Monday, February 28, 2005

Forbes.com: Julia A. Stewart, IHOP CEO

700 million pancakes are served at the International House of Pancakes each year, despite any low-cal, low-carb or low-fat diet trends. IHOP's chief executive, Julia A. Stewart, says it's because IHOP customers are looking for a little bit of indulgence--perhaps of the chocolate chip, banana nut or buttermilk variety.

What is the worst thing about being a CEO?

"The administrative part," said Stewart. "All this 404 Sarbanes-Oxley work drives me crazy. If you know anything about Sarbanes-Oxley or 404 it's all this work that Congress has enacted and it's very time consuming. When I'm doing that I'm not necessarily adding any value to my guests, my employees."

Forbes.com: Julia A. Stewart, IHOP CEO

Tell us what you think. (1) comments.
Send to a friend:   

Sox on the Rocks

After a deluge of complaints by such organizations as the American Bankers Association and the American Electronics Association that Sarbanes-Oxley is wreaking havoc on small business budgets, the SEC in late December formed the SEC Advisory Committee on Smaller Public Companies to look at the problem and recommend reforms. The first order of business? Determining what constitutes a "small" business. Herbert Wander, the committee's co-chairman and a Chicago-based partner at law firm Katten Muchin Zavis Rosenman, will work with members to identify which kinds of companies would most benefit from reforms. "We need to figure out the different pressures on companies that have revenues of, say, $200 million versus $700 million," Wander says.

Sox on the Rocks

Tell us what you think. (0) comments.
Send to a friend:   

Witness calls Scrushy 'commander in chief'

A prosecution witness put the HealthSouth Corp. fraud into military terms Monday, describing fired CEO Richard Scrushy as the powerful commander in chief of a rehabilitation chain relying on "covert operations" to meet Wall Street forecasts.

"It was just inconceivable that something this massive was going on without his knowledge," said Ken Livesay, a former assistant controller who pleaded guilty in the scheme.

The depiction was at odds with defense attempts to portray another Scrushy aide, former chief financial officer Bill Owens, as the mastermind of what prosecutors contend was a $2.7 billion earnings overstatement.

"Mr. Scrushy was the commander in chief. He had some generals who reported to him, and he had some captains, and he had a lot of lieutenants. I was a lieutenant," said Livesay.

Witness calls Scrushy 'commander in chief'

Tell us what you think. (0) comments.
Send to a friend:   

Nautilus CFO to retire

Rod Rice, chief financial officer of fitness equipment company Nautilus, plans to retire at the end of March. He will be replaced by William Meadowcroft, who joined Nautilus in 2000 and has served as the company's principal accounting officer, treasurer and corporate controller.

Vancouver, Wash.-based Nautilus (NYSE: NLS) said Meadowcroft spearheaded the company's compliance with Sarbanes-Oxley requirements, renegotiated credit arrangements for both consumers and commercial customers, and is consolidating financial systems and organizations following three acquisitions.

Meadowcroft has 20 years of accounting and finance experience, including eight with Deloitte & Touche in Portland and Ernst & Young in Providence, R.I. He was responsible for rebuilding the financial infrastructure of the American Automobile Association of Oregon/Idaho before joining Nautilus, the company said.

Nautilus CFO to retire

Tell us what you think. (0) comments.
Send to a friend:   

Judge sets January 2006 trial for Enron's Lay, Skilling

Yielding to defense requests for more time to prepare their case, a federal judge Thursday set a trial date for early next year in the fraud and conspiracy case against three former top executives of Enron.

Judge Sim Lake also sought to avoid conflicts with the year-end holidays in setting the trial date of Jan. 17, 2006, for Enron founder Kenneth Lay, former CEO Jeffrey Skilling and chief accounting officer Richard Causey.

The trial is expected to be the premier case to emerge from the Justice Department's investigation of a rash of corporate scandals that began with Enron's swift fall into bankruptcy after an accounting scandal unwound in December 2001.

The three former executives wanted a Dec. 1 trial; prosecutors wanted to begin in September.

Judge sets January 2006 trial for Enron's Lay, Skilling

Tell us what you think. (0) comments.
Send to a friend:   

Shift to Value: Driving Business Value Beyond Sarbanes-Oxley

Frontlines, a resource for governance practitioners and thought leaders, announces today that Roderick M. Hills, former SEC Chairman will chair the Frontlines Forum Conference this spring.
The Frontlines Forum conference theme 'Shift to Value,' will focus on how public companies can leverage the $6.1 billion(1) that is estimated to be spent in 2005 on Sarbanes-Oxley compliance. At the invitation-only conference, public company officers, directors and senior executives will learn about SOX 404 guidance, engage in active dialogue and develop new considerations designed to drive business value beyond initial compliance sign-off.

"Since leaving the SEC I have spent a considerable part of my life on corporate governance matters. One of my areas of focus is ensuring that the significant cost of complying with securities laws are not wasted. Sarbanes-Oxley presents a serious challenge to public companies," said Roderick M. Hills, partner at Hills & Stern LLC and former SEC Chairman. "It is for that reason that I am pleased to serve as Chairman of this year's Frontlines Forum."

Assisting Mr. Hills with the conference program are committee members Lee Dittmar, Principal, Deloitte Consulting LLP; Ellen M. Heffes, Managing Editor, Financial Executives International; and Vani Kola, CEO of Certus.

"Frontlines is designed to address governance and compliance issues and initiatives by bringing together leaders from public companies and governance bodies," said Vani Kola, CEO of Certus. "This year's conference, 'Shift to Value,' reflects my personal mission and that of Certus to assist companies in establishing good governance as a valued corporate asset."

Frontlines Forum 'Shift to Value' features speakers Susan Decker, CFO, Yahoo!; Dennis Powell, CFO, Cisco Systems; Lynn Sharp Paine, Harvard Business School; Michael Emen, NASDAQ; Mike Moran, Goldman Sachs; and Silvio Tavares, Corporate Executive Board, among others.

"Companies are coming to grips with the fact sustaining compliance with Sarbanes-Oxley is about more than accounting requirements, it's about strategy, process, people and technology. This year's Frontlines Forum is focused on the linkage between compliance requirements and building value from that effort. I am pleased to be a speaker at this year's Forum," said Lee Dittmar, keynote speaker at the Frontlines Forum and Principal at Deloitte Consulting LLP.

"With the advent of Sarbanes-Oxley and its Section 404, financial reporting must consider incorporating a thorough business narrative as well as demonstrating financial transparency," said Ellen Heffes, managing editor of Financial Executive magazine. "Information sessions such as the Frontlines Forum Spring Conference 'Shift to Value' can serve as important elements in creating that dialog."

Shift to Value: Driving Business Value Beyond Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

Ongoing Sarbanes-Oxley Activities for Internal Auditors

Many internal auditors are just now experiencing their first full year of helping their organizations comply with Section 404 -- the internal control reviews -- of the Sarbanes-Oxley Act (SOX). This has been a difficult experience for many internal auditors. Some have been very busy drafting test plans and helping their organizations achieve Section 404 internal compliance while others have stood on the sidelines as hordes of expensive consultants arrived to complete the work.

