Everybody hated Sarbanes-Oxley in 2002. There was no question that the scourge of white-collar crime — at Enron, at Worldcom, at Tyco, at some other blue-chip company seemingly every month — necessitated regulatory response. But this was too much. This was too wide ranging. This was too onerous. This was too expensive.
Well, 10 years later, it turns out that the Sarbanes-Oxley Act, which mandated more rigorous accounting standards for all public companies in the United States, helped businesses enhance their financial reporting. Proviti, a consulting and internal audit subsidiary of Robert Half International, recently conducted a survey to gauge how the reform changed accounting procedures in this country.
“Sarbanes-Oxley has had its share of controversy in the past, but nearly 70% of respondents in our survey reported that the internal control over financial reporting structure in their organizations has improved since compliance with Sarbanes-Oxley Section 404 became a requirement,” said Brian Christensen, Protiviti’s executive vice president of global internal audit.
And almost everyone surveyed expects their reporting process to continue to improve. More than four out of five respondents (83%) said their companies plan to further automate the process. On the one hand, that means more investment into a compliance budget-line item that did not even exist in 2001. On the other, a more-automated process will seemingly make it even more difficult for unscrupulous fraudsters to pilfer company revenue.
Ultimately, that means that the law is now doing what it was designed to do. There are two related reasons for this transformation: the SEC clarifying the law’s intention and companies making their compliance more efficient.
When the act was passed, the requirements forced companies to do what most considered busy work. They had to duplicate the efforts of other departments and perform tedious, inconsequential tasks. “Process controls,” as Proviti’s report calls them. But since SOX was passed, the SEC better clarified the spirit of the law away from box-checking and towards actual risk avoidance. The result, according to the report, was a “downward trend” in process controls that was “likely due to the emphasis on a top-down, risk-based approach supported by the Securities and Exchange Commission narrowing the focus to what really matters.”
So while SOX remains a financial and personnel burden in several ways, at least some companies now, 10 years later, feel like it has actually led to something worthwhile—both for the companies themselves as well as the regulators.
“Over the past decade, opinions of SOX have evolved as much as the law itself,” said Christensen. It has taken billions of dollars, just as many complaints and perhaps even more executive headaches, but that opinion has now — against all odds — skewed favorably.