Could Sarbanes-Oxley Benefit Non-SEC-Registrant Audits?

CPA Journal, The, Jun 2006 by Drexler, Peter M

Reacting to the accounting abuses observed at Enron, the writers of the Sarbanes-Oxley Act of 2002 (SOX) felt a need to enhance the independence of SEC financial statement audits by shifting responsibility for audit oversight and auditor selection to an audit committee composed of three independent directors, and prohibiting auditors from providing certain consultation services to audit clients. Congress also addressed corporate internal controls by mandating that managements of registrant companies document and test internal controls over financial reporting and that auditors issue opinions on management's internal control efforts.

Non-sec-registered entities, including governments and not-for-profit organizations, face pressures similar to those present in for-profit corporations to mismanage accounting, mislead their auditors, or influence auditor judgment with lucrative consulting projects. Third parties for nonregistrants, such as banks, venture capitalists, hedge funds, and regulators, are just as vulnerable to financial reporting abuses as are investors in publicly traded companies. Many nonregistrant companies must comply with loan and bond covenants, obtain financing, report to minority shareholders, and comply with regulations in ways that may create temptations to engage in accounting abuses.

Recent Audit Failures and Their Implications

Audit failures in the non-sec sector of the economy do not receive the same media attention as the disasters at Enron and WorldCom have, but they exist just the same. Discoveries of fraud in Nassau County's school system led New York State Comptroller Alan Hevesi to reinstitute the state's school audit department and hire 89 auditors, because audit failures were so pervasive. It was 20 years ago that New York State first decided to rely on independent auditors when it discontinued its audits of school boards.

The James Beard Foundation's executive director mismanaged that non-profit organization, whose mission is to provide scholarships to aspiring chefs, by disbursing merely $29,000 in scholarships out of total revenues amounting to $5 million. Investigators found that the executive director had also misspent hundreds of thousands of dollars as well, and he has confessed to fraud charges.

There is no doubt that these organizations would have benefited from documented internal controls and capable auditors testing those controls and reporting on results. Perhaps independent audit committees would have selected more-capable auditors or would have been aware of abuses before they got out of hand. SOX section 209 clearly states that the act was not intended for "small and medium-sized" entities, but it did admonish state regulatory authorities to "make an independent determination of the proper standards applicable" for those entities not covered by the act.

The Texas State Board of Public Accountancy commissioned a task force to evaluate its public accounting statutes to determine whether SOX-type changes would or should be recommended. The executive summary of the task force report identified public interest entities (PIE) as those where significant numbers of stakeholders make investment, credit, or similar decisions-including pension plans, banks, insurance companies and school districts-and, therefore, would possibly benefit from reform. The description of PIEs could be expanded to include companies with gross revenues exceeding, perhaps, $10 million or assets exceeding $50 million.

Whether or not SOX-type legislation would result in improvements to corporate governance for PIEs or other nonpublic entities, the task force concluded that Texas "should not enact laws that unfairly impact the state economic climate compared to other states." It also concluded that the only way effective reform should be enacted is through consistent national standards rather than "a myriad of state-specific standards."

In other words, no state is willing to "go it alone" in adopting SOX-type reform of audits, for fear of losing business to other states, and the result of states adopting varying versions of reform would be regrettable. As it is, the auditing profession is diverging into two sets of audit standards because of SOX. However, the Texas Board's report stated repeatedly that it would be glad to comply with national standards, which would logically flow, in my opinion, from the AICPA's Auditing Standards Board.

Weighing the Cost

Are there benefits to be derived from the costs of complying with SOX? How can one measure the economic benefit of avoiding employee fraud or corporate bad acts that could result in billion-dollar classaction lawsuits? For example, Merck is embroiled in product-liability lawsuits that may result in losses exceeding $14 billion because it allegedly sold Vioxx while clinical tests indicated it increased the risk of heart attacks from prolonged use. SOX-type improved internal control administration and audit reporting may prevent other companies from making similar errors, but how can the value of improved corporate governance be measured?