In either event, internal audit often did not have the attention of management to effectively perform their ongoing reviews of internal controls and other audit activities. For many, this first year of achieving Section 404 compliance has been a difficult and time-consuming task. And it is not over quite yet.

Even if they were not heavily involved with that first year of SOX Section 404 work, internal auditors are ideal catalysts to help their organizations to reevaluate and somewhat rethink that first and often very hard year of effort. Some SOX-related internal audit projects to help make the next year a perhaps a little more painless for an organization include...

Ongoing Sarbanes-Oxley Activities for Internal Auditors

Tell us what you think. (0) comments.
Send to a friend:   

Rackspace Managed Hosting Completes SAS 70 Certification; Rackspace Completes Sarbanes-Oxley Requirements for Enterprise Customers

Rackspace Managed Hosting today announced that it has successfully completed an examination in conformity with the Statement on Auditing Standards No. 70 (SAS 70), Type II report that was performed by independent auditor, Ernst & Young LLP.

SAS 70 is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants. A SAS 70 examination evaluates a service organization's controls as they relate to an audit of the financial statements of its customers and is often required by public companies and their auditors. Rackspace's SAS 70 certification enables the company to further its expansion in the enterprise market by delivering certification of the controls needed for Sarbanes-Oxley compliance.

Rackspace's processes, procedures and controls have been formally reviewed and evaluated, and meet SAS 70 standards. The audit evaluated Rackspace's controls related to service delivery and operations, infrastructure maintenance, customer implementation, change management, backup of programs and data files and logical and physical data center access.

"Our SAS 70 certification is the next level of Rackspace's Fanatical Support(TM) delivery and illustrates our commitment to the specific needs of enterprise customers," said John Engates, chief technology officer, Rackspace Managed Hosting. "Rackspace customers can be confident that our managed hosting services are consistent, safe and reliable and that they are compliant with emerging regulatory mandates."

Rackspace Managed Hosting Completes SAS 70 Certification; Rackspace Completes Sarbanes-Oxley Requirements for Enterprise Customers

Tell us what you think. (0) comments.
Send to a friend:   

Red tape could see CEOs in prison

Fears that businesses in Britain could fall foul of new laws, resulting in heavy fines and even prison sentences for offending CEOs, found some substance in a survey, the results of which were published today, showing that 40 per cent of UK companies have zero knowledge of the regulations they need to comply with.

"Failing to comply with regulations will leave hundreds of executives and their businesses in danger of loss of reputation, fines or - in extreme cases - imprisonment," warned Chas Moloney, general manager of business solutions marketing at Canon UK, sponsors of the survey, which polled 1,900 business decision makers and IT managers in Europe through CNET.

In the United States, the Sarbanes-Oxley Act came into force a year ago to provide stricter accounting controls in an effort to prevent the sort of malpractice that led to the Enron crisis, or avoid the loss of corporate data in the event of a catastrophic breakdown such as happened at the 9/11 disaster, as affected many businesses based at the World Trade Center in New York.

Today's survey suggests that outside the US, confusion reigns among business leaders over the amount of compliance that is expected of them when dealing with America, despite more than half of businesses saying that they are affected.

"With ever more red tape and regulation affecting day-to-day business activities, regulatory compliance has become a major issue for all areas of business," Mr Moloney said.

Red tape could see CEOs in prison

Tell us what you think. (0) comments.
Send to a friend:   

Saturday, February 26, 2005

JURISPUNDIT: Sarbox for the President

Many of the president's supporters might detest such an idea, but a Sarbox-style regulation should be welcomed by conservatives for obvious reasons. Although Republicans, and hence conservatives, control almost every aspect of government at the moment, it would be silly to assume that this will forever be the case. This type of regulation should be a welcome safeguard against irresponsible liberal spending habits, which as we have learned, aren't limited to liberals.

JURISPUNDIT: Sarbox for the President

Tell us what you think. (0) comments.
Send to a friend:   

Automated Sarbanes-Oxley Controls Assessment Now Available from Answerthink

Answerthink, Inc. announced the availability of an automated Sarbanes-Oxley controls assessment service that quickly and easily evaluates how effectively companies are using controls capabilities within Oracle, PeopleSoft, and other leading ERP systems. The service is designed to help companies lower the cost of financial controls related to Sarbanes-Oxley compliance, and provides detailed recommendations for how companies can further automate, strengthen, and standardize controls.

Answerthink is a strategic business advisory and technology consulting firm that enables companies to achieve world-class business performance. The new service is an extension of Answerthink's existing Sarbanes-Oxley Compliance Service offering, which helps companies meet the internal control requirements of Sarbanes-Oxley and concurrently improve business performance through the use of proven best practices from The Hackett Group, a business advisory firm and an Answerthink company.

Automated Sarbanes-Oxley Controls Assessment Now Available from Answerthink

Tell us what you think. (0) comments.
Send to a friend:   

Scrushy didn't know of fraud, aide says

A former HealthSouth executive testifying yesterday in the trial of Richard Scrushy didn't include the ousted chief executive among the people who helped pull off what prosecutors describe as a huge fraud at the medical-rehabilitation giant. Under cross-examination by Scrushy lawyer Art Leach, former assistant controller Ken Livesay listed himself and nine other people as members of "the family," the group that engineered the scheme to overstate earnings.

But Livesay — who pleaded guilty shortly after the fraud became public — didn't include Scrushy in the group, and he said he never told Scrushy about his discomfort after "aggressive" accounting at HealthSouth became outright fraud in 1996.

"Did you ever speak to Richard Scrushy about crossing that line?" Leach asked.

"I did not," said Livesay, who earlier testified that two superiors, finance executives Bill Owens and Mike Martin, told him Scrushy knew of the fraud.

Scrushy didn't know of fraud, aide says

Tell us what you think. (0) comments.
Send to a friend:   

Friday, February 25, 2005

Help is on the way: software for SOX compliance

Corporate spending on Sarbanes-Oxley (SOX) so far hasn't been the gold mine that software vendors have been hoping for. Compliance has been largely a manual effort, as companies work to document and improve internal controls under SOX Section 404. A recent AMR survey estimates that only 28 percent of SOX compliance spending has been for technology. The rest is for manpower: internal headcount (42 percent) and external consulting (29 percent).

But the ratio of manpower to software may be starting to change. Help is on the way: software for SOX compliance

Tell us what you think. (0) comments.
Send to a friend:   

Chairman Was Told Ebbers 'Did Not Know'

The former chairman of WorldCom Inc. testified Thursday that Scott D. Sullivan, the chief financial officer, told him in June 2002 that chief executive Bernard J. Ebbers "did not know of" the accounting tricks used to hide billions of dollars in expenses from investors.

