Whistleblower Protections under SOX

Valerie J. Watnick wrote an interesting paper titled, “Whistleblower Protections under the Sarbanes-Oxley Act: A Primer and a Critique.”

Sarbanes-Oxley is good?

If you caught the April issue of the Harvard Business Review you might have stumbled across an aticle titled, “The Unexpected Benefits of Sarbanes-Oxley.“

Sometimes more is less!

Frank Buytendijk at Gartner reminds us that sometimes more corporate regulations lead to less (not more) corporate transparency:

Royal Dutch/Shell Oil yesterday announced its annual results. It also decided not to report predictions anymore on future oil production and on anticipated return on average capital employed. Although that’s valuable information, the company decided to stop the practice because while the predictions come true in the long term (or so they claim), on an annual basis, they were too “volatile.”

I think there have been many examples the last six months of CEOs, accompanied by their chief corporate counsel, disclosing less nonfinancial information instead of more. I’m currently in a fact-finding mode to see a pattern exists. According to this article in CFO magazine, a survey of 600 investor-relations executives revealed that nearly a third said their employers are considering ending the practice of offering profit projections to Wall Street analysts. Stay tuned

Cost of SOC implementation

There is considerable debate over the specific requirements of the Sarbanes-Oxley act, as written. Some people in the business community have acknowledged that, as John Thain, CEO of the New York Stock Exchange states, “There is no question that, broadly speaking, Sarbanes-Oxley was necessary” [1]. However, the cost of implementing the new requirements has led some to widespread questioning of how effective or necessary the specific provisions of the law truly are.

For companies, a key concern is cost of updating information systems to comply with the control and reporting requirements. Systems which provide document management, access to financial data, or long-term storage of information must now provide auditing capabilities. In most cases this requires significant changes, or even complete replacement, of existing systems which were designed without the needed level of auditing details.

Costs associated with SOX 404 compliance have proven to be significant. According to the Financial Executives International (FEI), in a survey of 217 companies with average revenue above $5 billion, the cost of compliance was an average of $4.36 million. The high cost of compliance throughout the first year can be attributed to the sharp increase in hours charged per audit engagement. This has been a boon for the auditing profession, more than offsetting the reduced revenues arising from the Act’s restriction against those firms conducting various non-audit services for audit clients.

As more companies and auditors gain experience with SOX 404, audit costs have been falling. Audit firm revenues are still higher than they were prior to the Act, although audit fees were rising prior to the Act, partly as a result of the accounting scandals that prompted the Act.

[via Wikipedia]

SOX Code of Ethics – Ignored by more than 25%

John Bace, VP of Research at Gartner, reported that only 83% of companies had met the “letter” of the SOX requirement of establishing a code of ethics; but 25% of those companies say they won’t enforce those standards.