One Day SOX Implementation for Expanding Gold Mining Company
PETALUMA, Calif. - August 24, 2010 -
Vibato recently completed a SOX implementation for Golden Phoenix Minerals, Inc. (OTC Bulletin Board: GPXM). They are a Nevada-based mining company (www.Golden-Phoenix.com) whose focus is Royalty Mining in the Americas, who engaged Vibato to re-engineer their SOX environment to establish a strong internal control infrastructure for their future growth plans. Vibato delivered a product suite consisting of a risk assessment, segregation of duties analysis, control matrix with complete supplemental documentation, and fully-integrated testing plans, in just one day on-site.
“Our previous experience with SOX had been a disappointment, with six consultants providing an onerous set of documentation that was designed for manufacturing and not mining,” said J. Roland Vetter, chief financial officer of Golden Phoenix Minerals, Inc. “But our experience with Vibato could not have been better. They actually got our accounting staff to look forward to working on SOX-related activities again, and we are counting on them to support our SOX testing and expansion efforts as we grow.”
“We never like to hear SOX implementation horror stories, but we are always excited when the real value of our approach is recognized,” said Bill Bockwoldt, chief executive officer of Vibato. “Companies like Golden Phoenix, who are beginning to experience rapid growth, must be able to rely on their internal controls automation and scalability to facilitate their expansion."
Vibato continues to expand their roster of satisfied clients, while seeking to build stronger relationships with consulting and services firms who offer expertise in the areas of audit, compliance and risk management. Vibato’s unique approach has been benchmarked against the Big Four audit plans and has been deployed successfully across a diverse array of industries and companies. Vibato solutions focus on scalability, standardization, modularity, and efficiency to deliver the most compelling compliance tools available for companies of all sizes, across any type of industry.
About Vibato
Vibato, LLC is dedicated to providing the most cost-effective compliance solutions available. Our mission is to help you reduce audit and compliance fees, improve financial transparency, and run your business more efficiently. For more information, please visit us at www.vibato.com or contact us directly at mail@vibato.com.
This was an excellent article on why it is more important than ever to accurately document your company-specific risk exposure. The SEC Top 10 List of most frequently questioned issues over the last two years includes “Ineffective internal or disclosure controls”, an area that we believe will be receiving even greater scrutiny in light of the recent Sarbanes-Oxley 404(b) exemption for non-accelerated filers.
You can read the full article here.
The Public Company Accounting Oversight Board has made a concept release on the "Possible Rulemaking Approaches to Complement Application of Section 105 (C)(6) of the Sarbanes-Oxley Act of 2002."
If you would like to view the press release detailing the PCAOB's reasons for making this release, please click here.
To view the actual release and rule filings, please click here.
Now that the wait for the 404(b) reprieve is over, it appears that a new trend is emerging to investigate 404(a) statements more closely, as expressed in recent articles on investor and auditor sentiment regarding the legislative change. We are hearing from auditors directly that they will be applying more scrutiny to 404(a) statements made by their clients in their financial reports, to ensure that there is a real basis for self-certification. The newly aggressive SEC and DOJ are expanding personnel and focusing on Corporate Governance and the role of Audit Committees, Directors and Company Officers in Compliance and Financial reporting.
Section 404(a) includes many of the same requirements that 404(b) sought to examine:
- The annual assessment must be performed by both a Competent and Objective party per SEC guidelines.
- Companies must still include a certification by the Chief Executive Officer and Chief Accounting Officer that they tested financial controls as part of annual yearly 10K statements.
- The establishment and documentation of internal controls around financial reporting and the systems used to produce financial reports (this includes IT-related controls).
- Testing of these internal controls to prove that they are in place and functioning as specified.
- Attestation (Section 302) by executive management that all controls are in place and have been tested as working.
- Compliance with this legislation since 2007 (which means you should have been doing this, per existing law, for the last 3 years already).
While many wonder if the “self-certification” aspect lets the auditors off the hook, it may become a new yardstick by which external auditors will evaluate annual financial reports, and hence many of the same questions asked during a 404(b) audit will still apply. If auditors cannot find basis for these certifications, it may open up a new area of investigation that could inevitably lead to the same type of scrutiny (and cost) applied to a 404(b) implementation engagement.
We believe that companies would be well-served by being prepared for these types of inquiries from both their investing public and their external audit partners.
Here at Vibato, we were recently questioned about what the Wall Street Reform Act means for non-accelerated filers with June 30th year-ends. Some lawyers have been claiming that the Wall Street Reform Act will be retroactively applied to these companies, so we contacted the SEC about the issue.
Through speaking with members of the SEC, we found that SOX 404(b) exemption will not be retroactively applied to non-accelerated filers with a June 30th year end. However, what really matters for non-accelerated filers is the date that they file(d) their Form 10K as per Rule 12b-10. If the non-accelerated filer filed their 10K form before 21 July 2010 (the date the President signed the Wall Street Reform Act), then they must comply with SOX 404(b). If they file their 10K form after 21 July 2010, they do not have to comply with SOX 404(b). So for non-accelerated files with a June 30 year end, the real question is when was/will their Form 10K be filed. This determines whether or not their 10K form must be compliant with SOX 404(b).
In simplest terms, when you make a Form 10K filing, you must comply with the laws in place at the time of your filing, even if the law changes after your filing.
POST UPDATE:
From the AICPA:
The Act exempts non-accelerated filers from compliance with SOX Section 404(b) requirements which relate to the independent auditor's attestation on the effectiveness of issuer's internal control over financial reporting. Without this exemption, non-accelerated filers would have had to comply with SOX Section 404(b) beginning with their annual reports for fiscal years ending on or after June 15, 2010, the expiration of the SEC's deferral period.
SEC Chairman Mary Schapiro on July 20, 2010 during her testimony before the U.S. House of Representatives Committee on Financial Services, Subcommittee on Capital Markets, Insurance and Government-Sponsored Enterprises on the Oversight of the SEC: Evaluating Present Reforms and Future Challenges indicated that the SEC will make it clear that they will not expect issuers to comply with SOX Section 404(b) if they are otherwise exempted under the law.
Read more at the link.
Interesting article on User Developed Applications (UDAs). This could also apply to spreadsheets used for internal controls work, especially if they are distributed across departments and not centralized. Applications are typically developed for expense calculation and tracking (e.g. stock comp expense) as well as financial analysis. We try to take an approach that these types of tools should have permission control and be stored in documented locations where appropriate review and updating can be performed. It makes audit-related work much easier in the end!
"Internal Auditors Target Spreadsheets
The practitioners' leading trade group launches a campaign to get better control over spreadsheets and databases created without oversight from IT.
David McCann - CFO.com | US”
Click here to read the full article.
The article below was sent from a dear friend of mine and fellow SOX enthusiast, Clark Keeler, Director, BPM. I find the article to have a significant amount of irony considering it claims that "American business people of a conservative nature have been dreaming about driving a stake through the heart of the Sarbanes-Oxley act ever since the legislation was passed..." It would seem to me that if a person was truly fiscally conservative, they would consider Sarbanes-Oxley to be the prudent choice rather than the radical one. Internal controls require there to be a check point in a business procedure that requires someone other than the preparer of the documentation to verify the accuracy of what was prepared. This verification prevents someone from acting alone when making decisions about shareholder assets (physical assets, capital, intangible assets, etc). I am of the opinion that this double check adds a necessary layer of review considering the potential for fraud, errors, omissions, etc. Considering all that we at Vibato, LLC have found when testing internal controls, this is no longer just opinion but rather, fact. Read more on the article here:
“Two cheers for Sarbanes-Oxley
The Supreme Court gets it right by tweaking, but not overturning, the controversial legislation
Jun 29th 2010
AMERICAN business people of a conservative nature have been dreaming about driving a stake through the heart of the Sarbanes-Oxley act ever since the legislation was passed, back in 2002, in the wake of the Enron, Tyco, WorldCom and Global Crossing scandals. George Bush rightly described the legislation as “the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt”. But to its critics it is far-reaching in the wrong direction. The American Enterprise Institute, a right-wing think-tank, has dismissed Sarbox as a “colossal failure”. Ron Paul, a Texan libertarian, has argued that it puts America at a competitive disadvantage. The Wall Street Journal thunders that it has “imposed hundreds of billions of dollars in costs on business with no noticeable decline in financial scandals”. Newt Gingrich has urged Congress, the body that he once dominated, to repeal the act.”
See the full article here.
Yesterday the PCAOB released a news release about the Wall Street Reform Act's passage yesterday morning.
Please follow this link to read the whole release.
"From the PCAOB:
Washington, D.C., July 21, 2010 – Today’s enactment of the Dodd-Frank Wall Street Reform and Consumer Protection Act facilitates the PCAOB’s ability to share information with foreign auditor oversight authorities and closes gaps in the Board’s authority to oversee audits of brokers and dealers."
404(b) will no longer be required for non-accelerated filers per the Wall Street Reform Act that was signed into law on, July 21, 2010.
ABC.com has a great article on this:
"President Obama signed the Wall Street reform bill into law at the Ronald Reagan building in Washington, D.C late this morning.
“We are gathered, in the heart of our nation’s capital, surrounded by memorials to leaders and citizens who served our nation in its earliest days and in its days of greatest trial. Today is such time for America,” President Obama said, “these reforms represent the strongest consumer financial protections in history -- in history.”
Flanked by Chairman Frank and Dodd, Vice President Biden, Speaker Pelosi, Senate Majority Leader Reid and others from Congress who contributed to the reform efforts, the president noted that the bill was no easy sell."
Click here to read the full article.
I read this press release this morning and feel that our readers will find it interesting. It details the Center for Audit Quality's reaction to the Supreme Court's PCAOB Decision:
http://www.thecaq.org/newsroom/release_06282010.htm