Dale Halling wrote this comment on one of my articles:
Government in the form of Fannie, Freddie and Sarbanes Oxley are why we are in this economic downturn. But those in government never want to take responsibility and their solution to all problems is for more government.
Sarbox has failed to achieve any of its goals and is killing US innovation (see http://hallingblog.com/2010/01/04/sarbanes-oxley-obstructing-innovation/). In 1996 the US had 60% of the worldwide IPOs in 2005 we had only 20%. Unfortunately, SOX is just one of several laws since 2000 we have passed that are killing innovation in the US. The incredible innovation of the 90s was based on technology start-up companies built on intellectual capital, financial capital, and human capital. All three of the pillars have been under attack since 2000. Our patent laws have been weakened reducing the value of intellectual capital. Sarbanes Oxley has made it impossible to go public reducing financial capital for start-ups and the FASB rules on stock options have made it harder to attract human capital to start-ups. The Decline and Fall of the American Entrepreneur: How Little Known Laws and Regulations are Killing Innovation http://www.amazon.com/Decline-Fall-American-Entrepreneur-Regulations/dp/1439261369/ref=sr_1_1?ie=UTF8&s=books&qid=1262124667&sr=8-1, explains these problems in more detail.
My response to Dale
Thank you for your response. I always appreciate people's views on this issue and sounds like you have some strong opinions.
I checked out your website and since you are a law firm, I assume you have some experience hearing the cries of people who are subjected to SOX standards while reviewing their 10Q's/K's and possibly from companies who are thinking of going public, etc. My guess is that is the extent of your experience with the topic and thus; your perspective ends there. I am assuming you have never actually implemented Sarbox so I’d like to shed some light on the truth of the situation.
I enjoyed your reference to the articles but I think your direction is somewhat misguided and only one perspective. I can quote you several articles that claim Sarbox is directly responsible for an upsurge of IPOs from this year rather than ‘killing US innovation’ which caused me to literally laugh out loud (thank you for that, I needed that chuckle).
As indicated by data published in some previous posts here, non-accelerated filers have a 46% higher likelihood of a restatement (Sarah Johnson, CFO.com, December 2, 2009). We here at Vibato see the financial data produced from non-accelerated filers, accelerated filers, non-profits, etc. daily and initial SOX implementations can be downright scary! We have seen financial data that is inaccurate, NASDAQ-listed companies who use a paper ledger to support their $100M in annual revenue and who have no systematic general ledger system, support for financial data that has been either thrown out or assumed, segregation of duties that is inadequate, etc. I have had countless conversations with executives about how they should reconsider giving their AP Clerk the check stock, access to print checks, and the check signing equipment (think cleaning out the bank account - assets of the shareholder - and fleeing the country). Of course, not all non-accelerated filers fall into this "scary" category but I have yet to find a company that did not benefit from a 404(a) implementation in some way. Our experience suggests that a significant number of non-accelerated filers have inadequate structure and insufficient accounting talent to properly protect them from their own mistakes. This has and can lead to restatements, shareholder lawsuits, management changes, and even personal accountability being pursued. The SOX legislation seeks to help formalize accounting procedures, which can facilitate more reliable financial statements and improve internal business processes.
Dale, it would seem that you would not have day-to-day dealings with non-accelerated filer data. Please correct me if I am wrong but I would venture to guess that you haven't spent any time performing a SOX implementation for a non-accelerated filer. You may have spent time with the executives of these companies, who I am certain assume that their financials are correct. And I am certain you have listened to their cries about the costs, and how SOX has only been successful at employing auditors and lining their pockets. However, some of the data published suggest otherwise and is in line with our own experiences. For example, of the 366 companies who received a qualified opinion through May 2, 2005, 94% of them claimed a clean internal control infrastructure in the 302 certifications in the previous quarter to their qualified opinion (Compliance Week SOX 404 Deficiencies Preceded By "Effective" 302 Reports by Melissa Klein Aguilar - July 26, 2005). What this shows is that there are many assumptions being made about what internal controls are and their assumed effectiveness, or very little awareness as to what is really happening inside the company. Additionally, to be clear, a qualified opinion is something that could cause a material misstatement to the financials, and not limited to just someone forgetting to approve a $25 expense report.
I have personally implemented over 70 SOX engagements and I have seen many benefits first-hand. I also understand that a lot of the negative press SOX has received is in some cases real and warranted. I have battled with external audit firms and seen Board of Director meetings almost turn violent over outrageous auditor claims that were in no way in the benefit of the shareholders from my perspective. The 404(b) aspects of my job are by far the most laborious and challenging; especially when working with the largest firms who have varying degrees of experience and business knowledge across their resource pools. But, I also understand why external auditors often behave the way they do; the legislation has put them in a difficult position to objectively evaluate their clients while relying on those same clients for their business. In addition, those same external auditors are personally and professionally liable for the quality of their audits, which further erodes their ability to rely on any historical knowledge or good "intent" based on experience with their clients. Auditors can be fined, sent to jail, fired, sued, stripped of their credentials by the PCAOB, etc. Based on these potential risks, I can appreciate when an auditor may be paranoid, and drive them to over-scope the project as a as an attempt at the highest assurance they can achieve given the situation. The auditor is put in a precarious position. It seems that they must choose to inadvertently or otherwise over-scope the audit ($) to attempt to maximize their confidence, and risk upsetting the client who could take their business elsewhere, or attempt to serve the cost-conscious demands of the client and increasing their own risk and exposure. I have always thought this is a practical conflict of interest, requiring a for-profit industry to try to act in the best interest of the public.
Rather than having the external auditing firms perform 404(b) audits and then having the PCAOB come around and review the quality of their audit, why not take out the middleman and have the PCAOB perform the 404(b) audit on the client and charge a flat or market-rate fee for this service? Or, why not impose a market cap on the costs an external auditing firm can charge based on a pre-defined set of risks and/or exposure that has been tested and approved by the broader industry? This type of sanction can be seen in other areas such as contingency caps on lawyer fees associated with Workers Compensation lawsuits, etc. Since at least some of the statistics show non-accelerated filers can benefit from 404(b) audits, and since this legislation was imposed by the government as a way to provide a level of shareholder confidence, it would seem only prudent to have a somewhat standardized level of review available to all public companies. This type of approach could certainly begin to address the cost concerns and level of inconsistency across the self-reporting data being referenced in many of the recent reports published.