http://www.networkworld.com/news/2006/051106-sox-costs.html By Ann Bednarz NetworkWorld.com 05/11/06 Two years of compliance with the Sarbanes-Oxley Act (SOX) have shored up corporate accounting practices - but with lopsided costs compared to benefits gained. That's the general consensus of a wide range of business executives and auditors who gathered Wednesday in Washington, D.C., for an all-day roundtable hosted by the U.S. Securities and Exchange Commission and the Public Company Accounting Oversight Board (PCAOB). The SEC and PCAOB arranged the roundtable to solicit feedback about Section 404 of the legislation, which requires companies to attest to the effectiveness of internal controls put in place to protect financial reporting systems and processes. "The Sarbanes-Oxley Act was a critical step in addressing an unprecedented string of corporate scandals that were rooted in very serious governance, accounting and audit failures," said SEC Chairman Christopher Cox in his opening remarks. Section 404 has the potential to improve the accuracy and reliability of financial reporting - but only if it's implemented properly, Cox said. "In practice it hasn't always worked out that way," he acknowledged. Likewise Bill Gradison, acting chairman of the PCAOB, said that guidance the SEC issued last year and PCAOB's latest auditing standard may not be enough to clarify the rules that govern the reporting and auditing of internal controls. "Based on the information we already have, it would seem that some further changes may be in order," Gradison said. Over the course of five panel discussions, participants shared their experiences with the internal control reporting requirements. Philip Ameen, vice president and comptroller at General Electric, detailed the benefits of two years of Section 404 compliance: "One, we're certainly more focused on controls, both in our underlying operations and in operations that we're assessing for acquisition. Two, we are more sophisticated in those assessments and we're more targeted in analyzing and assessing the controls that are important to our reporting processes. And thirdly, we have a common vocabulary for talking about the controls," he said. "Overall, on balance, I think the management team, the board of directors and people down in trenches doing the testing are favorably impressed with progress that has been made in the second year of 404." That said, GE didn't experience much relief in terms of the scope and cost of compliance in the second year. It tested 38,000 significant controls in 2005, down slightly from 40,000 the year earlier. In 2004, GE spent about $33 million on Section 404 compliance, and costs ran about the same in 2005, Ameen said. While GE's tally didn't decline, research suggests other companies are seeing compliance costs drop in their second year. Colleen Cunningham, president and CEO of Financial Executives International, said companies with two years of compliance under their belts reported that costs dropped an average of 16%. That said, 85% of respondents to FEI's latest survey believe the costs of SOX compliance still outweigh the benefits. _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri May 12 2006 - 01:20:58 PDT