The Securities and Exchange Commission recently announced a set of guidelines meant to clarify the implementation the financial reporting requirements of Section 404 of the Sarbanes-Oxley Act (SOX). The suggestions are part of a two-part package made by the SEC and the Public Company Accounting Oversight Board (PCAOB), whose recommendations will be released at a later date.
“In the absence of guidance, management has looked to the PCAOB’s auditing standard to conduct their evaluations, which is not what was intended,” said SEC Chairman Christopher Cox. “With this guidance, management will be able to scale and tailor their evaluation procedures to fit their facts and circumstances, and investors will benefit from reduced compliance costs.”
The proposed guidelines are built to reduce a company’s uncertainty about what constitutes a reasonable approach to management’s evaluation without forcing companies that are already successfully handling their assessment procedures to change.
Section 404(a) of SOX required a company’s annual reports to contain a statement of management’s responsibility for maintaining (1) adequate internal controls and (2) procedures for financial reporting, along with a statement by management about the overall efficiency of these two items. The new guidelines, however, allow companies to apply a more interpretive approach to evaluation.
The guidance is based on two principles. “First, management should evaluate the design of the controls that it has implemented to determine whether there is a reasonable possibility that a material misstatement in the financial statements would not be prevented or detected in a timely manner,” the SEC said in a release. “This principle promotes efficiency by allowing management to focus on those controls that are needed to prevent or detect material misstatement in the financial statements.”
“Second, management should gather and analyze evidence about the operation of the controls being evaluated based on its assessment of the risk associated with those controls,” said the commission, adding that this principle “allows management to align the nature and extent of its evaluation procedures with those areas of financial reporting that pose the greatest risks to reliable financial reporting.”
The SEC hopes that the proposed guidance will allow smaller companies, who have been more severely hit by the evaluation requirements of SOX, to scale back their evaluation procedures to fit their own circumstances. Still, the commission insisted that the new guidelines were not meant to reduce the investor protection offered by SOX.
“The guidance proposed today is an important step in… improving the implementation of Section 404,” said John White, Director of the SEC’s Division of Corporate Finance. “At the same time, the guidance maintains the important investor protection objectives of bringing information about material weaknesses into public view and fostering the preparation or reliable financial statements in an effective and efficient manner.”
House Financial Services Committee Chairman, and co-author of the act, Michael G. Oxley (R-OH) offered his blessing to the Commission’s recommendations calling them “a welcome step forward in the law’s implementation.”
“I believe the guidance will help companies to achieve a better balance between management and external auditors, and internal controls will be focused on the areas of greatest risk,” said Oxley. “Chairman Cox, the commissioners, and SEC staff are to be commended for their diligent efforts to make this controversial section of Sarbanes-Oxley more practical and adaptable.”
The PCAOB will release companion standards that will govern the auditing of a corporation’s internal control over financial reporting at a later time.
Source: Jacob Barron, NACM Staff Writer, and the SEC