Your Shopping Cart
Compliance Resources to Help you Stay Current
Get trained on regulations affecting your industry through online webinars, learn the best practices, and download quality standards, checklists and news articles. Listen to experts on best practices to streamline quality and compliance processes and meet the regulatory demands.Categories
Compliance Trainings
How (IFRS) International Financial Reporting Standards Will Change SOX Controls
By - Mike Morley
On Demand Access Anytime
By - Mike Morley
On Demand Access Anytime
How to conduct Risk Assessments as per ISO 31000/31010(SOX)
By - Kenneth Barden
On Demand Access Anytime
By - Kenneth Barden
On Demand Access Anytime
Section 404 and Small Public Companies
- Industry: SOX Compliance
Critics of SOX point out several drawbacks of the rule of which the most prominent one is the cost of complying with SOX. SOX is undoubtedly a costly affair for the small public companies as it is comprised of a significant fixed cost. In 2004, large U.S. companies which had revenues more than $5 billion spent only 0.06% of their revenue to be SOX compliant, while small public companies which had revenues less than $100 million, spent 2.55% of the same.
This disproportion called for an immediate SEC and U.S. Senate action. PCAOB also issued further guidance, Auditing Standard No. 5 for public accounting firms on July 25, 2007, which helped companies to alleviate the cost by scaling “the assessment based on the size and complexity of the company”.
AS 5 of 2007 superseded the initial guidance, Auditing Standard 2 of 2004. With the issuance of the new guidance, management and the external auditor both became responsible for performing their evaluation in the context of a top-down risk assessment, which provided the management a wider discretion in its assessment approach. AS2 together with AS5 require the management to -
- Assess entity-level controls
- To be aware of the flow of transactions so that any misstatement can be tracked
- Avoid material misstatement by assessing both the design and operating effectiveness of selected internal controls and its accounts and relevant assertions
- Management also need to review the system of controls created to prevent or detect fraud and in order to detect and prevent fraudulence, perform a fraud risk assessment
- Assess the period-end financial reporting process
In order to decrease the cost associated with SOX compliance, it is suggested that companies should centralize and automate their financial reporting systems as findings show that automation help the small private companies to dramatically reduce the cost of complying with SOX.
Analyzing Section 404
- Industry: SOX Compliance
Of all the prevailing sections of the SOX act, the most debatable and significant is Section 404. As per this section, management and external auditors are required to submit report on the adequacy of the company's internal control over financial reporting (ICFR).
Section 404 requires management to generate an “internal control report” as part of each annual Exchange Act report, which must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting” and also “contain an assessment, as of the end of the most recent fiscal year of the Company, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.”
The new and revised rules of SOX, which came into being in 2007, removed the need of external auditors for assessing the system of ICFR. Instead, the responsibility of assessing ICFR was given to the managers. Additionally, the managers are responsible for revising the definitions of significant deficiency and material weakness.
As per the SEC rules and PCAOB standard requirement, management was supposed to perform formal assessment of its controls over financial reporting, which includes tests that confirm the design and operating effectiveness of the controls. The external auditors also are required to provide two opinions as part of a single integrated audit of the company – an independent opinion about the efficiency and effectiveness of the OCFR system and also to provide a traditional opinion about the financial statement of the audited company.
They “require a company’s annual report to include an internal control report of management that contains:
- A statement of management’s responsibility for establishing and maintaining adequate internal control over financial reporting for the company.
- A statement identifying the framework used by management to conduct the required evaluation of the effectiveness of the company’s internal control over financial reporting.
- Management’s assessment of the effectiveness of the company’s internal control over financial reporting as of the end of the company’s most recent fiscal year, including a statement as to whether or not the company’s internal control over financial reporting is effective. The assessment must include disclosure of any “material weaknesses” in the company’s internal control over financial reporting identified by management. Management is not permitted to conclude that the company’s internal control over financial reporting is effective if there are one or more material weaknesses in the company’s internal control over financial reporting.