Bert C. Roberts's testimony for the defense at Ebbers's criminal trial was in contrast to Sullivan's assertions earlier in the trial that he repeatedly told Ebbers in 2000 through 2002 that the company's accountants were making "adjustments that weren't right" in response to Ebbers's demands to "hit the numbers" for revenue growth and earnings that Wall Street was expecting.

Sullivan, who pleaded guilty to securities fraud, was the government's star witness and the only one to directly link Ebbers to the company's decision to falsely reclassify operating expenses known as line costs as capital expenditures.

Chairman Was Told Ebbers 'Did Not Know'

Tell us what you think. (1) comments.
Send to a friend:   

More Europeans Delist in U.S. to Escape Sarbanes

Like a growing number of European companies, the British biotechnology group has decided the cost of maintaining a secondary U.S. listing and complying with Sarbanes-Oxley corporate governance law is simply too high. So it will delist from the Nasdaq and deregister with the Securities and Exchange Commission (SEC) as soon as possible, saving $700,000 between now and mid-2006 and at least $400,000 a year thereafter.

"When you analyzed the situation, for us it was a no-brainer," Company Secretary Lee Greenbury told Reuters after announcing the plan on Friday.

Provalis is far from alone.

More Europeans Delist in U.S. to Escape Sarbanes

Tell us what you think. (0) comments.
Send to a friend:   

Security concern constant but not consistent

Research from Netegrity has shown that security remains a key issue for UK businesses, but its implementation in the face of current corporate pressures, most notably access management and regulatory compliance, is not consistent. The survey of 281 security and compliance decision-makers of UK businesses across a number of sectors, reveals that identity management; IT efficiency; and regulatory compliance are at the top of the security agenda for UK businesses. However, comprehensive access management systems have not yet been adopted by a significant number of respondents.

The company concluded that although IT efficiency is seen as a fundamental driver of security initiatives, many efficiencies that could be gained from having comprehensive access management systems are therefore being lost.

It appears, said the company , that regulatory compliance is not being given the attention it needs. Very few businesses were devoting a separate budget to compliance management and most saw Y2K as more of a threat.

Security concern constant but not consistent

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley: Driving the Storage Compliance Boom

No government or agency regulation has refocused the energies of IT administrators and storage professionals like the Sarbanes-Oxley Act. Broad in its reach, short on implementation specifics, and bristling with teeth, the act has sent IT departments scrambling to get a handle on the compliant storage of business data almost from its enactment in 2002.

Although the scramble isn't over — it's only now, after the Section 404 deadline, that audits and case law will begin to better establish the SEC's expectations — a few years of experience has given us a measure of the effect the act is having on the practice of data retention and protection.

Sarbanes-Oxley is ultimately an act that mandates financial accountability. It is not a records storage implementation guideline. It doesn't call for the retention of specific record types, nor require specific media, nor specify recovery time objectives for archived records.

"No one knows where the dividing line is between what they must keep and what they don't need to keep," says Al Stuart, chief strategist for IBM compliance and data retention solutions. So companies are taking an inclusive approach, storing everything that might have a bearing on financial reporting, and, in the words of Stuart, "in some cases they are claiming they are keeping everything forever."

Sarbanes-Oxley: Driving the Storage Compliance Boom

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, February 24, 2005

Webcast: Reducing Time and Costs Under Sarbanes-Oxley

The new regulatory environment under Sarbanes-Oxley (SOX) and the SEC continues to be a catalyst for change. SOX has forced companies to rigorously formalize what were once informal processes, which will have an impact on more than just financial controls. Systems and processes required for regulatory compliance can have a positive impact on cost, time, and quality aspects of financial reporting.

Nowhere is this change more evident than in the processes guided by Finance. Finance departments are evaluating their own organizations and seeking better ways to deliver existing processes, especially those associated with financial consolidation.

Reporting and consolidation are issues that should have been "resolved" years ago. Global 5000 companies have been deploying reporting and consolidation software for decades. Despite hefty reporting systems investments, obtaining useful information on a timely basis remains more difficult than it should be. Consequently, it takes longer to complete the financial close and distribute management information.

Webcast: Reducing Time and Costs Under Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

CFO Whistleblower Reinstated by Court

A federal judge has reportedly ordered the reinstatement of David Welch, a former CFO of Cardinal Bankshares Corp. Welch was the first person to win whistleblower protection under the Sarbanes-Oxley Act after he raised accounting questions at the company and was fired last year.

Besides getting his job back at the small Floyd, Va.-based bank, Welch won nearly $65,000 in back pay and damages in the Feb. 15 ruling by U.S. Department of Labor Administrative Law Judge Stephen Purcell, according to the Associated Press.

For a law governing financial fraud, the Sarbox whistleblower provision, Section 806, is unusually strong in terms of protecting an employee’s job, notes Dan Westman, a partner at Shaw Pittman, a law firm. Indeed, the Sarbox mandate of immediate reinstatement for the whistleblower resembles industry-specific labor laws aimed at protecting workers in the mining and nuclear-power sectors. Westman told CFO.com that regulators in those industries have relied for decades on whistleblower information to provide what he dubs “undersight”—information arising from the workforce that can prevent life-threatening negligence or wrongdoing.

CFO Whistleblower Reinstated by Court

Tell us what you think. (0) comments.
Send to a friend:   

Thought Leadership from an Enterprise Architect: Enterprise Architecture and Security Strategies

Been busy at work thinking about security strategies in context of Sarbanes Oxley and started to noodle the simple fact that bad guys don't honor non-disclosure agreements or any corporate handbook outlining conduct, values or ethics. Many cracks occur due to having access to the source code for proprietary systems. These folks use vulnerabilities against you and sell the information to their buddies and/or the highest bidder.

I came to realize that most folks go along the path of savage creation of comprehensive documentation in the name of security but do not think about how architecture can solve their problems. Being an advocate to the open source community, I came to realize that open source may provide some assistance in being compliant with Sarbanes Oxley.

Thought Leadership from an Enterprise Architect: Enterprise Architecture and Security Strategies

Tell us what you think. (1) comments.
Send to a friend:   

Former Exec: HealthSouth Had to Borrow

HealthSouth Corp. paid so much in taxes on bogus income it had to borrow money to make ends meet, a former executive testified Thursday at the fraud trial of former chief executive Richard Scrushy.

In his second day on the stand, former assistant controller Ken Livesay said he prepared a report in mid-1998 showing the rehabilitation giant had to pay $145 million in taxes on false income of $407 million when its real income was only $160 million.

"We weren't making enough money to pay our income taxes," he said.

Livesay said he showed the document to then-chief financial officer Mike Martin, who had asked him why the company was still borrowing so much money.

"It was like a light bulb went off in his head," Livesay said of Martin. "He grabbed the schedule from me and said, `I've got to show this to Richard,' and he walked out of the office."

Former Exec: HealthSouth Had to Borrow

Tell us what you think. (0) comments.
Send to a friend:   

We must learn to love compliance

Around the world a curious phenomenon is taking place. Boardrooms, previously distant and unattainable, are taking a keen interest in network security. The chairman, managing director and CEO are suddenly throwing money at the IT department.

