Over ten years after Sarbanes-Oxley (SOX) was passed, a new survey from The Institute of Internal Auditors’ Audit Executive Center reflects the legislation is doing its job. The report, “2013: Time to Seize New Opportunity,” found that 75 percent of Fortune 500 companies who participated show their Chief Audit Executives report to the CEO or CFO, as well as the Board of Directors and or Audit Committee.  The first year of SOX in 2002, only 20 percent of CAE’s were reporting to their CEO’s.

Check out CIO and Co-Founder of Vibato, Teresa Bockwoldt, explain the importance of your SSAE 16 and how to safely analyze it. The checklist she refers to in the video can be found on AccountingTemplates.com HERE

The Securities and Exchange Commission has released news of its temporary suspension of trading in the securities of America’s Energy Company – AECo. The decision was based off a lack of filing of periodic reports set forth in the Securities Exchange Act of 1934. Brokers, dealers and shareholders are advised to beware that the AECo may give no quotes until they have provided the commission with the reports they have requested. To read more about this topic and who to contact with questions click here, and to see a list of other companies which have also been suspended- click here.

The PCAOB has released Audit Standard No. 16 - Communications with Audit Committees. This new standard is designed to establishe requirements that enhance the relevance, timeliness, and quality of the communications between the auditor and the audit committee. This new standard supersedes Interim Standards AU sec. 380 (Communication with Audit Committees) and AU sec. 310 (Appointment of the Independent Auditor), the transitional amendments to AU sec. 380, and related amendments to PCAOB standards.

We wanted to pose a question to our readers - aside from the perceived investor value added by selecting a Big 4 audit firm (PwC, KPMG, E&Y, or Deloitte), what other value does selecting these large audit firms add over a smaller firm?  

 Google SAS 104-115 and you will find mostly articles by us (Vibato) discussing the need for auditors to pay special attention to internal controls as part of their audit. Why? Because the AICPA & the PCAOB dictates standards that the auditors must adhere to in order to perform their audits. Parts of these requirements include reviewing your internal controls and this applies to ANY COMPANY THAT IS AUDITED – public, private, non-profit; it doesn’t matter. If you are audited, your auditors must look at your internal controls as part of your audit. If you do not have any documented internal controls then be prepared for a higher audit bill because your auditors will have to go looking for internal controls at your company on your dime year-over-year. Moreover, due to independence issues, they are not allowed to share their work with you to use going forward so they will do this work each year and all you will see for it is a higher bill. Period.

A recently published survey suggests that many CFOs are unhappy with their Big 4 audit firms but that there's not much the CFOs are doing about it. Read about the survey here. 

NASDAQ recently filed a request with the SEC to change the regulations for listing on a major stock exchange for reverse-mergers - citing concerns over fraud, stock manipulation, and the quality of audits.

An internal control deficiency can be caused by a number of issues but it is primarily defined as an error discovered during internal controls testing (e.g., a payment was coded to utilities when it should have been coded to inventory) or during a review of the internal control evidence (e.g., the internal or external auditors discover the coding mistake rather than management finding it as part of their closing activities).  An internal control deficiency may also occur simply from someone forgetting to execute one of their internal controls entirely.