- A statement that the registered public accounting firm that audited the financial statements included in the annual report has issued an attestation report on management’s assessment of the registrant’s internal control over financial reporting.”
The “final rules also require a company to file, as part of the company’s annual report, the attestation report of the registered public accounting firm that audited the company’s financial statements.”
Source: www.sec.gov/rules/final/33-8238.htm
Understand the Penalties for Non Compliance to SOX
- Industry: SOX Compliance
Non compliance to SOX fetches lawsuits and negative publicity for a company. Below the list of sections and associated penalties are described in detail:
SEC. 801 ‘‘Corporate and Criminal Fraud Accountability Act of 2002’’.
SEC. 802 CRIMINAL PENALTIES FOR ALTERING DOCUMENTS
(a) IN GENERAL.—Chapter 73 of title 18, United States Code,is amended by adding at the end the following:
§ 1519. Destruction, Alteration, or Falsification of Records in Federal Investigations and Bankruptcy
as per the Act, whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both.
§ 1520. Destruction of corporate audit records
(a)(1) Any accountant who conducts an audit of an issuer of securities to which section 10A(a) of the Securities Exchange Act of 1934 (15 U.S.C. 78j–1(a)) applies, shall maintain all audit or review workpapers for a period of 5 years from the end of the fiscal period in which the audit or review was concluded.
(2) The Securities and Exchange Commission shall promulgate, within 180 days, after adequate notice and an opportunity for comment, such rules and regulations, as are reasonably necessary, relating to the retention of relevant records such as workpapers, documents that form the basis of an audit or review, memoranda, correspondence, communications, other documents, and records (including electronic records) which are created, sent, or received in connection with an audit or review and contain conclusions, opinions, analyses, or financial data relating to such an audit or review, which is conducted by any accountant who conducts an audit of an issuer of securities to which section 10A(a) of the Securities Exchange Act of 1934 (15 U.S.C. 78j–1(a)) applies. The Commission may, from time to time, amend or supplement the rules and regulations that it is required to promulgate under this section, after adequate notice and an opportunity for comment, in order to ensure that such rules and regulations adequately comp
ort with the purposes of this section.
‘‘(b) Whoever knowingly and willfully violates subsection (a)(1), or any rule or regulation promulgated by the Securities and Exchange Commission under subsection (a)(2), shall be fined under this title, imprisoned not more than 10 years, or both.
‘‘(c) Nothing in this section shall be deemed to diminish or relieve any person of any other duty or obligation imposed by Federal or State law or regulation to maintain, or refrain from destroying, any document.’’.
SECTION 906: CORPORATE RESPONSIBILITY FOR FINANCIAL REPORTS
(a) IN GENERAL.—Chapter 63 of title 18, United States Code, is amended by inserting after section 1349, as created by this Act, the following:
§ 1350. Failure of Corporate Officers to Certify Financial Reports
(a) CERTIFICATION OF PERIODIC FINANCIAL REPORTS —Each periodic report containing financial statements filed by an issuer with the Securities Exchange Commission pursuant to section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m(a) or 78o(d)) shall be accompanied by a written statement by the chief executive officer and chief financial officer (or equivalent thereof) of the issuer.
(b) CONTENT —The statement required under subsection (a) shall certify that the periodic report containing the financial statements fully complies with the requirements of section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m or 78o (d)) and that information contained in the periodic report fairly presents, in all material respects, the financial condition and results of operations of the issuer.
(c) CRIMINAL PENALTIES.—Whoever—
(1) certifies any statement as set forth in subsections (a) and (b) of this section knowing that the periodic report accompanying the statement does not comport with all the requirements set forth in this section shall be fined not more than $1,000,000 or imprisoned not more than 10 years, or both; or
(2) willfully certifies any statement as set forth in subsections (a) and (b) of this section knowing that the periodic report accompanying the statement does not comport with all the requirements set forth in this section shall be fined not more than $5,000,000, or imprisoned not more than 20 years, or both.