Why? Is it because they have finally listened to your appeals for more funds? Have the numerous news reports and alerts about network insecurity actually had an effect? Or are they just plain scared of going to jail?

The truth is that new legislation and regulations covering corporate governance and privacy have shifted ultimate responsibility for information security up to senior management. If companies fail to comply, then the board can face legal action.

Throughout 2005, compliance will affect the whole IT security sector. No doubt managers will complain about the extra money the process costs, CSOs will complain about the extra hours they have to put in, and everyone else will complain about the extra pressure put on them by the Financial Services Modernizing Act (Gramm-Leach-Bliley), the Health Insurance Portability and Accountability Act (HIPAA) and, above all, Sarbanes-Oxley (SOX).

But they need not worry. A little work now could make the future a lot easier. In a year's time, everyone could learn to love compliance.

We must learn to love compliance

Tell us what you think. (0) comments.
Send to a friend:   

New Mexico Software Creates New Division for Sarbanes-Oxley Consulting

New Mexico Software Inc. (OTC Bulletin Board: NMXS - News), a leading provider of next-generation digital lifecycle management solutions, announced that the company has started a new division, SOX Advisors, to offer publicly traded companies advice and hands-on applications to comply with the Sarbanes-Oxley Act of 2002. Brad Beckstead, managing partner of the audit firm Beckstead and Watts, LLP, was named president of the new division, which will be located in Las Vegas, Nev.

Dick Govatski, CEO of New Mexico Software, said, "With the importance of Sarbanes-Oxley on all publicly held businesses, we feel that our wholly owned subsidiary will provide much needed technical and accounting consulting to select public companies. The company will utilize our expertise to assist CEOs and CFOs in reducing the cost of compliance with Sarbanes-Oxley regulations by offering a total package of subject matter experts (SMEs) and our SOXtrac software to simplify the process."

New Mexico Software Creates New Division for Sarbanes-Oxley Consulting

Tell us what you think. (0) comments.
Send to a friend:   

New Tools, Strategies Used To Prosecute U.S. Corporate Crimes

Corporate crimes injure investors, employees, and the capital markets that fund the needs of existing firms and promote new businesses. Recent revelations of corporate fraud and other crimes have increased the need to investigate and prosecute criminal activity conducted by corporate officials -- and associated professionals -- who have abused their positions to enrich themselves while breaching the trust of investors, employees, financial institutions, and the capital marketplace.

The prosecutions for corporate fraud and related misconduct have demonstrated that criminal activity has permeated the highest levels ofseveralmajor publicly held corporations, brokerage firms, accounting and auditing firms, and others.A few dishonest individuals have damaged the reputations of many honest companies and executives. These wrongdoers injured workers who dedicated their lives to building the companies that hired them. They hurt investors and retirees who had entrusted their financial futures when they placed their faith in the promises of the companies’ growth and integrity.

These revelations of a corporate culture of corruption and deception in a number of very prominent corporations have threatened to undermine the public’s confidence in corporations, the financial markets, and the economy. They also have magnified the need for a renewed emphasis on effective corporate governance.

New Tools, Strategies Used To Prosecute U.S. Corporate Crimes

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, February 23, 2005

Whistleblower's Speech Protected: Worker Gets Job Back, Plus Lost Wages and Attorney Fees

While workers may not be free to blog to their hearts’ content (as discussed in our earlier blogs), they do have rights to question their employers’ accounting practices without losing their jobs.

Last week a judge for the Department of Labor ordered a Virginia bank to reinstate an employee who was fired for questioning its accounting practices. The judge also awarded the worker nearly $65,000 for lost wages and other damages, recognizing that he was a whistleblower under a fairly new federal law, the 2002 Sarbanes-Oxley Act. The worker was the first person to win whistleblower protection under this law last year, when the judge found that the company had wrongfully fired him.

Whistleblower's Speech Protected: Worker Gets Job Back, Plus Lost Wages and Attorney Fees

Tell us what you think. (0) comments.
Send to a friend:   

FBI Opening Three to Six New 100 Million Dollar Corporate Fraud Cases Every Month

Maybe Sarbanes-Oxley isn’t haven’t very much of an impact. In testimony delivered before the Senate Intelligence Committee last week, Robert S. Mueller III, the director of the Federal Bureau of Investigation (FBI), said that the FBI is pursuing 334 corporate fraud cases throughout the United States, a more than 100 percent increase over last year. Eighteen of those cases involved losses to the public which exceed $1 billion, Mueller said.

“Unfortunately, the volume of cases has yet to reach a plateau, and the FBI continues to open three to six new cases each month – each case averaging a loss exceeding $100 million,” Mueller said.

Mueller placed corporate and securities fraud down his list of major priorities – coming in tenth on a list of fifteen. The major priorities list was headed by counterterrorism and counterintelligence.

FBI Opening Three to Six New 100 Million Dollar Corporate Fraud Cases Every Month

Tell us what you think. (0) comments.
Send to a friend:   

Tyco's Former Finance VP Testifies on Art

Tyco International Ltd.'s former head of finance testified Wednesday that he believed the company's former chief executive, L. Dennis Kozlowski, had the authority to purchase more than $1 million in artwork on Tyco's behalf.

Under questioning by defense attorneys, Mark D. Foley, the Bermuda-based conglomerate's former senior vice president of finance, said he believed Kozlowski had the authority to make up to $200 million in capital acquisitions on Tyco's behalf, including artwork. Foley testified Tuesday that he approved a wire transfer of more than $1.9 million to Kozlowski to purchase artwork.

Prosecutors claim Kozlowski didn't have the authority to use Tyco funds to purchase artwork for his apartment in New York. Defense attorneys have countered that the apartment and some of the artwork were recorded on Tyco's books and records as a company asset.

"My understanding was we had an apartment on the books, which was Mr. Kozlowski's apartment in New York, and that artwork was being purchased for that apartment," Foley said in response to a question by James R. Devita, one of Kozlowski's lawyers.

Tyco's Former Finance VP Testifies on Art

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley complicates Lotus Domino admins' lives

In recent years, Domino and other messaging systems administrators have turned to e-mail archiving products to deal with the massive amount of e-mail they must process. That effort has been further complicated -- for public companies at least -- by the onslaught of Sarbanes-Oxley Act (SOX) standards for corporate accountability. Increasingly, e-mail administrators are forced to track documents, e-mail, even instant messages, with an eye toward the day their data may be requested by investigators.

E-mail archiving products are key, but are just one piece of the puzzle. Creating corporate policies that determine which e-mail to archive is also critical, Denise Reier said. She is vice president of messaging product marketing for the Legato Software division of EMC Corp., Hopkinton, Mass. "E-mail has been the smoking gun in many [corporate criminal investigations]," noted Reier.

But the value of e-mail can vary greatly. E-mail is used to negotiate contracts and discuss key corporate matters, but it's also used to set up lunch dates and to pass jokes. Some companies retain every e-mail for the maximum period of time required by the law, and some are fine-tuning their retention policies, organizing their e-mail into human resource, legal and other manageable areas. In all cases, e-mail archives must be able to withstand scrutiny in a court of law that it is accurate and complete.

