Picture The Institutional Risk Analyst
published by Lord, Whalen LLC
Copyright 2014 - All Rights Reserved. No Republication Without Permission.
 Our Products:   The Institutional Risk Analyst   The SEC Filings Catalog   XBRL Filings Parser   About    Contact Us  
Will the SEC Roll Back Sarbanes-Oxley?
April 25, 2006

Will the SEC Roll Back SOX? No Way. Pass the Sweet & Sour Shrimp

How ironic.� As the former CEO of Enron continues to deny responsibility for the corporate governance mess he encouraged, the�Sarbanes-Oxley law which arose directly from the failure of companies like Enron and WorldCom to maintain the adequacy of internal controls is in danger of being amended to exempt most public companies.��

Last week, the SEC's Advisory Committee�recommended that all companies under $125m in revenue�be exempted from having to comply with Section 404 of SOX.��That's roughly 70% of all U.S. public companies.� If the recommendation is adopted by the commission, SOX is essentially repealed for all but the biggest public firms.�

In the November 30, 2005�edition of the IRA ("Sarbanes-Oxley: Is 2006 the Year of the Non-Accelerated Filer?"), we asked��if this�would be the year for Section 404 compliance for�the "non-accelerated filer,"�smaller�public firms listed on US exchanges which don't qualify for expedited treatment of SEC filings.� And so it is, but�2006�seems to be devoted to�avoiding rather than�complying with SOX, a worrying trend tacitly supported by an indifferent White House and Treasury.�� But, as discussed below,�a�prominent�Washington�insider involved in the inception of SOX tells the IRA that a bipartisan majority of�the SEC ultimately will reject the Advisory Committee's recommendation.

Fewer�Restatements, Lower�404 Costs

With�the growing election-year noise around Section 404 of SOX, it seems like a good time to ask again what has the nation gained from this exercise in righteousness via legislation.� In January 2006, we noted that material restatement filings with the SEC had fallen to�levels far below historical annual rates, even for routine administrative corrections. This followed a flurry of restatement filings during the heyday of SOX gap testing.�

IRA's Corporate Monitor surveillance system now shows an almost total absence of significant�restatements, a result�which contrasts sharply with the world prior to SOX. We were thinking that this might have been because filers were suffering from hypertension and anxiety in preparing their filings. But new information indicates this may not be the case.� Indeed, the data from EDGAR suggests that�the compliance crisis is over for large and mid cap firms alike.

According to surveys paid for by the largest�accounting firms, 2005 SOX compliance costs were 44% less than 2004 costs for large firms with over $700m in annual revenue and 31% less for midsize companies making more than $125m in annual revenue. The average cost for SOX 404 compliance in 2005 was $860K. This is quite a change from the millions of dollars in fees�people were complaining about the previous year, when audit forms worried openly�that 404-related fees would bankrupt smaller clients.� And with�all this activity,�spending high six figures per accelerated filer,�a mere 2.1% of public companies in the US�reported anything having to do with disclosing weaknesses in internal control adequacy.

So what does it mean? We always like the reasonableness of a blanket statement test. Try this one on for size. SOX was so good that it turned rampant evil in 2002 to 97.9% cleanliness in less than a business cycle. No?� Ok, so maybe that shoe is not quite a fit.

Try this. For the most part, large companies already had extensive systems of internal control prior to SOX. Furthermore, these systems were already mostly compliant. Probably something near 97 of 100 filers had adequate internal controls even before the PCAOB was ever created. If true, then it looks like U.S. business spent billions to verify the status quo. So of course we had to ask what the inside spin on the issue might be.

Alternate View: SOX is Working

One way to interpret the secular�decline in restatements filed with the SEC, our insider tells the IRA, is that controls are better now that before the enactment of SOX.� "The drop in restatements last year�evidences a general improvement in audit controls," says the former audit partner, who claims to be�the father of Section 404. "In 1991, we imposed the equivalent of�Section 404 on the banks.� They�complained for a while, but the result was a big improvement in bank internal controls.� While 97% of firms did not�evidence the need to restate earnings prior to the enactment of�SOX, had they been subject to the level of scrutiny�now required for public companies, many would have restated, especially in areas like tax and year-end closes."