However, SOX places a great responsibility on the shoulder of the CEOs and CFO and, and they are responsible to ensure that the below mentioned points are taken care of as OSX leaves no place for ignorance or irresponsibility:
1) Financial statements should accurately reflect the financial condition of the company.
2) CEOs and CFOs are personally responsible for setting up and maintaining systems that make sure that they actually know the truth about what is going on in the company.
Also, CEO and CFO Must Certify
- That the financial report is true and not Misleading
- That they know that it is true because they have set up effective controls
- That these controls must have been evaluated within the last 90 days
- That any possible deficiencies in the controls have been highlighted
Simplifying the Core Sections of the Sarbanes-Oxley Act
- Industry: SOX Compliance
SOX or the Sarbanes Oxley Act was passed in 2002. The Act can best be described as a sincere repercussion of high profile financial scandals that stormed the U.S. economy that time and as a result of which U.S. almost lost its investors’ faith.
The aim, with which the Act was introduced, was to “protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws." With this objective, the Act became able to bring significant positive legislative changes to U.S. financial practices and also corporate governance regulation got changed in a better way.
The Sarbanes-Oxley Act has 11 titles which deal with a variety of issues starting from additional Corporate Board responsibilities to criminal penalties provisions. However, amongst all the provisions, sections 101, 302, 404, 409, and 906 are the pivotal ones.
Disadvantages of SOX
- Industry: SOX Compliance
In 2002 the Sarbanes Oxley Act was introduced to revive the lost faith of the investors in the U.S. securities market which was in a pitiable condition due to some high profile financial scandals that took place during that time in the U.S. economy.
The Act brought a few revolutionary changes mostly in four key financial areas - corporate responsibility, accounting regulations, new criminal penalties, and new protections. However, while the advantages of the SOX are yet to be seen, disadvantages of the act are already surfacing and fetching some serious concerns of finance pundits.
Disadvantages of SOX
Disadvantages of the SOX act are:
SOX – An Expensive Act
The most common disadvantage of SOX is that, for a small size industry, being compliant to SOX is an extremely expensive affair. Due to this act, companies with$100 million revenue spend almost 2.55% of their revenue in ensuring Sarbanes Oxley Act compliance which has negatively affected the flow of funds in these small companies.
Multiple Interpretations
According to finance experts, SOX RCM guidance gives rise to multiple interpretations. As a result, outcome of one audit firm differs from the other which increases confusion of the audited company.
Major Burden on Management and Auditors
Another major disadvantage of the Act is that it, needlessly, encourages a bureaucratic burden on the management and on the auditors. The excessive pressure on the management to prepare, certify and file reports has put an undesired burden on the management and incidentally slows down the function of the management.
Additionally, the Act has cornered the auditors by introducing a number of new responsibilities and parameters which the auditors are not known of and by making people question the auditors about their objectivity.
A Stop Gap Measure
Looking at the wide range of disadvantages, people now have started to believe that SOX was just a stop gap measure created to solve the financial problems for the time being. As the industries were not given enough time or prior preparation to understand and then implement the new changes, the Act has nothing but augmented confusion and problems across the industries. To make things more difficult, the period of compliance was kept very short and the companies had to start action on a war footing again fueling the confusion related with the Act.
However, even after accepting the disadvantages of SOX are well known, the act still has been considered to be the most comprehensive act in recent times.
Sarbanes-Oxley vs. Bill 198 – Key Differences
- Industry: SOX Compliance
The Sarbanes-Oxley Act of 2002, popularly known as SOX, was born to combat financial massacre in the public companies in U.S. This Act was a reaction to the infamous Enron and WorldCom financial scandals. Administered by the U.S. Securities and Exchange Commission (SEC), protecting shareholders and the general public from accounting errors and fraudulent practices in the enterprise had become the guiding rules of the Act.