Sarbanes-Oxley complicates Lotus Domino admins' lives

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, February 22, 2005

SEC Seeks Feedback and Announces Date of Roundtable on Implementation of Sarbanes-Oxley Internal Control Provisions

On Feb. 7, 2005, the Commission announced that it would host a roundtable discussion and would solicit written feedback regarding the experiences of registrants, accounting firms and others in implementing the new internal control requirements under Section 404 of the Sarbanes-Oxley Act of 2002. See Press Release 2005-13. Today the Commission announced that the roundtable will be held on Wednesday, April 13, 2005, in the William O. Douglas Room at Commission headquarters, 450 Fifth Street, N.W., Washington, D.C., beginning at 9 a.m. The roundtable will be open to the public, on a first come, first served basis. The Commission also intends to make the roundtable available by Web cast. The Commission also announced today that interested parties may submit their written feedback on the internal control implementation process.

Section 404 and rules adopted by the Commission require companies that file annual reports with the Commission to report on management's responsibilities to establish and maintain adequate internal control over the company's financial reporting process, as well as management's assessment of the effectiveness of those internal controls. Section 404 and the auditing standards of the Public Company Accounting Oversight Board require the accounting firm that audits the company's financial statements to report on management's assessment, as well as on the effectiveness of the company's controls.

The Commission seeks written feedback from registrants, auditors, investors and others on their experiences with implementing and evaluating the Section 404 requirements. The Commission is not soliciting feedback on a particular set of inquiries. The information that is submitted will become part of the public record of the Section 404 roundtable.

Members of the public are encouraged to provide the submissions before April 1, 2005.

SEC Seeks Feedback and Announces Date of Roundtable on Implementation of Sarbanes-Oxley Internal Control Provisions

Tell us what you think. (0) comments.
Send to a friend:   

Evolving technology barbarians will need new tools to prove their value to the board

There is an adage that as a young company matures, its leadership evolves from being barbarians to bureaucrats, and a similar shift is currently taking place within the IT function of many organisations.

Whereas in the past, IT has not been seen to be subject to quite the same rules as other business functions, it is now being required to demonstrate its value to the organisation, to maintain the disciplines of planning, budgeting and cost management, and to assess and mitigate any potential risks to the organisation, in the same way as other departments.

As the leader of the IT function, the focus of the chief information officer is therefore turning further away from the detail of technology such as server availability, network performance and application functionality. Instead it is moving towards the strategic issues of IT budgeting and investment planning, governance, service quality, risk management and outsourcing.

Most business functions have well-established methodologies for cost and value measurement. However, enlightened CIOs seeking to prove their worth are finding a distinct lack of recognised tools and procedures that can be applied to this task.

Evolving technology barbarians will need new tools to prove their value to the board

Tell us what you think. (0) comments.
Send to a friend:   

CEO trials hold startling similarities

The accounting frauds at WorldCom and HealthSouth have nothing to do with each other. And yet, as the trials of former WorldCom CEO Bernie Ebbers and former HealthSouth CEO Richard Scrushy grind on in two courtrooms about 800 miles apart, it is clear that the criminal stories being told to jurors in these cases are nearly identical.

In both trials, a powerful CEO has been accused of instigating a fraud. Former HealthSouth chief financial officer William Owens testified in Birmingham, Ala., this month that when the company wasn't hitting its earnings targets in 1996, Scrushy ordered him to "fix the numbers." Owens interpreted the command as an order to commit fraud. Scrushy's lawyers say Owens was a rogue who misinterpreted the boss.

In New York last week, former WorldCom CFO Scott Sullivan told virtually the same story, testifying that when WorldCom didn't meet earnings expectations in 2000, Ebbers ordered him to "hit the numbers." Ebbers' lawyers say Sullivan is a liar, but the similarities between the cases don't stop there.

CEO trials hold startling similarities

Tell us what you think. (0) comments.
Send to a friend:   

Donaldson's Balancing Act

At the World Economic Forum in January in the Swiss resort of Davos, Securities & Exchange Commission Chairman William H. Donaldson took a break from hobnobbing to moderate a panel on leadership. He listened intently as New York Stock Exchange CEO John A. Thain, Citicorp (C ) CEO Charles Prince, and Home Depot Inc. (HD ) Chairman and CEO Robert L. Nardelli gave pointers. Then the SEC chief offered his own 10 principles of effective leadership. When he finished, Donaldson was startled to find corporate moguls crowding around, pestering him for copies and demanding to know when he would write a book based on his ideas.

Publishers, put those contracts away. Donaldson plans to keep practicing what he preaches at the SEC's Washington headquarters for at least another year. And the 73-year-old Wall Streeter is going to need all the leadership savvy he can muster. Already under heavy fire from Corporate America and some Republicans, Donaldson is walking a fine line. He isn't abandoning his activist agenda so much as balancing his pursuit of further governance and market reforms with some business-friendly flexibility and regulatory streamlining.

But Donaldson will get in Corporate America's face with a new push to make all forms of executive compensation more transparent, so shareholders can spot when pay outpaces performance. He remains a zealous enforcer. And he still wants to give shareholders more say in board elections. But on that and other issues, he's taking a softer approach that's less likely to rile the boardroom set. And his agenda for 2005 is heavy on items to modernize markets and make existing rules more efficient and effective -- a classic Republican deregulatory course that should curry favor with business.

Donaldson's Balancing Act

Tell us what you think. (0) comments.
Send to a friend:   

Any Storm in a Portal

When the technology downturn took the exuberance out of the software business, Mapics Inc., an Atlanta supplier of enterprise systems, decided to shed real estate rather than people. The company made such a commitment to telecommuting that three-fourths of its staff now work from home, client sites, or other remote locations on any given day.

A slimmed-down headquarters keeps the overhead low, but it poses a number of managerial challenges. E-mail, chat rooms, and, of course, telephones keep communication and collaboration alive, but what about the more mundane aspects of life at the office, such as distributing benefits forms or the voluminous paperwork associated with hiring, job changes, and annual health-care enrollment? For those and a growing number of similar tasks, Mapics, like many other companies, relies on an employee portal, a one-stop, Web-based window that allows employees to sign in and have instant access to a range of software applications and data sources, often tailored to their specific needs. One Mapics executive calls the portal "the heartbeat of our organization" and says it allows almost every department at the company to operate off-site. Except finance, which continues to show up at the office every day, mostly because of the demands of Sarbanes-Oxley.

Any Storm in a Portal

Tell us what you think. (0) comments.
Send to a friend:   

Monday, February 21, 2005

Sox Compliance: automated corporations next

On the surface, Sox compliance is about complying with requirements to store records of business activity for five years. Less ostensibly, Sox is about the significant ongoing process of turning abstract perceptions of strategy, risk, security and control into measurable definitive processes that can be tracked over time. Companies may spend up to 2% of revenues to become compliant in year one, and to stay compliant, are hiring additional finance officers and staff. Accounting and consulting firms are enjoying a boom of engagements to aid firms in meeting compliance deadlines. Maintaining compliance is a moving target, it means having a company's accounting, finance, IT systems and other internal controls and security keep pace with the dynamism of the business.

