Professional Documents
Culture Documents
Sarbanes-Oxley Act and Impact of Non-Compliance
Sarbanes-Oxley Act and Impact of Non-Compliance
Sarbanes-Oxley Act and Impact of Non-Compliance
Agenda
Background Sarbanes-Oxley (SOX) Overview Impact on Vendors Impact on Agencies Future Impact Conclusion
777/40/82924(ppt)
Background
Why Do I Care About Sarbanes-Oxley?
777/40/82924(ppt)
Intense competition and pressure, conflicts of interest, and poor practices led to poor reporting and mismanagement. Criminal activities also contributed to the problem. Many other smaller examples of dot com booms that turned out to be investor busts all combined to prompt congressional action.
Source: Bauer College of Business
777/40/82924(ppt)
A May 2, 2005 headline stated: Audit flaws wipe $2.7bn from AIG. Discoveries of improper accounting at American International Group (AIG) are to knock $2.7 billion off the value of the world's biggest insurer. AIG said it would restate its accounts for each of the last 5 years from 2000 onwards, lowering the companys value by 3.3%. It said it had found material weaknesses in its control systems and postponed filing its 2004 accounts.
Source: http://news.bbc.co.uk/1/hi/business/4504865.stm
777/40/82924(ppt)
Business Relationship:
Advise clients on business process and implementation issues.
Project issues.
Client accountability. Manage and run our company.
777/40/82924(ppt)
To understand SOX:
Conducted Web research and evaluated SOX presentations.
Disclaimer:
I am a Management consultant not an auditor. I understand SOX but do not want to know it! SOX focuses on doing what is right. Contact your legal adviser and auditor for specific analysis. Rules are still being defined and refined.
777/40/82924(ppt)
Sarbanes-Oxley Overview
Sarbanes-Oxley Overview
What Is SOX?
777/40/82924(ppt)
The act was signed into law on July 30, 2002. It includes regulations regarding:
Public Company Accounting Oversight Board (PCAOB). Auditor independence. Corporate responsibility. Enhanced financial disclosures. Corporate and criminal fraud accountability.
777/40/82924(ppt)
Process.
Policies. Activities. Compliance and reporting.
Transparency.
Accuracy. Governance. Accountability. Responsibility. Avoidance of conflict of interest.
777/40/82924(ppt)
Title XI
777/40/82924(ppt)
Responsibilities:
Register and inspect public accounting firms. Establish standards for public accounting firms. Enforce compliance with the act and rules of the board. Investigate firms and impose sanctions.
777/40/82924(ppt)
11
Assigns the responsibility to the audit committee to appoint, compensate, and oversee the public accounting firm that performs the audit. Requires CEO and CFO to:
Certify fairness of financial statements. Take responsibility for disclosure controls.
Makes it unlawful to fraudulently influence, coerce, or mislead an auditor. Provides for the forfeiture of certain compensation following the issuance of a non-compliant financial document.
Provides the SEC with greater flexibility to remove management or board members.
Requires attorneys to report evidence of material violations.
777/40/82924(ppt)
12
777/40/82924(ppt)
13
Requires disclosure of material off balance sheet arrangements. Prohibits companies from making loans to directors or executives. Requires management to establish and maintain adequate internal controls and procedures for financial reporting. Requires disclosure of a code of ethics for senior financial officers. Requires companies to disclose whether at least one of the audit committee members is a financial expert. Requires rapid disclosure of changes in financial condition.
777/40/82924(ppt)
14
Incorporating the independent auditors review of managements assessment of internal controls and financial reporting procedures.
777/40/82924(ppt)
15
777/40/82924(ppt)
16
Impact on Vendors
Impact on Vendors
What Do Vendors Have to Do About SOX?
777/40/82924(ppt)
17
SOX has implications for most business practices and processes of publicly traded companies.
Any errors or misstatements that could cause a company to have to restate its financials are areas that require focus. Systems and processes must be in place to administer the pricing, services, and discounts. Visibility and control must ensure that pricing and costs are captured accurately and on a timely basis. Pricing services and discount processes often have the most people involved and represent the largest risk area.
Combined implications create a very large potential for misstated financial results and SOX scrutiny, sanctions, and bad press.