Know about Penalties Associated with CSOX
- Industry: SOX Compliance
Providing equivalent legislative measures to the U.S. SOX, the Ontario legislative bill known as Bill 198 provide regulation of securities protecting investors by improving the accuracy and reliability of corporate disclosures. As the legislation acts same as the U.S. SOX, it is also known as the Canadian SOX Act.
The Provincial Government of Ontario, Canada in 2002 introduced an omnibus bill entitled "Keeping the Promise for a Strong Economy Act (Budget Measures), 2002". The bill was enacted as Chapter 22 of the Statutes of Ontario, 2002 and received Royal Assent on December 9, 2002.
With the introduction of Bill 198, a much more rigorous financial disclosure and corporate disclosure requirements were introduced. As per Bill 198, companies are required to review and document their internal controls in order to support the certifications by the CEO and CFO. Moreover, some severe penalties are also there for breaching the law. Some of the notable sections of Bill 198 are:
Section 180 – As per this section, public companies, without delay, are needed to report any material changes since their last filing to the Ontario Securities Commission.
Section 181 – This section says about penalizing directors and officers of a company that provide deceptive or false information in any report filed with the OSC, including financial statements. Their fine can reach up to $5 million and they can be imprisoned for up to 5 years.
Section 183 – As per the OSC rule, companies and executives can be forced to return any gains resulting from a breach.
Section 184 – looking at the gravity of the breach, OSC can fine the director and officers for up to $1 million and can also force them to resign. Additionally, the wrong doer would be prohibited from serving as a director or officer of any public company.
Section 185 – In case of issuing misleading documents such as any wrong financial statements, making false oral statements, or not making timely disclosures, investors can sue companies as well as individual directors.
An introduction to Canadian SOX – Exploring the Background and Characteristics of the Act
- Industry: SOX Compliance
Back in 2002, SOX or Sarbanes Oxley had brought a revolutionary change in the corporate governance and disclosure obligations of publicly traded companies in U.S. markets. That revolutionary change, later on had forced the Canadian government to adopt and implement a similar kind of provision in order to maintain competitiveness and compatibility with the U.S. markets. And that is the time when the CSOX was born and re-established investor confidence in Canadian securities.
Breaching Competition Law – RBS Receives Fine of £28.6m
- Industry: SOX Compliance
Royal Bank of Scotland receives a fine of £28.6m for disclosing confidential loan details with Barclays. The Office of Fair Trade (OFT) on March 30 th , 2010 announced a fine of £28.6m for breaching the Competition Act after RBS admitted the fault of its staff in divulging how much they intended to charge professional services companies, such as solicitors, estate agents and accountants, for loans to its rival staff at Barclays.
International Financial Reporting Standards for SMEs
- Industry: SOX Compliance
What is International Financial Reporting Standards for SMEs?
Promulgated and published by the International Accounting Standards Board on July 9 2009, the International Financial Reporting Standard (IFRS) has been designed for the use by small and medium-sized entities (SMEs).
Goal of IFRS for SMEs is to provide a modified and simplified version or interpretation of full IFRS so as to meet the needs of private company financial reporting users and provide a cost-benefit approach for easing the financial reporting burden on private companies. Known as a self-contained global accounting and financial reporting standard, IFRS for SMEs is applicable to the general-purpose financial statements of, and other financial reporting by, entities that in many countries are known as small- and medium-sized entities.
The standard is an outcome of five-year development process with extensive consultation of SMEs, which represent more than 95% of all companies worldwide.
What are Small- and Medium-Sized Entities ("SMEs")?
SMEs are entities that publish general purpose financial statements for external users and do not have public accountability. According to IASB’s definition, an entity has public accountability when it files, or is in the process of filing, its financial statements with a security commission or other regulatory organization for the purpose of issuing any class of instruments in a public market. Additionally, it bears accountability in case it holds assets in a fiduciary capacity for a broad group of outsiders. For instance, entities banks, insurance companies, pension funds, brokers and dealers in securities, and mutual funds hold assets in a fiduciary capacity.
IASB has developed IFRS for SMEs keeping in mind the necessity of accounting framework for entities that are small or medium in size and lack the resources to use full IFRS. In fact, in the United States, the term "SME" can cover many private companies.
How International Financial Reporting Standards for SMEs will Help SMEs
IFRS for SMEs promises to help small and medium sized companies to be more focused on shorter-term cash flows, liquidity, balance sheet strength, interest coverage and solvency issues.
While the full IFRS becomes a burden on SME preparers with its varied and extensive topics and detailed implementation guidance that generally are not relevant to SMEs, the IFRS for SMEs are more to-the-point and handy for the SMEs in terms of balancing the costs and benefits from a preparer perspective.
With IFRS for SMEs, many SMEs around the world, including private companies in the United States, will have the option of using a much simplified, IFRS-based accounting framework to prepare their financial statements.
To know more about IFRS for SMEs, join the webinar International Financial Reporting Standards for SME's . Register yourself for the webinar and become acquainted with the latest information regarding IFRS for SME’s and will include an opportunity to practice applying these standards.
Corporate Governance Elements of Sarbanes-Oxley
- Industry: SOX Compliance
Sarbanes-Oxley is a tool to curb corporate scams and misreporting. The act enforces strong internal controls and transparency. The act is known for its tight deadlines, effective penalties and enforcement implications. Considering the sharp increase of financial scams and their intractability, SOX aims to keep a track of the company’s internal functioning patterns and information disclosure guidelines.
Sarbanes-Oxley will make little difference – Understanding the real reasons for Corporate Failu ....
- Industry: SOX Compliance
Corporate Governance is earning limelight in the wake of collapse of many big wigs like the Enron, WorldCom and the recent Satyam. Though the compelling reason for such debacles has been improper financial reporting, it should be seen as a collective responsibility of all stakeholders.
Studies done on such incidents have unearthed other reasons like poor strategic decisions, expansions that are not justified or well thought of, greed and power lust of people at the helm of business, insufficient risk evaluation and mitigation plans.
More in detail on the actual factors that influence a governance failure read on
Corporate Governance is all about Responsibility
- Industry: SOX Compliance
Business inception implies that all the intended goals are met and it has a successful run for a long-term. The top management or the Board of Directors has the responsibility of defining the intended vision and work towards the fulfillment of the vision. Clarity of definition means everybody in the organization is on the same platform and is committed to achieve the goals.
Further, the whole act should translate into adding economic value and sharing this commensurately with all the members. More on the underlying principles of corporate governance read on
Role of Audit Committee on Corporate Governance
- Industry: SOX Compliance
The SATYAM fiasco has opened a Pandora’s Box of how skewed corporate communications can be. More so the role of financial auditors like PriceWaterCooper has come under strict scrutiny to avoid any such occurring in the future. There has to be a revamp of the entire process starting with appointing, re-appointing, evaluation and selection of the auditors to checking the credibility and consistency of all company financial communication in the best interest of the various stakeholders.
Audit committee should set up internal control systems that periodically checks up with the auditors with regards to audit observations and reporting
Corporate Governance Compliance India
- Industry: SOX Compliance
Indian corporate scenario has seen a sea change with the onset of liberalization. Indian based companies have become global leaders in many areas of the industry. This has laid the foundation for companies to follow globally acceptable standards of governance. Also incidents of global influence like that of Satyam have forced companies to fall in line with global standards to be business worthy.
Companies have the tough task of establishing trust among the various stake holders in the wake of strict scrutiny by these communities. The onus is plainly on the management to adopt sound governance practices.
What is corporate governance? What are the underlying principles? Read on
You Recently Viewed