Sox Compliance: automated corporations next

Tell us what you think. (0) comments.
Send to a friend:   

Gilbane Report Blog: Is Sarbanes-Oxley Slowing IT Spending

The fact that Big Four firms are reporting a doubling of auditing revenues, thanks to Sarbanes-Oxley, invites a cynical view of their situation. But, a "big picture" take on the issue needs to consider the risks and incentives on the auditing side of the problem. If something does go wrong, auditors know that shareholders will be coming after them for damages. It is hard to see the upside for the auditor in being "reasonable" and in trying to consider the special circumstances of smaller companies. (I am not arguing that the inability to deal with the special needs of smaller firms is "right" -- but simply that the auditors, too, are constrained by the business and litigious realities surrounding SOX.)

Gilbane Report Blog: Is Sarbanes-Oxley Slowing IT Spending

Tell us what you think. (0) comments.
Send to a friend:   

Companies Pushing For Lower Audit Fees for 2005

The internal control requirements of the Sarbanes-Oxley Act forced many companies to spend more than twice what they budgeted last year, so they're looking to pay far less this year, according to a study given to Reuters by CFO Executive Board, a division of Washington research group Corporate Executive Board Co.

Section 404 of SOX requires that the companies' external auditors produce details of their internal controls and how those controls will combat fraud by next month. At the beginning of last year, the study said that most companies figured the cost of Section 404 would amount to between 20 percent and 60 percent of what they normally paid in annual audit fees, but the real figure was between 60 percent and 120 percent.

Executives say that auditors were charging by the hour last year instead of by the job, a practice they attributed to some of the additional cost. AMR Research says U.S. corporations will spend more than $11 billion between 2004 and 2005 on Section 404.

Companies Pushing For Lower Audit Fees for 2005

Tell us what you think. (0) comments.
Send to a friend:   

Governance rules OK

I was somewhat surprised to hear from a client that one of the biggest issues for his organisation in 2005 is compliance with Sarbanes-Oxley (SOX) corporate governance regulations. I had assumed the issues were fairly well understood and were being addressed. But it seems firms are struggling with the day-to-day problems of implementing SOX as an integral part of their processes.

Affected firms recognise the need to comply with SOX, Basel II finance rules and other corporate governance regulations, and now software vendors are launching products to help them.

Competition and variety in the software market is a good thing, but suppliers and potential customers need to be a bit more cautious. I'm not sure everyone understands what compliance is, particularly as it differs for each business. Compliance is not just a case of ticking a box.

Whatever measures are introduced, they have to satisfy an objective externally mandated set of requirements. In particular, you cannot have a compliance product that has weak security.

Governance rules OK

Tell us what you think. (0) comments.
Send to a friend:   

U.S. Business, Senses Opening, Counters Some Reforms

Sensing public outrage over business corruption in America is waning, some in the corporate community are seizing on the shift in mood to try to roll back reforms, say top U.S. officials and academics.

"There's clearly a rearguard action going on," said Maryland Democratic Sen. Paul Sarbanes in an interview three years after the Enron debacle that led to his co-authoring of landmark corporate governance and accounting reforms in 2002.

Business scandals are now daily fare for Americans, from the prison sentencing on Friday of a former top Boeing Co. executive to revelations of abusive trading in the mutual fund industry and the continuing trial of the former chief executive officer of WorldCom Inc.

Public concern about white-collar wrongdoing and dissatisfaction over soaring executive pay is being tempered by stock market gains and official assurances that reforms are taking hold.

That shift in perception, combined with November election gains by pro-business Republicans, has emboldened corporate lobbyists and, in at least one way, has already paid off.

U.S. Business, Senses Opening, Counters Some Reforms

Tell us what you think. (0) comments.
Send to a friend:   

Saturday, February 19, 2005

Automation tools to get boost from Sarbanes-Oxley

Software designed to automate the process of complying with the Sarbanes-Oxley Act will be in high demand this year, a regulatory expert said Friday.

Sebastian Goodwin, president of risk management consulting company Ensurity, offered his regulatory compliance crystal ball during a session on Sarbanes-Oxley at the RSA Conference taking place here this week.

Goodwin said that companies are catching their breath after a key section of Sarbanes-Oxley kicked in last year--but they're also now preparing for long-term solutions for dealing with the law, which aims to make corporate accounting more transparent. Software makers can expect to see a rise in IT spending this year, Goodwin said.

"Some of the analysts and chief security officers I talk to say they will be spending more money on Sarbanes-Oxley this year," Goodwin said. "Some of areas will be business process management, document management and software packages that automate the processes that they developed last year."

Automation tools to get boost from Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

Friday, February 18, 2005

What Every Company Should Know About Email

Management for Sarbanes-Oxley Compliance In simple terms, the Sarbanes-Oxley Act (SOX) requires businesses to demonstrate effective corporate governance and information management controls. However, since the Act passed, it seems that just about everyone—lawyers, consultants, industry analysts and technology vendors —have jumped on the SOX compliance bandwagon with recommendations and products to sell. The noise about SOX has become nearly deafening.

Luckily, as we approach the first significant deadlines related to the act, the legal and technology communities are coming together in agreement on some key best practices regarding the implications of SOX. At a fundamental level, complying with the regulation means establishing a process for managing communications and information lifecycle management. Since email has become the de facto method of business communication and the most critical source of information for almost every large business, the management of email is a fundamental element of SOX compliance.

What Every Company Should Know About Email

Tell us what you think. (0) comments.
Send to a friend:   

Political Dogs: Sarbanes Oxley Balancing Act

Right now is the height of "earnings season" as the trickle of a few super-efficient companies issuing earnings turns into a torrent of reports. This is perhaps the most interesting year in many decades for corporate earnings as the Sarbanes-Oxley Act (SOX) makes auditors double their efforts in scrutinizing their public clients. One of the most significant parts of SOX is a requirement that public companies review and fully document their systems of internal controls. Auditing companies are required to review this documentation and opine as to the sufficiency of the control environment. For many companies this meant huge expenses in terms of time and even money to create documentation for systems that were supposed to exist all along as well as larger audit fees to test these systems. Along with this review and audit comes the specter of disclosing certain aggressive practices that might have avoided the auditors' scrutiny in years past.

Political Dogs: Sarbanes Oxley Balancing Act

Tell us what you think. (0) comments.
Send to a friend:   

Governance Focus

A governance location where the focus is corporate and board governance issues worldwide. Information will be obtained from many sources and authors, so as to provide a wide range of information, opinion, clarity and debate.

Governance Focus

Tell us what you think. (0) comments.
Send to a friend:   

U.S. Public Companies Changing Audit Firms at Record Pace

The Sarbanes-Oxley Act of 2002 did not require public companies to regularly change audit firms, but it seems many of them are doing so anyway.

