A lawsuit challenging the consitutionality of the Sarbanes Oxley Act of 2002 (SOX) is scheduled for review by the Supreme Court on Monday, December 7.
Key provisions of SOX are under attack. It is possible that SOX will be either voided or scaled back in the near future, threatening the very existence of the Public Company Accounting Oversight Board (PCAOB). The PCAOB was created by SOX for its implementation and administration. I hope the PCAOB is able to survive. We need it. Here’s why.
In reaction to (1) many scandals, most notably WorldCom and Enron, and (2) a decades long history of ineffective auditing by the Big 8-7-6-5 auditing firms that contributed to the scandls, Congress passed SOX to help clean up financial reporting in the USA. Did it nead cleaning up? Most certainly. At that time the US clearly had the best accounting standards (rules companies follow as they prepare financial statements) in the world. But some companies were in non-compliance and audit firms were not forcing companies to comply.
The key provisions of SOX are:
- Responsibility for the accuracy of financial statements clearly is placed on corporate executives. The CEO is required to sign a statement that the financial statements are correct. Violations leading to convictions result in jail time.
- Corporations had to secure an audit of their internal controls, and append the resulting auditor’s opinion to the financial statements. The intention was to give investors some assurance as to whether or not the internal controls were functioning well enough to ensure accurate data from which the financial statements would be prepared. No more GIBO (garbage in, garbage out). Generally accepted audit standards and various SEC provisions already had established that internal controls were to be present.
- A PCAOB (Public Company Accounting Oversight Board) was established (appointed by the SEC) to police the auditors. This policing took the form of annual inspections of the big boys, three year inspections of the smaller firms.
SOX should be retained because of these three provisions. Each of them is essential for U.S. capital markets.
SOX is widely credited with saving the audit profession in the USA. And by so doing, capital markets in the U.S. were revitalized and rebounded from the wipe-outs of the early 2000s. Without governmental pressure on auditors (through PCAOB auditor inspections), there is no reason to think that audit firms would ever have had the backbone to stand up to corporate America. After all, the US had been plagued by bad auditing since the formation of the SEC in 1934. This was fairly natural, as theorists explained that in the agency relationship between corporate management and audit firms, corporate had all the power. If audit firms felt too abused, they could always walk away from the engagement (refusing paying engagements is the functional equivalent of cutting off your nose to spite your face).
In 2002, all the large audit firms were beset with numerous lawsuits, and Arthur Andersen (bluest of the blue chips) was driven out of business for very shoddy auditing. Litigation payments were an accepted cost of doing business for the audit firms. There was even a theory developed as to how large litigation costs would have to be before auditing became an unviable line of business (20-25%).
To be sure, the business scandals revealed in the early 2000s were the fault of so many corporations trying to get away with as much as possible. However, audit firms let them do it! Hundreds of Arthur Andersen cartoons appeared in newspapers and on the web, poking fun at unethical, unscrupulous and foolish accountants. The most famous cartoon appears on the right. I don’t doubt that the US was getting closer to having governmental audits of financial statements instead of independent public auditors.
Overnight after SOX passage, the image of accounting firms and accountants cleared up. Stock markets eventually rebounded. SOX is directly and solely responsible for restoring investor confidence both accounting statements and the financial markets. Investors supported all three key provisions of SOX. Generally speaking, they felt the benefits received were worth the implementation costs.
In the early years, the price tag for implementing SOX within a company was nearly as high as audit fees (some very large companies spent as much as $100 million per year to become SOX compliant). Companies employed two Big 4 firms, one to help them create and implement internal controls, and the other to audit them.
Audit firms especially favored SOX. Why shouldn’t they? It was all about money, gobs and gobs and gobs and heaping gobs of money. The firms should have been socked with a windfall profits tax. The infusion of fees contributed greatly to Big 4 expansion, increased firm capital and increased partner wealth.
However much U.S. audit firms (and investors) loved SOX, corporate America despised it. Now in a position of being forced to comply with U.S. GAAP, SOX roll-back became a priority. It is rumored that President George H.W. Bush, approved a push to the more lenient IFRS as his way of apologizing for inflicting SOX on corporate America.
