![[GO]](/_layout/img/search_go.gif)
This week’s podcast features Russ Berland of the law firm Stinson Morrison & Hecker talking about how to use new guidance from the Organization of Economic Cooperation and Development as a blueprint for better FCPA compliance programs. 
Chief Ethics & Compliance Officer
Global survey into the integration of GRC
Risk Inventory
CEO, CFO Disclosure Certifications
The IFRS Ripple Effect
Key Congress Committee Approves SOX 404 Exemption
The House Financial Services Committee formally approved an amendment this morning to exempt small companies from Section 404(b) of Sarbanes-Oxley.
On a 37-32 vote—that, notably, went against the wishes of powerful committee chairman Rep. Barney Frank—the lawmakers approved an amendment to the Investor Protection Act that would exempt all non-accelerated filers from Section 404(b). The committee then went on to approve the entire Investor Protection Act by a vote of 41-28.
The amendment reportedly represents a compromise between anti-SOX lawmakers, who wanted to exempt a much larger group of filers, and the Obama Administration. But financial reporting executives shouldn’t rejoice yet: The bill must still be approved by the full House and then by the Senate to become law.
Section 404(b) requires companies to get an auditor’s attestation about the effectiveness of their internal controls over financial reporting and is widely considered the biggest compliance burden in the Sarbanes-Oxley Act. Large filers have had to comply with the provision since 2004, but the Securities and Exchange Commission has repeatedly extended the compliance deadline for non-accelerated filers.
The amendment, sponsored by New Jersey Reps. John Adler and Scott Garrett, also directs the SEC and the Comptroller General to conduct a joint study to determine how the SEC could reduce the burden of complying with Section 404(b) for companies with market caps between $75 million and $250 million.
Even if the measure does ultimately become law, non-accelerated filers (and everyone else) will still need to comply with Section 404(a), which requires companies to review and disclose the state of their internal controls. Section 404(a) went into effect for non-accelerated filers one year ago.
The committee’s action follows the SEC’s Oct. 2 announcement of one final delay for non-accelerated filers. Under that delay, the smallest public companies are supposed to begin complying with the provision beginning with their annual reports for fiscal years ending on or after June 15, 2010. The extension was granted at the same time the SEC released its study on SOX compliance costs and benefits.
An SEC spokesman said the Commission had no comment on today’s action by the committee, but referred to a letter sent by chairman Mary Schapiro on Oct. 16 to capital markets Sub-committee Chairman Paul Kanjorski.
That letter noted that, “According to our staff’s recent study of the costs and benefits of Section 404, surveyed investors indicated that Section 404 compliance ‘has significantly impacted their confidence in companies’ financial reports’ … Investors indicated that they have greater confidence when a Section 404 audit is performed.”
“… I believe that the enactment by Congress of Section 404 continues to significantly improve investor confidence in the integrity of companies’ financial reports and reporting,” Schapiro wrote.
These types of provisions have come up from time-to-time over the past years and I always find it interesting and disturbing at the same time. The provisions are typically created by people such as Reps. Scott Garrett (R., N.J.) and John Adler (D., N.J.), who have not had the opportunity to see the detailed work produced by the accounting departments of the world; the work that shareholders ultimately place their reliance upon when making investing decisions. I see this type of work every day and I can tell you, most pre-SOX companies are at best moderately sure that their financial statements are correct which is downright scary. Remember, the companies in question choose to go public and allow outsiders to invest in their company to make money. Asking them to prove that investing in their company is the right decision may be onerous since it requires that they have procedures in place that help prevent fraud and theft of shareholder assets, but, isn’t that just being prudent? Look at what happens when you do not have these types of restrictions…Enron…WorldCom…the list is endless and the devastation is real.
A study performed by Compliance Week called “SOX 404 Deficiencies Preceded By “Effective” 302 Reports” by Melissa Klein Aguilar from July 26, 2005 found that of the 366 companies who received a qualified opinion through May 2, 2005, 94% of them had claimed a clean internal controls environment via their previous quarters 302 certification. My daily experiences in the detailed accounting work produced by public companies worldwide has led me to believe that these statistics are still real and will show up again once or if 404(b) kicks in for non-accelerated filers. The only conclusion I can draw is that SOX is not even close to overkill - in my opinion - it is reasonable and most 302 and 404(a) certifications are lip service until companies are subjected to 404(b).
All my best,
Teresa Bockwoldt MBA, MST
CEO & Co-Founder
Vibato, LLC
655 Montgomery Street, 5th Floor, Suite 540 San Francisco, CA 94111
Office: 415.240.4867 | Mobile: 707.477.0008 | Fax: 888.407.7725
tbockwoldt@vibato.com I SOX Compliance Made Simple® | http://www.vibato.com
Comment by Teresa Bockwoldt — November 4, 2009 @ 2:36 pm
Teresa’s comments suggest that the Enron debacle was caused because they didn’t have an audit of internal controls.
Enron failed because the top executives committed a financial fraud and the external auditors failed in their responsibility for the financial audit. As a result, the external audit firm no longer exists.
The 404(b) provisions applied to large companies since 2004 didn’t prevent the difficulties at AIG, Lehman, or Bear Stearns, all of which caused even greater problems than the Enron case.
Comment by Tom Reinebach — November 6, 2009 @ 4:31 pm