The Wall Street Journal reported on a study released Wednesday by proxy-advisory firm Glass Lewis & Co. that showed more than 1,600 public companies left their audit firm last year, which represents a 78 percent increase over 2003.

Over the two-year period, 2,514 companies switched audit firms, which is nearly a quarter of all U.S. public companies, according to a database of public companies.

Smaller accounting and auditing companies are reaping the benefits of the revolving auditors and the Big Four firms are feeling the pinch. Second-tier firms gained a total of 117 new clients last year while the Big Four-Deloitte & Touche LLP, Ernst & Young LLP, KPMG LLP and PricewaterhouseCoopers LLP-had a net loss of 400 clients, the Journal reported.

U.S. Public Companies Changing Audit Firms at Record Pace

Tell us what you think. (0) comments.
Send to a friend:   

End The Message Divide Now

I'm just back from the annual Demo Conference in Scottsdale, Ariz., and I can't quite get my mind off e-mail and the phone.

I've been using e-mail since about 1991, and in those 14 years its basics have changed little. No matter the platform you use, whether it's Microsoft's (nasdaq: MSFT) Outlook, Qualcomm's (nasdaq: QCOM) Eudora or a Web mail service like Yahoo!'s (nasdaq: YHOO) Yahoo Mail or Google's (nasdaq: GOOG) Gmail, the fundamental experience of sending and receiving e-mail hasn't changed all that much.

But it should. Times are changing. When I first started using it, e-mail was something you did almost as an amusement. You could write letters to friends in far-flung lands, and they would arrive almost instantly. But it was certainly far from an everyday medium. In those days, I think I checked my e-mail about once a week. It took only three years for e-mail to become an everyday presence in my personal and professional life. Now, I get a lot more accomplished via e-mail than I ever do on the phone.

There are some 683 million people in the world who use e-mail, according to an estimate by the Radicati Group, a Palo Alto, Calif.-based research outfit. That's less than one-third of the nearly 2.5 billion telephone subscribers in 2003, according to the International Telecommunications Union, which tracks global telecom stats.

End The Message Divide Now

Tell us what you think. (0) comments.
Send to a friend:   

Corporate Governance in the Age of Eliot Spitzer

If you are an active participant in the corporate affairs of the company for which you sit on the board, you have very little to worry about when it comes to SEC actions, or even class action lawuits. Just keep in mind that directors are custodians of the stockholders' money. They are serving to protect the stockholders, not to protect management.

These appear to be trying times for officers and directors of publicly held companies. But, are they really? Many people involved on the management and directorate level with public companies are quite leery nowadays. But, should those of us involved with corporate boards and corporate governance be afraid, or just cautious? In my opinion, there is no real need for concern.

Let me explain. I know that the Enron debacle was followed by continuing news of corporate malfeasance. It seemed that almost every day, we learned of more disturbing news about corporate shenanigans.

In a previous article, Serving on a Board After SOX: Opportunities and Perils, I talked about the responsibilities of board members and how they can keep themselves out of trouble by being proactive.

Corporate Governance in the Age of Eliot Spitzer

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, February 17, 2005

Scrushy Lawyers Seek to Discredit Witness

Defense lawyers for Richard Scrushy again tried depicting a key witness as a liar, portraying a former HealthSouth executive as a fraud participant rather than the innocent outsider he claimed to be.

The defense highlighted the fact that Leif Murphy once attended a meeting with eight people identified as being involved in the scheme to inflate earnings at the rehabilitation giant. Murphy testified that he left the company after Scrushy flew into a rage when confronted about the fraud.

The defense for Scrushy, HealthSouth's former CEO, previously attempted to discredit testimony from a key prosecution witness, former finance chief Bill Owens. The defense argued Owens directed the fraud while Owens maintained his claim that Scrushy was behind the scheme.

Scrushy's lawyers contend a group of executives called "the family" conspired to inflate earnings at HealthSouth and hid it from Scrushy. Prosecutors claim Scrushy was the driving force behind a conspiracy to overstate earnings by some $2.7 billion from 1996 through 2002 to make it appear HealthSouth Corp. was meeting or beating Wall Street forecasts.

Scrushy Lawyers Seek to Discredit Witness

Tell us what you think. (0) comments.
Send to a friend:   

E-mail and blog monitors are launched

Between Sarbanes-Oxley and sexual harassment suits, the enterprise is more concerned than ever about what its employees say or send in e-mails and blogs.

During the Demo@15 conference on Monday afternoon, three companies unveiled products that monitor messages to detect anything from inappropriate language to sending out proprietary corporate data.

WhatCounts demonstrated BlogUnit Series, a 1U hardware device plus software that manages corporate blogs before they are published. The blog software is centrally controlled and can be linked to both LDAP and Radius servers to control approvals before publishing, content viewing, and broadcasting.

E-mail and blog monitors are launched

Tell us what you think. (2) comments.
Send to a friend:   

Stolen Thunder: Sarbanes-Oxley, or Why Accountants Are Happy

I went to a seminar about the Sarbanes-Oxley (SOX) legislation this morning. Interesting stuff, if you're into Risk Analysis, Congress, and Auditors Gone Wild....

If you're an accountant, you love SOX. Especially if you are an auditor by profession, and love the intracacies of Forensic Accounting (like a coroner, except in this case the corpse is from a deceased corporation). Basically, three of the key tenets of SOX are that all publically traded companies must follow consistent policies, maintain full, truthful and timely documentation, and report honestly to audits. The way this is done, is for companies to listen to their Risk Managers, and to give them the control necessary to meet the law's demands.

Stolen Thunder: Sarbanes-Oxley, or Why Accountants Are Happy

Tell us what you think. (0) comments.
Send to a friend:   

Government SOX: A Remedy for Executive Branch Lies About Budget Item Costs

Imagine that a large multinational company, in a document filed with the Securities and Exchange Commission, takes a $400 million charge against earnings, representing the cost of a new service that the company is going to offer. Now imagine, further, that the company's Chief Financial Officer has received from his top financial manager a cost estimate of more than $500 million for the service, and that the CFO has suppressed this cost report. Finally, imagine that New York Attorney General Eliot Spitzer and SEC Director of Enforcement Stephen Cutler learn about the suppression of the company's own estimate - and learn, further, that the real cost of the program is going to be $750 million, or even more.

I think we all know what would happen next. The investigations would start; the indictments and shareholder lawsuits would follow; and the company would end up paying a whopping fine while the CFO would, in all likelihood, be off for a stint in the pokey.

Now change the channel to the arena of national politics - and change the stakes from millions to billions of dollars. The Bush Administration proposes a new prescription drug program. It sells the program to the Congress and to the American people as costing $400 billion, even though the top bean-counter at the Department of Health and Human Services has estimated the true cost to be more than $500 billion and, it turns out, in real life the cost is likely to be at least $750 billion and perhaps much more.

