be interpreting/mandating the terms for compliance with Sarbanes-Oxley, and then opining on companies' sufficiency in meeting those terms. It's a conflict of interest, as by making the terms and cost for compliance very high, it creates additional work for their own industry.

William Bockwoldt
Title: CEO/Founder
Company: Vibato, LLC
(CEO/Founder, Vibato, LLC) |

What is your basis for saying that things have not improved? As a company who specializes in performing internal controls work and SOX-related work we see significant improvement in the quality and transparency of financial procedures around reporting and remediation. I would agree that some of the largest recent failures looked eerily similar to Enron from an audit perspective, but that does not mean that 404 isn't helping people do a better job of identifying and closing gaps that exacerbate their corporate risk. I agree that it should be easier to go public, but internal controls don't have to be a cost drag and can help a business run more efficiently when implemented in a cost-effective and efficient manner.

Topics: