Sarbanes-Oxley one year later: the Sarbanes-Oxley Act has had a far-reaching impact on global business, yet there are still more questions than answers. (Capital edge: legislastive & regulatory update).When passed, the Sarbanes-Oxley Act See SOX. of 2002 was heralded as a solution to a wide range of perceived corporate abuses. When fully implemented, it probably will be such a solution, at least in part--the standards of conduct and disclosure it mandates and seeks to enforce undoubtedly will eliminate many past problems. From a records and information management (RIM) perspective, however, things are a bit different. A year after its passage, Sarbanes-Oxley continues to provide more questions than answers for those seeking guidance on compliance issues for their records and information programs. This situation persists because Sarbanes-Oxley's fundamental emphasis and implementing regulations focus primarily on procedural requirements, certifications, and required disclosures as the tools through which to gain compliance, rather than on required recordkeeping and paper trails. Make no mistake--the former are powerful tools. The Act's financial statements certification requirement, for example, provides a strong incentive for those executives who must sign to ensure that the statements are correct. In similar manner, Sarbanes-Oxley's Corporate and Criminal Fraud Accountability Act There are a number of piece of legislation known as the Accountability Act:
n. 1. A long irregular strip that is cut or torn off. 2. A small amount; a particle: not a shred of evidence. tr.v. runs a far riskier proposition for those who seek to cover up evidence of wrongdoing wrong·do·er n. One who does wrong, especially morally or ethically. wrong  do .
The reality is, however, that although Sarbanes-Oxley is fundamentally about records and information--its whole purpose could be characterized as ensuring that corporate accounting records are accurate and complete, and fully disclosed--it doesn't actually say much about records. The certification of financial statements is a good example: If the certification turns out to be false, the certifying executives certainly will find their necks on the line. In view of this consequence, it would be nice for executives to know what constitutes adequate due diligence Research; analysis; your homework. This term has caught on in all industries, because it sounds so "wired." Who would want to do analysis or research when they can do due diligence. See wired. and what documentation of due diligence they ought to create. No such guidance is forthcoming, however. CEOs are on their own as to what ought to be done. Should certifications make it to court, as surely they eventually will, the issue of just what the CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. reviewed will come up, as will the paper trail the CEO used to document that review. Other provisions give rise to similar issues. Criminal liability is mandated for improper shredding, but no light is shed on what constitutes a Sarbanes-Oxley-compliant records retention program. Other matters similarly imply some sort of documentation or some way of managing records without giving any hint as to particulars. In each case, the comfort level records managers are used to--a legally required record set, described in detail, with a stated retention period--is absent. Future regulations, or amendments to the act may provide more detailed guidance on these matters. It is also plausible that future developments will be more of the same: certifications, disclosures, and mandated outcomes, with little or no direction as to their implementation or recordkeeping. Back to Fundamentals Where does this leave RIM professionals or corporations seeking guidance on developing records and information programs that are responsive to Sarbanes-Oxley issues? On their own--but that may not be a bad thing. Even without legally mandated requirements, there are many things that can be done, and the lack of stated standards gives corporations some leeway lee·way n. 1. The drift of a ship or an aircraft to leeward of the course being steered. 2. A margin of freedom or variation, as of activity, time, or expenditure; latitude. See Synonyms at room. in how to do them. In such cases, standards of reasonableness taken from a variety of sources can be used in place of the legal standards absent from Sarbanes-Oxley. The first thing is to look to fundamentals. For example, Sarbanes-Oxley mandates penalties for improper records destruction. This points to an obvious starting place: Is the records retention program sound? Is it structured and implemented so that suspicions of improper activity are unlikely to arise? This might be a good time to review the records program from a forensic standpoint and make sure that it passes muster. Similarly, Sarbanes-Oxley is about ensuring full and accurate audit of accounting records. Although RIM professionals have no control over accounting record content, they do have control over the management of those records. Well-managed and well-organized records facilitate Sarbanes-Oxley compliance because they foster the financial transparency that is the act's goal. Improved records management translates directly into increased compliance and decreased likelihood of violations or allegations under Sarbanes-Oxley. Finally, the act's current structure offers RIM professionals the opportunity to weigh in on an important aspect of corporate compliance: documenting due diligence on the act's many certifications, procedures, and implementing regulations. One example is the review process for financial certification. The CEO certainly can't look at everything, or even a small fraction of all financial data. Therefore, a winnowing winnowing: see threshing. process will need to be developed and documented, as will compliance with that process, to demonstrate that the CEO did his or her best to gain full understanding of the corporation's finances prior to certifying them. Not only is this an entirely records-oriented process, but new and highly valuable records will be created as a result. RIM professionals can and should be intimately involved, thereby gaining the opportunity to address an issue with a high profile among top management. Other areas of Sarbanes-Oxley afford similar opportunities. A Watchful Eye The final thing that information professionals must do is keep a finger on the law's pulse. Sarbanes-Oxley is very new. More regulations are a certainty, as are court cases, professional standards, and other events