Defining moment for good governance: research from both Financial Executives Research Foundation and Robert Half international find that Sarbanes-Oxley compliance is fast becoming a standard measurement for governance best practices for public companies and private companies, as well.
In a Robert Half International survey of 1,400 CFOs from privately held businesses, The Impact of Sarbanes-Oxley on Private Business, 58 percent said that their companies are responding to accounting regulations by implementing new practices. Among those who cited a specific action, 44 percent are reviewing or changing current accounting procedures, and 36 percent are creating or expanding the internal audit function.
In interviews with FEI members and other professionals, Financial Executives Research Foundation (FERF) examined how Sarbanes-Oxley could be implemented in the private sector, and learned that there are advantages for early voluntary compliance.
Why Sarbanes-Oxley for Private Companies?
Some of the Sarbanes-Oxley provisions are directly applicable to both public and private companies. These include: document retention, increased penalties for mail and wire fraud and liability for retaliation against whistleblowers, and increased criminal penalties for violation of ERISA says Craig Adoor, a partner at Blackwell Sanders Peper and Martin LLP. Violations of those sections call for fines and/or imprisonment.
Furthermore, debts incurred in violation of federal or state securities law or common law fraud in connection with the purchase or sale of a security are non-dischargeable in bankruptcy. There are benefits to be gained under the Federal Sentencing Guidelines, Adoor says, and while complete immunity is not provided if something goes wrong, the courts will take compliance into consideration.
Boards of directors of companies with only very few shareholders should be cognizant of good corporate governance principles. The boards of these types of companies are often comprised of these shareholders inducing the board to ignore principles of governance and fiduciary duties. However, as Adoor points out, these directors will be held to owe a fiduciary duty to creditors if the company suffers financial difficulty and enters into what he says the courts refer to as the "zone of insolvency."
Apart from statutory requirements, companies will benefit from complying with some sections of Sarbanes-Oxley, particularly from a governance perspective, as they need to stay competitive in the marketplace. For example, companies that rely on lenders or venture capital could encounter additional questions about financial disclosure or governance practices.
"Venture capitalists looking at a potential investment want to see good internal controls and an independent board. It makes them feel more comfortable about their investment," says Adoor. Indeed, he adds, "Companies with good governance will have a leg-up in obtaining venture capital financing."
Companies seeking loans are also starting to see the impact of Sarbanes-Oxley. Though Adoor has not seen a commercial lending deal fall through because of internal controls, he notes that bankers are asking about data on Sarbanes-Oxley compliance for new loan agreements.
Andrew V. Tripoli, founder of Aegis Governance Inc., a corporate-governance consulting firm, has seen client companies presented with boilerplate language on compliance with Sarbanes-Oxley and related regulations inserted into agreements by lenders. "This is always overkill, and we then negotiate away the inappropriate boilerplating," he says. Though the broad language is currently being used to mitigate potential risk, Tripoli acknowledges that there is still give-and-take between companies and their lenders and investors on including such terms.
Unlisted companies with public debt must comply with the Securities and Exchange Commission's (SEC) reporting requirements. Executive certification and internal control reporting provisions are applicable to these types of companies, according to the RHI study. In any lending situation, some form of adherence to the act's provisions may even result in lower interest rates.
Demonstrating efforts to comply with Sarbanes-Oxley will also likely result in reduced insurance costs. Since insurers have realized that private company shareholders can sue the board of directors for breaches of duty, premiums are being raised for both public and private companies. Though other factors have contributed to rising premiums, the new regulation has led to a sense of increased litigation risk. Constance E. Lund, senior vice president of corporate finance at American United Life Insurance Co. (AUL), notes that its director and officers (D&O) carrier asked questions about Sarbanes-Oxley compliance when the company renewed its policy. Tripoli says he has seen companies turned down for coverage.
For private companies looking for an exit strategy, potential acquirers will also look favorably at Sarbanes-Oxley compliance. This would involve selling the company (in an acquisition) or selling shares in the company (in an initial public offering). Either way, buyer(s) would want a level of comfort in knowing that the company is ethical from the top down. If a company has not implemented any of the provisions, this could either delay the offering or lower the selling price. Likewise, proactive efforts may lead to acquisition premiums.
The study by RHI notes that businesses that are considering going public (or being purchased by a public company) should have a good grasp of what is required of public companies and take similar steps toward compliance, so that they can meet requirements as soon as necessary.
To a broader extent, compliance with Sarbanes-Oxley raises the level of competition for attracting the best directors, officers, employees, joint venture partners, customers and vendors. The RHI study finds private companies that do business with government entities, report to federal regulatory agencies and have corporate residency in states that enact parallel laws or regulations, could be affected by the accounting reforms.
There is a general recognition that public company standards will trickle down to privately held companies, particularly with section 404, Management assessment of internal controls. Public accounting firms are likely to have similar procedures, if not expectations, for auditing both public and private companies, especially in regards to auditing internal controls systems. The RHI study mentions that public companies could pressure their private partners to improve their internal controls as a condition of working together, especially if a private company partner receives favorable credit terms or long-term contracts.
