Financial reporting has been dissected over and over again by legislation. The U.S. Securities and Exchange Commission (SEC) hold the key to providing protection and integrity when companies are submitting their financial statements. Although their mission is to provide order and efficiency for financial markets, insidious plans are still developed by companies which ultimately result in turmoil to the economy. To provide a safeguard to investors, the Sarbanes-Oxley Act (SOX) was passed by congress in 2002, which was constructed because of fraudulent acts of well-known companies such as Enron. Before the SOX was inaugurated, two sets of accounting rules were used as guides for CPA firms.
These two practices were GAAP, which stands for Generally Accepted Accounting Principles and GAAS, which stands for Generally Accepted Auditing Standards. Creditability was the basic foundation for both of these principles, but had to be enforced with the Sarbanes Oxley Act when corporate scandals became prevalent. In order to gain a better understanding of SOX, which has superseded the rules of GAAS and GAAP, an analysis was conducted on four issues that relate to the Act. The four issues at hand are: the CEO’s and CFO’s of public companies, Section 404 on internal control, the main advantages and disadvantages, and what changes should be made to SOX. Finally, a discussion about how legislation cannot guarantee the accuracy of public financial statements will be examined. Along with this issue, Team Nitpickers will dig deeper and look into reasons as to why CEO’s and CFO’s are paying closer attention to this law.
The CEO’s and CFO’s of Public Companies
This section discusses how Section 404 of the SOX is likely to affect the issue of internal controls. Section 404 was intended to enhance the quality of reporting and increase investor confidence (Office of Economic Analysis, 2009). Section 404 of the SOX, entitled Management Assessment of Internal Controls, requires each annual report of a company to contain an "internal control report" to contain the following (AICPA, 2006): (a) state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and (b) contain an assessment, as of the end of the company's fiscal year, of the effectiveness of the internal control structure and procedures of the company for financial reporting. Companies are not required to start complying with Section 404(b) until public float reaches $75 million (Office of Economic Analysis, 2009). Each company's auditor shall attest to, and report on, the assessment made by the management of the company. The audit committee utilizes the internal control system to report its investigation of a company's financial activities. Auditors must “test” the scope of a company’s internal control procedures and present its findings in its annual audit report. The annual audit report is submitted to the corporate board of directors for review. The audit report must include an evaluation of whether the internal controls provide both a system of maintaining records that fairly and accurately reflect the company’s transactions, and a reasonable assurance that transactions are recorded in accordance with the preparation of GAAP financial statements. The audit report must also contain a description of any material weaknesses in the internal controls and any material noncompliance (Bloch, 2003). Once the report has been reviewed by the corporate board of directors, it is submitted to the SEC.Management has a great deal of flexibility in designing and implementing their internal control program — much more than is available to the external auditor (Auditors, 2008).
By effectively overseeing management and addressing the risk of management override, audit committees increase the likelihood of preventing, deterring, and detecting...