that will influence future directions. Any compliance decision made today that is not directly mandated by Sarbanes-Oxley itself--and most RIM decisions fit this description--must necessarily be considered provisional. As more is learned about how the law operates in the real world and in the courts, provisional decisions undoubtedly will undergo revision. Currently, corporations are in a transition state with Sarbanes-Oxley. Those seeking to gain compliance will have to make some of their own rules. It is clear that some actions must be taken, but those actions are not clear. Clarity requires a systematic analysis of the RIM demands made by Sarbanes-Oxley and a self-motivated push toward meeting those demands. Only then can a corporation claim to be compliant with Sarbanes-Oxley. Sarbanes-Oxley's Impact Is Felt. Internationally The Public Company Accounting Oversight Board The Public Company Accounting Oversight Board (or PCAOB) (sometimes called "Peekaboo") is a private-sector, non-profit corporation created by the Sarbanes-Oxley Act, a 2002 United States federal law, to oversee the auditors of public companies. (PCAOB PCAOB Public Company Accounting Oversight Board ) and the U.S. Securities and Exchange Commission (SEC) recently announced a new proposal requiring foreign firms auditing U.S.-traded firms to register with the accounting board, in compliance with the Sarbanes-Oxley Act of 2002. The proposal, as well as Sarbanes-Oxley itself, has been met with resistance from foreign audit firms that are unhappy about having to comply with two sets of regulations and having to subject their sensitive audit documents to PCAOB review. European Commission European Commission, branch of the governing body of the European Union (EU) invested with executive and some legislative powers. Located in Brussels, Belgium, it was founded in 1967 when the three treaty organizations comprising what was then the European Community Director of Financial Markets David Wright David Wright may refer to:
European Community (EU) countries can get their own rules in line with the U.S. requirements. But U.S. regulators refused, saying that an aggressive stance was needed to reassure investors. Every company listed on an American exchange, including more than 1,300 non-U.S, businesses, and their CEOs must comply with the Act. The PCAOB adopted final rules April 23, 2003, but they must be approved by the SEC before becoming effective. The regulations require U.S. firms to register by October 2003 and foreign firms to register by May 2004. Firms failing to register will not be allowed to audit publicly traded companies publicly traded company A company whose shares of common stock are held by the public and are available for purchase by investors. The shares of publicly traded firms are bought and sold on the organized exchanges or in the over-the-counter market. in the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. . EU Asks for More Time EU Internal Market Commissioner Frits Bolkestein Frederik Bolkestein (born 4 April 1933 in Amsterdam; usually known as Frits Bolkestein ) is a Dutch politician and former EU Commissioner. called for a moratorium on the registration of EU audit firms so that effective trans-Atlantic and international solutions to restore confidence in financial markets can be agreed upon Adj. 1. agreed upon - constituted or contracted by stipulation or agreement; "stipulatory obligations" stipulatory noncontroversial, uncontroversial - not likely to arouse controversy . Bolkestein said, "Registration of EU audit firms is unnecessary, burdensome, and disproportionate because the EU has already equivalent systems in place that deal with registration, oversight, and external quality assurance of auditors, which are continuously being improved at EU and national levels." In addition, EU members say some provisions directly contradict the national requirements of the member states where their companies and auditors are based. In the wake of the Enron scandal The Enron scandal was a financial scandal that was revealed in late 2001. After a series of revelations involving irregular accounting procedures bordering on fraud, perpetrated throughout the 1990s, involving Enron and its accounting firm Arthur Andersen, it stood at the verge of , many governments strengthened regulations to ensure that a similar scenario would not unfold in their jurisdictions. Last year, EU foreign ministers agreed to develop an "action plan" on company law, which will include a corporate governance Corporate Governance The relationship between all the stakeholders in a company. This includes the shareholders, directors, and management of a company, as defined by the corporate charter, bylaws, formal policy, and rule of law. review singling out the role of company bosses. The U.K. Accounting Standards Board The role of the Accounting Standards Board (ASB) is to issue accounting standards in the United Kingdom. It is recognised for that purpose under the Companies Act 1985. It took over the task of setting accounting standards from the Accounting Standards Committee (ASC) in 1990. issued plans for how companies should restate parts of their financial accounts and the disclosures that they should make. In Germany, where many view the rules as too reactionary, the law requires financial reports to be endorsed by management and review boards, not chief executives. Deliberately falsifying fal·si·fy v. fal·si·fied, fal·si·fy·ing, fal·si·fies v.tr. 1. To state untruthfully; misrepresent. 2. a. balance sheets already is a punishable offense. The Canadian Public Accountability Board was established to supervise the accounting industry, and the Toronto Stock Exchange Toronto Stock Exchange (TSE) Canada's largest stock exchange, trading approximately 1,200 company stocks and 33 options. has amended its governance guidelines and stiffened the penalties for insider trading. As a result of Sarbanes-Oxley, nearly two-thirds of European executives European Executive is an British airline based in Shoreham, United Kingdom. It operates scheduled passenger flights and corporate, pleasure and freight flights. Its main base is Shoreham (Brighton City) Airport. surveyed by PricewaterhouseCoopers last year said they were less likely to access U.S. capital markets, citing over-regulation as the biggest threat to their business. John Montana, J.D., is a records management and legal consultant and principal of Cunningham and Montana. He may be contacted at johnmontana@qwestinternet.net. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion