Our Blog

Our Goal

Delivering integrated, cost-effective tools for establishing, documenting, and maintaining Internal Controls around financial reporting is our passion and focus. The goal of our blog is to keep our readers informed on related industry trends, legislative activities, and specific events. We focus on Sarbanes-Oxley and SAS-related compliance topics for public and private companies and provide our own perspective to assist our clients, partners, and readers with making informed decisions about their compliance needs and strategies. We would appreciate your feedback on our blog posts and welcome open discussion on any topics we cover or that our readers would like to discuss.

--Teresa Bockwoldt, CIO & Founder 

Follow Me

Subscribe by Email

Your email:

Customer Testimony

"I was extremely impressed with the efficiency of [Vibato's] product and the ability to implement it in less than a week!"

--Jeff Jarvie, Controller, iMergent, Inc.

Read more testimonials here

BlogRoll

Most Popular Posts

Posts by Month

Browse by Tag

Vibato® Blog

Current Articles | RSS Feed RSS Feed

The SEC's Top 10 Risks: #7. Ineffective Internal or Disclosure Controls

Posted by Teresa Bockwoldt on Wed, Aug 11, 2010 @ 11:35 AM
  | Share on Twitter Twitter | Share on Facebook Facebook | Submit to Digg digg it |  Share on LinkedIn LinkedIn 

 

This was an excellent article on why it is more important than ever to accurately document your company-specific risk exposure. The SEC Top 10 List of most frequently questioned issues over the last two years includes “Ineffective internal or disclosure controls”, an area that we believe will be receiving even greater scrutiny in light of the recent Sarbanes-Oxley 404(b) exemption for non-accelerated filers.

 

You can read the full article here.

 

0 Comments Click here to read/write comments
Tags: , , , , , , , , , , ,

SOX 404(b) Exemption was Passed with the Wall Street Reform Act – But Non-Accelerated Filers are Still On the Hook for Robust Internal Controls around Financial Reporting

Posted by Teresa Bockwoldt on Thu, Jul 29, 2010 @ 09:45 AM
  | Share on Twitter Twitter | Share on Facebook Facebook | Submit to Digg digg it |  Share on LinkedIn LinkedIn 

 

Now that the wait for the 404(b) reprieve is over, it appears that a new trend is emerging to investigate 404(a) statements more closely, as expressed in recent articles on investor and auditor sentiment regarding the legislative change. We are hearing from auditors directly that they will be applying more scrutiny to 404(a) statements made by their clients in their financial reports, to ensure that there is a real basis for self-certification. The newly aggressive SEC and DOJ are expanding personnel and focusing on Corporate Governance and the role of Audit Committees, Directors and Company Officers in Compliance and Financial reporting.

 

Section 404(a) includes many of the same requirements that 404(b) sought to examine:

  • The annual assessment must be performed by both a Competent and Objective party per SEC guidelines.
  • Companies must still include a certification by the Chief Executive Officer and Chief Accounting Officer that they tested financial controls as part of annual yearly 10K  statements.
  • The establishment and documentation of internal controls around financial reporting and the systems used to produce financial reports (this includes IT-related controls).
  • Testing of these internal controls to prove that they are in place and functioning as specified.
  • Attestation (Section 302) by executive management that all controls are in place and have been tested as working.
  • Compliance with this legislation since 2007 (which means you should have been doing this, per existing law, for the last 3 years already).

 

While many wonder if the “self-certification” aspect lets the auditors off the hook, it may become a new yardstick by which external auditors will evaluate annual financial reports, and hence many of the same questions asked during a 404(b) audit will still apply. If auditors cannot find basis for these certifications, it may open up a new area of investigation that could inevitably lead to the same type of scrutiny (and cost) applied to a 404(b) implementation engagement.

We believe that companies would be well-served by being prepared for these types of inquiries from both their investing public and their external audit partners.

 

1 Comments Click here to read/write comments
Tags: , , , , , , , , , ,

Insurance Companies will be subjected to SOX-like Standards in 2010

Posted by Teresa Bockwoldt on Mon, Oct 26, 2009 @ 11:25 PM
  | Share on Twitter Twitter | Share on Facebook Facebook | Submit to Digg digg it |  Share on LinkedIn LinkedIn 

 

The National Association of Insurance Commissioners (NAIC - the organization of state insurance regulators for all 50 of the United States, Washington DC, and five US territories) adopted the Model Audit Rule (MAR). The MAR rules are very similar to the SOX/404 rules and become applicable in 2010. I recently commented on an article about this topic from Insurance and Technology blog by Don Goodenow, StoneRiver. Read the article and my comments here.

By Teresa Bockwoldt MBA, MST

CEO and Co-Founder of Vibato®, LLC

tbockwoldt@vibato.com

Office: 415.240.4867 | Mobile: 707.477.0008 | Fax: 888.407.7725

 

0 Comments Click here to read/write comments
Tags: , , ,

Internal Audit Teams Come Up Short

Posted by Teresa Bockwoldt on Mon, Oct 26, 2009 @ 11:19 PM
  | Share on Twitter Twitter | Share on Facebook Facebook | Submit to Digg digg it |  Share on LinkedIn LinkedIn 

 

I recently had the privilege of commenting on a great article from Matt Kelly, editor-in-chief of Compliance Week.  The article discusses the strains put on internal audit teams.  Check out the article and my comments here.

By Teresa Bockwoldt MBA, MST

CEO and Co-Founder of Vibato®, LLC

tbockwoldt@vibato.com

Office: 415.240.4867 | Mobile: 707.477.0008 | Fax: 888.407.7725

 

1 Comments Click here to read/write comments
Tags: , , , ,
All Posts