Reflections on Sarbanes-Oxley Act of 2002


It’s been five years since the passage of the Sarbanes-Oxley Act of 2002, and for many of us, it seems like it’s been around for a lifetime. While the intent behind the legislation was good, it has been extremely costly, and some wonder if the benefits have justified the high price tag.

The legislation was intended to help protect retail investors in public companies by bringing certain standards to the financial reporting process. Sarbanes-Oxley requires the executives and directors of the company to certify financial results, which holds them responsible for the accuracy and completeness of the financial data.

The legislation also put into place provisions that were intended to give investors more confidence in the audit reports issued by audit firms. The legislation was intended as a step toward preventing fraud in public companies, but opinions on the results vary widely.

The Rules
Sarbanes-Oxley created the Public Company Accounting Oversight Board (PCAOB), which is a private, not-for-profit entity that reports to the Securities and Exchange Commission (SEC). This organization is focused on providing useful and independent audit reports to the public. To this end, the PCAOB registers public accounting firms, sets quality and ethical standards for the issuers of audit reports, inspects registered public accounting firms, and leads investigations and disciplinary actions against auditors.

Under Sarbanes-Oxley, companies must assess their internal controls, which are the policies and procedures that ensure the accuracy of financial data. In practice, public companies spent thousands of hours documenting procedures and their effectiveness. The legislation does not explicitly require companies to improve their internal controls, but if a company has significant deficiencies in this area that remain uncorrected, the public must be notified.

Sarbanes-Oxley required changes to the boards of directors of public companies. It made it mandatory for companies to have outside, independent directors. It also requires companies to have a “financial expert” on the audit committee of the board of directors.

The legislation also included increased prison terms for those involved in financial statement fraud, accelerated reporting requirements for insider trading, and requirements to establish a whistleblower program to allow employees to report wrongdoing and fraud anonymously.

Sarbanes-Oxley prohibits auditors of public companies from engaging in other consulting work for those companies. In the past, the audit was often used as a “loss leader” to reel in a new client, hoping to get more lucrative consulting work from the client later. Although audits are supposed to be an “independent” look at the financial statements of a company, audit firms had their true independence questioned because of the amount of work done on behalf of companies and the huge fees generated from that work. With significant revenue on the line, is an audit firm really willing to hold a company’s feet to the fire on a financial reporting issue and risk losing the company’s business all together?

In Practice
It is clear that Sarbanes-Oxley has created some positive benefits for public companies and their investors. By forcing companies to evaluate their internal control processes and procedures, deficiencies were brought to light and proactive companies corrected them. Not all companies corrected the problems, however. Users of financial statements should not be fooled into thinking that Sarbanes-Oxley has solved all of the financial reporting problems.

Companies have also cited new operational efficiencies and cost savings that can be tied to Sarbanes-Oxley work. In addition to improving the reliability of the financial reporting process, some companies took advantage of the opportunity to improve operations as well.

Since the independent auditors of a public company are now prohibited from providing consulting services to that company, audit firms have changed how they conduct business.

In theory, the auditors are now more independent in their work. So while the audit firms still rely on the payment of fees by clients, the focus on only providing an audit may have increased the level of skepticism and independence by the auditors.

Corporate governance has been improved as a result of Sarbanes-Oxley. Boards of directors are more involved and more informed on financial matters. Audit committees have become more proactive in policing the activities of companies and executives. All in all, there is more oversight of the executives and more analysis of the financial results of companies, which are undeniably positive results of the legislation.

Changes on the Horizon
Some critics of Sarbanes-Oxley say that the legislation was done in haste, in an attempt to quickly allay the fears of the investing public. In doing so, some provisions of the legislation do not work as well as they should and need changing. Critics have called Sarbanes-Oxley “overregulation” and shortsighted, and since its inception, there have been many proposals regarding changes and improvements to it.

A 2006 survey by Financial Executives International (FEI) on Sarbanes-Oxley show that compliance costs have decreased, but are still substantial. FEI surveyed 200 companies, with average revenues of those companies at $6.8 billion. The average cost for annual Sarbanes-Oxley compliance in 2006 was $2.9 million, a decrease of 23 percent from the prior year’s survey. So it appears that companies are becoming more efficient in complying with Sarbanes-Oxley, yet the costs are still significant.

The survey by FEI also confirmed one of the primary criticisms of Sarbanes-Oxley: the cost versus benefit issue. Just under 50 percent of survey respondents believed that their financial reports were more accurate and more reliable. Increased accuracy and reliability is good, but 78 percent of survey respondents told FEI that the cost of compliance exceeds the benefits.

It is no surprise, then, that some of the proposed changes to Sarbanes-Oxley include decreasing the cost of compliance. Some say that the regulation went too far in terms of requirements and related costs, and that it unfairly penalizes business as a whole for the well-publicized bad acts of certain executives companies.

It is reasonable to propose changes that make compliance easier and less costly. The costs of complying with Sarbanes-Oxley have been burdensome, and it only makes sense that the legislation should be revisited and improved to find a better balance between the costs and the benefits. Those proposing changes should be careful what they wish for, however. There is no guarantee that changes to Sarbanes-Oxley won’t be worse than what is already in place.

Leave a Reply