SEC augments Sarbanes-Oxley with additional rules

WASHINGTON: In yet another instance of a seemingly continuous flow of new SEC rules resulting from last year's landmark corporate reform legislation, the Sarbanes-Oxley Act, the commission has issued a new rule requiring companies to detail and rate the type of financial oversights and controls that they have in place at the end of each fiscal year.

WASHINGTON: In yet another instance of a seemingly continuous flow of new SEC rules resulting from last year's landmark corporate reform legislation, the Sarbanes-Oxley Act, the commission has issued a new rule requiring companies to detail and rate the type of financial oversights and controls that they have in place at the end of each fiscal year.

The SEC issued several requirements for what it calls "Management's Annual Internal Control Report."

These include a statement from management declaring its "responsibility for establishing and maintaining adequate internal control over financial reporting;" a statement by management discussing how its internal controls should be measured; an assessment of the "effectiveness" of this oversight; and a final statement that the company's auditor issued a report attesting to management's assessment.

The new regulation was born out of Section 404 of Sarbanes-Oxley. The section required the SEC to put in place rules that are designed to provide investors with information about the audit controls in place at public companies. The report on these matters is to be published with each firm's annual report.

The essence of the rule is that companies must maintain "internal control over financial reporting." The rule goes on to state that living up to this key phrase will require companies and top executives live up to three standards: that firms keep detailed and accurate financial records; that companies assure investors that all financial records are made in accordance with normal accounting standards and guidelines and that company transactions are authorized by the management and board of directors; and that firms "provide reasonable assurances" that controls are in place to prevent unauthorized use of company assets.

The SEC also adopted a rule requiring companies to perform "quarterly evaluations of changes" that are likely to affect oversight.

The rule is the latest Sarbanes-Oxley-related requirement designed to put in place regulations to prevent many of the jarring corporate scandals that have occurred during the past 18 months, such as Enron, WorldCom, Tyco, and HealthSouth.

The new rule will go into effect in late June 2004 for most companies. The long delay is due to the concern that the requirements will be costly and force companies to expend a significant number of newly dedicated resources. At the meeting where the rule was approved, Roel Campos, an SEC commissioner, acknowledged that the new rule would increased costs for corporations, but added "the results will be valuable to the investment public," according to published reports of the meeting.

The rule on corporate audit control disclosure is just the latest Sarbanes-Oxley-prompted SEC regulation that corporations and IR professionals are forced to grapple with.

So far, the SEC has adopted rules that cover non-GAAP or pro-forma financial disclosures, and corporate attorney conduct, among other areas of disclosure and governance.

There has been quiet grumbling in corporate America that regulations generated by Sarbanes-Oxley are becoming burdensome. A poll of top executives conducted earlier this year by PricewaterhouseCoopers found 58% either described the act as "well meaning, but costly" or "hasty and ill-considered."

Those complaints got a boost from an unlikely source last week when former SEC commissioner Harvey Pitt publicly criticized the landmark legislation as "not the answer to the problems of the business community" and "badly drafted, badly conceived legislation."

New SEC requirements

Under the recent rules established by the SEC, the "Management's Annual Internal Control Report" will have to contain:

- A statement of management's responsibility for establishing and maintaining adequate internal control over financial reporting for the company

- A statement identifying the framework used by management to evaluate the effectiveness of this internal control

- Management's assessment of the effectiveness of this internal control as of the end of the company's most recent fiscal year

- A statement that its auditor has issued an attestation report on management's assessment

Source: www.SEC.gov

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Register
Already registered?
Sign in