How are Private Companies Doing?
At AUL, a medium-sized mutual holding company, the board of directors, audit committee and management have taken an active role in trying to comply with the spirit of Sarbanes-Oxley. For example, although certification (Section 302) is not required, the company does certify financial statements to its board and audit committee.
As defined in Section 407, Disclosure of audit committee financial expert, the audit committee at American TeleCare Inc., a healthcare technology company, has two qualified financial experts, says George Boyadjis, executive vice president, CFO and treasurer. The committee membership includes an individual who chairs a Fortune 500 company audit committee, and is very aware of the relevant issues, and two other independent board members. American TeleCare also has a post-Sarbanes-Oxley audit committee charter in development. Additionally, the company has performed a gap audit to determine what needs to be done should it choose to follow the requirements for public companies under Sarbanes-Oxley.
Focus on Section 404
AUL has directed much of its attention toward Section 404. Though the company considered the financial resources and constraints related to 404 implementation, it chose to enhance its process. Prior to the extension of 404 compliance from fiscal 2003, AUL made the decision to be in compliance by the end of 2004. With the assistance of outside consultants, its plan calls for the company to be in a position to assert internal control without paying for auditor attestation.
To prepare, a presentation on the overall 404 project plan was made to the company's management committee. Additional preparation, which took about four to five months, included discussions on how to communicate internally and a pilot test in a corporate area to determine the time and effort involved and what to look for when speaking with consultants.
Criteria (organized in a checklist) were developed that assessed the degree of independence, demonstrated industry expertise, approach and scope and technology of each consultant. The advantages, disadvantages, ratings and expenses associated with each vendor were also considered. After narrowing the field to two, the company chose a public accounting firm not responsible for its external audit.
AUL had success with the internal pilot. With increased awareness of internal controls and documentation, the individuals that went through the pilot were able to better understand how their jobs fit in the big picture and identify ways to streamline operations. Lund notes that the pilot provided users a sense of ownership over their jobs and allowed the information in people's heads--the heart of internal controls, beyond what is in procedure manuals--to get on paper. "We are in much better shape because of this," she says.
However, Lund concedes that based on further estimates of time commitment in the company's divisions, it looks unlikely that it will meet the 2004 deadline for full compliance. AUL is proceeding to schedule activities to have major areas reviewed and documented prior to the end of 2004, aiming towards full compliance during 2005.
For Starters: The Code of Ethics
For small private companies that are not as far along as AUL, Adoor recommends implementing a code of ethics. If there are problems in the future, a legal defense could be strengthened if a code was in force. If a company does adopt a code of ethics, make sure that the code is communicated to all the employees, and make sure that it is adhered to. "You need to be fully committed to it," he says. "A company's culture starts from the top down."
Also, companies that don't already have independent directors or audit committees comprised of a majority of independent directors should consider adding board members on the basis of their background and experience, such as retired financial executives and CPA audit partners.
Tripoli recommends that companies designate a compliance officer who reports to the most independent corporate governance function, such as the audit committee. Whether the officer is an internal employee or external consultant, the officer should take charge of a compliance program and address whistleblower issues.
Both public and private companies no doubt want to do the right thing and adopt best practices used by leading companies. More specifically, private company compliance with Sarbanes-Oxley is likely to range along a continuum, depending on the type of business and its ownership structure. It may be easier and more beneficial for a company in a regulated industry or with a diverse ownership structure to comply than a company that is closely held or without an exit strategy.
Practically speaking, both Sarbanes-Oxley's governance provisions and the stock exchanges rules cannot and do not have to be applied verbatim. At the minimum, however, private companies should be cognizant of the provisions, especially those that fit their culture.
How Private Companies are Managing the Internal Audit Function "In light of the Sarbanes-Oxley Act requirements for auditor independence and New York Stock Exchange rules mandating an internal audit function, how are you managing your company's internal audit function, if at all?" Using existing (37%) internal audit staff None/ does not apply (22%) Outsourcing (30%) or co-sourcing the internal audit function Other/dont know (6%) Hiring additional internal audit staff (4%) Creating a new internal (1%) audit department Note: Table made from pie graph. Source: Robert Half International survey of 1,400 CFOs from privately held U.S. companies
Cheryl de Mesa Graziano, CPA, (email@example.com) is Director of Research for Financial Executives Research Foundation (FERF). The FERF study referred to is available online at the FERF bookstore: www.fei.org/rfbookstore/.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||best practicesA|
|Author:||de Mesa Graziano, Cheryl|
|Date:||Nov 1, 2003|
|Previous Article:||eLearning a better chalkboard: online learning has come a long way in recent years, and as an established part of most corporations' training...|
|Next Article:||What's happening with costs and what to do about them: workers compensation coverage has gotten more difficult to obtain, and costlier, in the past...|