The House Financial Service Committee today approved a measure seeking to stiffen fraud oversight by the Securities and Exchange Commission, so you might be surprised to hear that it watered down one antifraud measure in the process. The bill loosened Sarbanes-Oxley audit requirements for small business. Those regulatory changes were put into effect in 2002, as a response to the Enron and WorldCom debacles. Since then, business generally criticized the measure, saying it results in much higher auditor fees. You can debate whether the fraud protection Sarbanes-Oxley provides is worth the costs it imposes, but that those costs are too high for small business seems hard to dispute.
First, here's some detail, via Bloomberg:
The House Financial Services Committee voted 37-32 today to spare companies with market values of less than $75 million from audit requirements of the 2002 Sarbanes-Oxley Act. The permanent exemption was added to legislation that would boost funding for the U.S. Securities and Exchange Commission and impose stiffer rules on the brokerage industry.
The Obama administration pushed for the amendment, arguing investor-protection rules should be aimed at large companies rather than small businesses that may have difficulty complying with more rigorous audit standards. Democrats including House Financial Services Committee Chairman Barney Frank and U.S. Representative Paul Kanjorski, who heads a capital markets subcommittee, said the measure could harm investor confidence.
I'm going to have to side with the White House on this one. Back in my consulting days, during the years of 2003-2005, I did quite a lot of Sarbanes-Oxley advisory. My team generally chalked up fees exceeding $1000 per hour. The projects sometimes lasted weeks. If you do the math, you quickly realize that's a lot of money for smaller businesses to incur. And that doesn't even include the loss to productivity resulting from a company's workers spending time on regulatory paperwork and testing.
And what's the gain? Well, it may prevent some fraud. But the cost of fraud at larger businesses is obviously far greater. For example, let's say there's fraud in 1 in 100 firms at a cost of 10% of a firm's market cap. If those firms have an average size of $50 million, that's $5 million per 100 smaller firms. Raise that market cap to $1 billion, and suddenly the cost is $100 million per 100 larger firms. Given the economies of scale, however, the Sarbanes-Oxley audit costs aren't proportionally higher for the larger firms. So the sort of return-on-audit costs to prevent fraud is much greater for bigger companies.
Of course, the larger question is whether Sarbanes-Oxley does any good at all. Although we haven't seen much Enron-esque corporate fraud since 2002, we also hadn't seen much prior to it either. But even if it does turn out to help, from a purely economic standpoint, it makes total sense to relax those audit standards for small businesses, particularly at a time like now when so many are struggling to stay afloat. Let's hope the provision makes it into the final version of the bill that the President signs.
Hi Daniel,
These types of provisions are typically created by people such as Reps. Scott Garrett (R., N.J.) and John Adler (D., N.J.), who have not had the opportunity to see the detailed work produced by the accounting departments of the world; the work that shareholders ultimately place their reliance upon when making investing decisions. I see this type of work every day and I can tell you, most pre-SOX companies are at best moderately sure that their financial statements are correct which is downright scary. Remember, the companies in question choose to go public and allow outsiders to invest in their company to make money; they aren’t victims.
I have been implementing Sarbanes-Oxley since 2004 and my experiences have proven that there is a positive return on investment (ROI) for employees and investors alike. The ROI includes shorter close durations, less post-close adjustments because the numbers are correct the first time, fewer accounting resources needed to get the work done (this is a huge misnomer, accounting department resources do not need to increase because of SOX and I have personally seen it decrease as a direct result of a SOX implementation), etc. This list is endless. One of our clients was successful in reducing their audit fees by $900K annually after we helped them implement controls that fixed their accounting issues and caused their externals auditors to sign off on their financials faster. This particular client now pays $6,000 annually for its SOX compliance work and their external audit durations have been reduced to less than two weeks. Companies of $150MM in revenue typically only need one person to assist them with their SOX work (rather than the 3-5 that it used to be that helped caused your hourly fees to be near $1000) and the documentation effort can be done in less than a week.
With regard to the new amendment, a study performed by Compliance Week called "SOX 404 Deficiencies Preceded By "Effective" 302 Reports" by Melissa Klein Aguilar from July 26, 2005 found that of the 366 companies who received a qualified opinion through May 2, 2005, 94% of them had claimed a clean internal controls environment via their previous quarters 302 certification. My daily experiences in the detailed accounting work produced by public companies worldwide has led me to believe that these statistics are still real and will show up again once or if 404(b) kicks in for non-accelerated filers. The only conclusion I can draw is that SOX is not even close to overkill - in my opinion - it is reasonable and most 302 and 404(a) certifications are lip service until companies are subjected to 404(b).
With all of the benefits, I am very unclear on how and why the merits of SOX compliance for public companies are still being debated.
All my best,
Teresa Bockwoldt MBA, MST
CEO & Co-Founder
Vibato, LLC
655 Montgomery Street, 5th Floor, Suite 540 San Francisco, CA 94111
Office: 415.240.4867 | Mobile: 707.477.0008 | Fax: 888.407.7725
tbockwoldt@vibato.com I SOX Compliance Made Simple® | http://www.vibato.com
SOX applies to publically traded companies. I don't know if I like the thought of a "Big SOX" and "Little SOX" depending on company size. There will always be companies at the line, where ever it gets drawn, whining about having to comply, when they're just a few hundred thousand over that line, but they're sure it's a fluke, don't make them do it for the one year, etc and so on. It'll get ugly.
Auditing standards, the rules if you will, have gotten tougher over the years whether it's a SOX audit or not. And yes, that toughening of the rules has caused audit fees to go up. Every audit looks at fraud. Has to, it's in the rules. More work means more in fees. MOre risk also menas more fees.
If you want to jump into the pool of being publicly traded, then you have to know the costs involved and be both willing and able to cover that cost. Share traders wouldn't know that Company A had a SOX audit while Company B did not. They'll believe that just because they are traded on the exchange that they're audited the same and subject to the same rules under the SEC.
Companies that aren't publicly traded, well, the buyer should have a big clue that the books might not be as kosher because they should know that it's NOT a public company like the big boys. If you're liste don teh exchange, follow these set of rules and buyers have some minimum level of oversight. Not listed on a public exchange, then buyer beware.
It's simple in a stupid kind of way.
You can buy jewelery from the store in the mall, and you should ahve a certain level of assurance as to what you're getting. Buy jewelery from some guy on the street corner, and buyer beware.