|
|  |
 |
|
Rethinking
Sarbanes-Oxley
Taking Stock of Its Pluses and Minuses
By
Louis Grumet
NOVEMBER
2007 - In 2002, scandals at companies like Enron, Adelphia, Tyco,
and WorldCom cast a cloud over the accounting profession. Every
day seemed to bring new details of malfeasance. Investor confidence
in U.S. financial markets was severely shaken. It was easy to
wonder: Can any company be trusted?
What emerged
from the scandals was a bill named after its two chief sponsors,
Senator Paul Sarbanes (D-Md.) and Representative Michael G. Oxley
(R-Ohio). The Sarbanes-Oxley Act (SOX) was signed into law by
President Bush on July 30, 2002, and created a new private-sector,
nonprofit corporation—the Public Company Accounting Oversight
Board (PCAOB)—to oversee the financial reporting of public
companies. Among other changes, SOX’s sweeping reforms required
that a company strengthen auditor independence; have its chief
executives sign off on the financial statements; obtain an opinion
about its internal control systems; and have an internal audit
function that is examined by external auditors.
These changes
have been controversial. Opinions vary widely on the efficacy
and exigency of SOX. Some say SOX makes companies risk-averse.
Others complain that it undermines the global competitiveness
of U.S. markets. The cost of compliance has been far higher than
initially predicted. In particular, costs to comply with SOX section
404—the internal control system certification provision—have
been decried by many as unfair, especially for smaller organizations.
Make no mistake, SOX is not perfect, nor are its prescribed controls
necessary for all kinds of enterprises.
But today,
more than five years after its passage, there can be little doubt
that SOX has strengthened corporate accountability and vastly
improved public confidence in big business and the U.S. securities
markets. While SOX may have negatively affected the earnings of
certain corporations, the best argument in favor of the law comes
from simply looking at the performance of our financial markets.
Between July 30, 2002, and June 30, 2007, the Standard & Poor’s
500 has increased 67%, representing about $4.2 trillion in market
value.
Fears about
SOX’s effect on American business’s risk-taking and
competitiveness are overblown. The United States currently controls
45% of global mutual-fund assets and 70% of global hedge funds.
A record 22 foreign companies executed IPOs on the New York Stock
Exchange and Nasdaq during the first six months of 2007. Only
17 foreign companies did so in the first half of 2000, before
SOX was enacted. SOX was also designed for large, publicly held
businesses; it does not apply to small, private companies, which
are the proving ground for so many leading-edge ideas.
Standardization
and efficiency gains have significantly reduced the costs of SOX
compliance. Financial Executives International (FEI) recently
studied section 404’s financial impact on 200 large companies
(average annual revenues of $6.8 billion). The study found that
in 2006, these companies spent an average of $2.9 million to comply
with SOX section 404. This figure is 23% lower than in 2005 and
on average less than 1% of revenues.
SOX is also
flexible. Small public companies have been given a temporary exemption
from some of section 404’s more onerous requirements, and
new guidelines for auditors should reduce the cost of compliance
for other companies.
SOX compliance
is not only getting less expensive, it also appears to be achieving
its goals. Requiring audit committee independence and making audit
committees, not CEOs, responsible for hiring outside auditors
may be SOX’s most enduring legacy. Three leading economists—Luigi
Zingales, Alexander Dyck, and Adair Morse—recently examined
230 alleged corporate frauds in America from 1996 to 2004. Guess
who they found was most likely to report corporate wrongdoing
in the pre-SOX environment? It wasn’t the auditors, it wasn’t
industry regulators, and it wasn’t the SEC. It was employees.
During that time, only one-third of corporate frauds were discovered
by auditors, industry regulators, or the SEC—the very people
and organizations responsible for uncovering fraud. After SOX,
however, 50% of serious frauds were exposed by those with a professional
responsibility to do so.
CPAs should
not judge SOX solely by its immediate fiscal impact. The law was
drafted and implemented hastily, but our government needed a symbol—an
immediate display of strength—that showed the world we would
not tolerate any more Enrons or WorldComs. SOX became that symbol,
and has become a beacon for the kind of controls needed for large
corporations in the 21st century.
Louis
Grumet
Publisher, The CPA Journal
Executive Director, NYSSCPA
lgrumet@nysscpa.org
|
|