777/40/82924(ppt)
18
The SOX impact is more than technical, more than analytical, more than financial:
SOX places a burden of responsibility on all employees, not just the accountants. SOX impacts IT priorities and To do list. SOX will impact the role of IT in its users business and data. SOX will challenge any IT organization whose culture is one of containment.
777/40/82924(ppt)
19
Ignoring problems is not allowed under SOX. Different sections of the act are driving or will drive changes in the financial organization.
Sections 302 and 404. Process mapping. Systematic remedies. Process changes. Collaboration and teaming.
Section 409.
Systematic remedies. Major process changes.
20
777/40/82924(ppt)
Combination of ongoing and separate evaluation. Management and supervisory activities. Internal audit activities.
Control Environment
Risk Assessment
Access to internal and externally generated Flow of information that allows for successful
relevant risks to achieving the entitys objectivesforming the basis for determining control activities.
control actions from instructions on responsibilities to summary of findings for management action.
21
Impact on Agencies
How Does This Apply to a Corrections Agency?
777/40/82924(ppt)
22
777/40/82924(ppt)
23
The implication of Title I is that now there are three audit standards-setting bodies in the United States.
PCAOB, which sets audit standards for publicly traded companies. Auditing Standards Board of the American Institute of Certified Public Accountants, which sets standards for privately held companies and not-for-profit organizations. U.S. General Accounting Office, which sets standards for federal, state, and local governments through the Yellow Book.
777/40/82924(ppt)
24
Although SOX affects corporate auditing and internal controls, the impact on government auditors is as follows:
Government auditors should encourage good governance practices with the entities they audit. Government auditors have a unique responsibility to ensure accountability for public resources and government services. The fundamental role of government auditors should remain clear and unchanged provide assurance.
777/40/82924(ppt)
25
While most corrections agencies and their activities do not fall directly under SOX, reasonable effort should be made to modify processes to comply. Where compliance is required, noncompliance can result in criminal investigation to determine whether:
Information was transmitted by mail. Information was withheld from investigators.
In other cases, agencies may be ordered to comply with auditor statements and requirements that:
Add expensive processes with no additional funding source.
Add reporting requirements not otherwise necessary.
777/40/82924(ppt)
26
Future Impact
Future Impact
Will This Go Away?
777/40/82924(ppt)
27
The results of SOX, both positive and negative, have led to several discussions on expanding the scope of SOX.
Congress is reviewing options to expand to nonprofits to reduce scandals like that of the United Way several years ago. Congress is also examining the reporting of privately held companies. The Government Accounting Office is reviewing procedures for government agencies. Additional rules in support of SOX and auditing process are under review or in draft form.
State and local governments are revising policies and in a few cases, legislation, to require SOX-like activity reporting.
777/40/82924(ppt)
28
Attorney General Eliot Spitzer has proposed a series of reforms to strengthen New York's corporate accountability laws. He stated:
Unfortunately, many of New York's laws are outdated and contain major loopholes. For these reasons, we must act to strengthen state laws to protect investors and donors.
777/40/82924(ppt)
29
Many auditors and accounting professionals offer programs to assess SOX compliance that provide:
Reports on areas of concerns. Recommended changes. Programs that align an organizations practices to comply with SOX.
All CFOs and agency budget officers should conduct reviews of internal governance and compliance.
Focus on financial and audit process understanding. Whistler-blower protections.
Key leaders should monitor SOX as well as state and local policy changes.
777/40/82924(ppt)
30
Conclusion
Conclusion
What Are the Key Points?
777/40/82924(ppt)
31
Understand that SOX is the model for legislative initiatives aimed at both public and private companies in a number of states. Maintain a strong and independent audit committee (where used). Keep any arrangements for the auditor to provide non-audit services independent of audit services. Ensure executives understand the financial, compliance, and other external information reporting. Establish, maintain, and document significant financial and compliance controls. Maintain and archive all appropriate entity records. Remember SOX is the benchmark against which every companys financial and corporate governance practices will be measured.
777/40/82924(ppt)
32
Internal audits.
Compliance management. IT oversight and operations.
777/40/82924(ppt)
33
Conclusion Resources
www.aicpa.org www.findlaw.com
www.pcaobus.org
www.sec.gov
www.sec.gov/rules/final.shtml
www.isaca.org
777/40/82924(ppt)
34