Of the nearly 10,000 SEC registrants, the large majority of the smaller companies (with less than $250 million USD market capitalization) feared SOX because they could afford the exorbitant audit fees to become SOX compliant. Also, European companies have hated and despised SOX provisions, and they haven’t even been under its influence. They can to prevent it from skipping the Atlantic.
The attack on SOX took three fronts. First, a lawsuit challenging the constitutionality of SOX was filed. Second, European finance commissioner Charlie McGreevey used both public comments and private negotiations to prevent PCAOB inspection of European audit firms. Third, smaller SEC registrants were repeatedly successful in getting the SEC to delay SOX requirements. In the last year, with the SEC announcement of no more deferrals, legislation was introduced in Congress to permanently exempt smaller SEC registrants from SOX provisions.
Let’s summarize. Company executives do not like being responsible for their company financial statements. Corporations do not like the huge cost of implementing and maintaining a system of internal controls. Corporations do not like being forced by audit firms (backed up by the PCAOB) to prepare financial statements that faithfully comply with generally accepted accounting principles. And European companies fear these provisions so much that they will pay any price to preclude SOX look-alike laws in the European Union. Forcing U.S. companies to be SOX compliant when their European competitors aren’t places them at a distinct competitive disadvantage.
Now, why should SOX and the PCAOB be retained as originally designed? Because SOX has been effective in restoring the capital markets of the U.S. to working order. Primarily, SOX has been effective because the PCAOB forces auditors to do what they’ve always been expected to do. Without SOX and the PCAOB, we will soon go back to an environment of ineffective auditing and corporate mis-reporting.
All three key provisions work together. Many corporate executives take seriously the penalties if the financial statements bearing their names are found to be purposefully inaccurate. Ad hoc stories about of top down pressure brought to bear on corporate staff accountants to get the numbers right. Removing this first key provision will effectively shift responsibility for financial statement accuracy from a person to the corporation. This is silly. Corporations act at the direction of people, they have no will or purpose of their own. If this attack on SOX is successful, it will be tantamount to saying that no one is responsible for the accuracy of corporate financial statements. If no one is responsible, then it (accurate financial statements) need never (and probably won’t) ever occur.
The need for internal controls over financial accounting information has been recognized for decades. That’s why it has always been required. Unfortunately, the requirement has never been enforced. SOX calls for its enforcement. An interesting question posed over on AECM is whether or not the financial statements can be trusted at all if auditors fail to give the internal control system a clean bill of health. Don’t be silly. Of course they can’t. Once upon a time in America there existed blue sky securities. these were securities offered for sale in the 1920s that had no more than blue sky (air) to prop up their value. Without sound, reliable data, there can be no such thing as sound, reliable financial statements. And without a functioning system of internal controls there can be no sound, reliable data. A corporate claim that internal controls are too expensive is the same as claiming that accurate financial statements are too expensive.
And of course, PCAOB inspections of auditors were just what the markets needed. Auditors now have the backbone to stand up to companies. Large auditor deficiencies identified by the PCAOB made front page news in Europe, although the news was less prominently reported in the U.S. Did publication of audit efficiencies have an effect. Most definitely, based on rumored words from within firms.
Proof of SOX and the PCAOB effectiveness is found in the strength of corporate opposition.
What will happen if the SEC declares SOX unconstitutional and voids it. None of its three provisions will be brought back. At the end of 2009, corporate lobbying is intense. Corporations are pulling out all the stops in order to (1) get GAAP thrown out in favor of IFRS (to get more flexible accounting rules), (2) influence the FASB and IASB over fair value accounting. Lobbying will become even more intense if lease accounting rules are changed in favor of investors. Congress will neither care to, or understand the need to, reinstate a constitutional form of SOX.
Even if SOX is found to be constitutional, SOX key provisions may be repealed or scaled back in Congress. Measures have been introduced to (1) rescind the requirement for CEO certification of the financial statements, and (2) permanently exempt small and medium cap companies from SOX’s internal control requirements. A challenge to PCAOB is next. Neither corporations nor audit firms appreciate PCAOB’s inspection function. Corporations have no need of auditors with backbone, and favor dissolution of the PCAOB. Auditor firms are painfully stung by PCAOB inspections and would just as soon see it disappear.
Debit and credit – - David Albrecht