The same�source tells the IRA that he expects the SEC to reject the Advisory Committee's recommendations, perhaps by as much as 4-1, but that the PCAOB will probably implement an easing of the timetable for compliance with 404 for non-accelerated filers.� In no�manner, however, does he support a�roll-back of Section 404.�

"The fact is that we have already invested the money to bring all public companies into broad compliance with 404," says the insider, who adds that there will always be problems with systems and controls in smaller, fast-growing companies.� Rather than gut the requirements of 404 for small companies, he opines,�the SEC should be looking for ways to help them use technology to improve their internal systems.

"This is not rocket science," the insider concludes regarding small company internal controls.� "You outsource the payroll and G/L functions to a competent vendor, then you centralize oversight of�large payments and make sure you have a good audit function.�Whereas less than 10% of public companies had decent boards prior to SOX, today the figure is better than half and improving steadily, especially among smaller firms.� I am not ready to declare victory today, but by this time next year, the state of American corporate governance will be in much better shape than it was�prior to SOX."

Next on the Agenda: Interactive Data

So�should the Securities and Exchange Commission accept the recommendation of the Advisory Board to exempt micro and small companies under $125m annual revenue from 404 compliance?� Probably not.

Smaller companies run a lot leaner than their larger cousins. The proportion of Net Operating Loss (NOL) category firms in the micro and small categories is considerable. NOL's tend to need to take more life threatening risks to survive and must often do so with a mix of staff less versed in the culture of internal controls compliance.� There needs to be some force that guides them towards adequate internal controls.

At the same time, we believe the indicators that a large proportion of firms are mostly compliant are not in error. There will be a degree of imposing costs to verify the status quo on non-accelerated filers. The SEC and PCAOB need to make the process workable both for those that will merely affirm their status and for those that will identify the need to ramp up the adequacy curve.

If our source is right about the SEC rejecting the Advisory Committee's recommendation regarding 404, then using�technology to enhance internal controls and external reporting may be the next big issue on the SEC's agenda.�Careful planning is required. Remember that these are the same IT departments which led the world down the path spending money to stop the Y2K apocalypse then�spent most of the SOX 404 budget to protect America against alleged internal controls evil doers.

Indeed many will fear that corporate IT departments might get to spend that amount again if a mandate for interactive data comes to pass under the banner of financial reporting to increase the transparency of internal controls. Federal regulatory agencies are jumping on the XML-based interactive data bandwagon to streamline all manner of information collection and dissemination. We continue to believe that the gains outweigh the costs.

We also believe that the progress of technology is cutting the cost. There's an old rule of thumb in techology circles that every year cuts the cost in half and once every three years something comes along that cuts it to a tenth.

We draw your attention to the fact that in January 2006, a company�led by a man named Gates released a product upgrade called ASP.NET 2.0. The price to add it to windows is free and the accompanying software development toolkit for it has just been declared to also be free by Redmond following an unprecendented 5 million downloads of same by developers. Version 2.0 contains some interesting features which reduce major pieces of the infrastructure for piping and manipulating interactive data literally down to one-line of code function calls. We recommend the SEC, the accounting and consulting sectors examine in detail the environmental implications of these emerging "nerd side" developments.�

We also note that smaller entity CEO's are often better computer programmers than their staffs. By necessity they are focused on growing their businesses, thus making investments in internal, non-revenue generating infrastructure matters of secondary importance. To the extent that the SEC, and the vendor and audit community can add leverage to small company IT investments, the goals of Section 404 will become less painful and more strategic.

Questions? Comments? [email protected]

The Institutional Risk Analyst is published by Lord, Whalen LLC (LW) and may not be reproduced, disseminated, or distributed, in part or in whole, by any means, outside of the recipient's organization without express written authorization from LW. It is a violation of federal copyright law to reproduce all or part of this publication or its contents by any means. This material does not constitute a solicitation for the purchase or sale of any securities or investments. The opinions expressed herein are based on publicly available information and are considered reliable. However, LW makes NO WARRANTIES OR REPRESENTATIONS OF ANY SORT with respect to this report. Any person using this material does so solely at their own risk and LW and/or its employees shall be under no liability whatsoever in any respect thereof.

A Professional Services Organization
Copyright 2016 - Lord, Whalen LLC - All Rights Reserved