So what happens? Nothing, of course. Can anything be done to curb Executive Branch officials' lying about the budget numbers that drive federal law and policy? Maybe it is time to think about a Sarbanes-Oxley for government.

Government SOX: A Remedy for Executive Branch Lies About Budget Item Costs

Tell us what you think. (0) comments.
Send to a friend:   

How Directors Can Shield Themselves

The prospect of joining a corporate board is riskier than ever after the WorldCom and Enron settlements, which required former directors to pay $18 million and $13 million, respectively, out of their own pockets. What follows is the transcript of a Feb. 16 online chat on the Forbes.com CEO Network with Morrison & Foerester partner Darryl Rains, who explained how board directors can shield themselves from such liability. The chat was hosted by Forbes.com Senior Editor Penelope Patsuris.

How Directors Can Shield Themselves

Tell us what you think. (0) comments.
Send to a friend:   

Deals will take longer as execs kick the tires

Merger veteran Dennis Block believes the era of the four-day deal is dead. If anyone would know, it would be Block. A partner in the corporate mergers and acquisitions practice at Cadwalader Wickersham & Taft, block has had a legal advisory assignment on five of the 10 biggest mergers in U.S. history.

Yes, there was a time, during the peak of the biggest M&A wave in U.S. history, when a few executives made offers to buy rivals on a Thursday and announced a merger agreement the next Sunday morning.

Swept up in the zeitgeist, executives shunned negotiation and study for big and headline-grabbing deals that immediately swelled egos and later shrunk profits.

"Everything got based upon more that we have to announce the deal on Sunday than we have completed as much diligence that needed to be done," Block said. "The scandals, the requirements of Sarbanes-Oxley - which really do weigh heavy on an acquirer - have forced companies to do more kicking of the tires."

Deals will take longer as execs kick the tires

Tell us what you think. (0) comments.
Send to a friend:   

Scrushy and the Bandit

A few years ago, America's high-flying CEOs wanted everyone to think they were hands-on executives who knew everything that was going on -- super-human masters of the universe who didn't suffer fools and whom no one could fool. Well, times have changed. Some CEOs these days would rather people think they didn't know much of anything that was going on -- especially if they stand accused of masterminding a major corporate fraud. But will they get away with it?

The trial of Bernie Ebbers, the former chairman of WorldCom, is now moving into high gear in a Manhattan courtroom. Ebbers is charged with being the ringleader of a record $11 billion accounting fraud that resulted in the largest bankruptcy in American history and cost lots of workers and investors their shirts. Ebbers' defense is that he didn't know anything about it. It was all done by underlings who never told him what they were up to.

Regardless of what Ebbers knew, the collapse of WorldCom in July of 2002 finally moved Congress and the president to try get CEOs to know more. Days after WorldCom declared bankruptcy, the Sarbanes-Oxley Act was passed. It requires, among other things, that CEOs sign a statement certifying that their company's books are accurate.

Will it work? That depends on what happens in another courtroom -- this one in Birmingham Alabama.

Scrushy and the Bandit

Tell us what you think. (0) comments.
Send to a friend:   

Audio: Commentary on Sarbanes-Oxley compliance

The Sarbanes-Oxley Act requires CEOs to sign off on their companies' books, stating that they're correct. But does the law have any teeth? As Marketplace commentator Robert Reich tells us in this edition of The Public's Business, a key court case is about to give us the answer.

Audio: Commentary on Sarbanes-Oxley compliance

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, February 16, 2005

Approva's Philip Livingston on Sarbanes-Oxley

By any measure, Philip Livingston has led a storied life. After graduating from the University of Maryland in 1979, he became a backup offensive tackle for the Oakland Raiders, where he was a member of the Super Bowl XV championship team in 1981.

After his career with the Raiders ended that year, Livingston received an MBA from the University of California, Berkeley, and embarked on what has been a 20-plus-year career in finance. In 1993, he helped take Boulder, Colo.-based Celestial Seasonings public. In 1999, he became president and CEO of Financial Executives International in Florham Park, N.J. There, he helped craft two sections of the Sarbanes-Oxley Act of 2002 and was on hand when President Bush signed the legislation into law.

After two years as chief financial officer at World Wrestling Entertainment Inc., Livingston was named last month as vice chairman of Approva Corp., a Vienna, Va.-based maker of enterprise controls management software. Livingston spoke today with Computerworld's Thomas Hoffman about his work at Approva and his expectations for corporations' ongoing Sarbanes-Oxley compliance efforts.

Approva's Philip Livingston on Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

FinanceProfessor.com

Looking for more insight on Sarbanes-Oxley and its implications? FinanceProfessor.com is the blog of Dr. James Mahar Jr. (Jim), who teaches Finance at St. Bonaventure University. The newsletter and web site started as a result of his keeping in touch with his students but has spread to the point where the newsletter has subscribers in 5 continents and in over 30 countries.

Jim earned his Ph.D. (Finance) from The Pennsylvania State University (Penn State), his MBA from the William E. Simon School at the University of Rochester, and an undergraduate degree from St. Bonaventure. He has taught at Penn State and James Madison University. He has taught all levels of corporate finance from Introductory to Advanced, as well as several Investment classes (advances and intermediate), Markets and Institutions, International Finance, and Money and Banking.

Dr. Mahar's research interests are predominantly in Corporate Finance (his dissertation was on firms with high cash) and Financial education. He has written case studies, and is constantly working on other research papers.

FinanceProfessor.com

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley Strikes Again?

Look up from the computer for a moment. See that ticker scrolling by over there on the bottom of your TV screen? The one for Electrolux (Nasdaq: ELUX)? Take a good long look at it, for it's soon to be no more.

No, the company isn't going out of business. The trials and tribulations that have been hurting domestic home appliance makers such as Whirlpool Corporation (NYSE: WHR) and Maytag (NYSE: MYG) haven't driven Sweden's Electrolux into bankruptcy. Sure, the maker of washing machines, ovens, and refrigerators under such diverse brand names as Electrolux, Frigidaire, and Eureka has been hit as hard as anyone by rising prices for commodities such as steel. Also true, Electrolux saw its operating profits fall 13% in 2004, and its net profits did decline a massive 37% in the fourth quarter alone. But much of the decline can be attributed to charges for restructuring and relocating its production facilities.

Sarbanes-Oxley Strikes Again?

Tell us what you think. (0) comments.
Send to a friend:   

Postal Service boosts internal controls

When the Postal Service decided to add functions to employees' Blackberrys, it turned to Peg Weir to make sure it was properly securing the wireless devices. As a result, when the new gadgets are rolled out next month, they will have internal controls in place, including password requirements and automatic timing out.

As manager of the USPS Internal Control Group, Weir works on developing efficient and secure agencywide processes. She viewed the fact that her group was asked to collaborate on the Blackberry project as a sign of success. "We're starting to get more and more business," she said of her group, which consists of 500 managers and analysts.

While most agencies have beefed up their internal controls, or checks and balances, since the 2002 Sarbanes-Oxley Act, none has gone as far as the Postal Service. The Internal Control Group, which was created as part of the 2002 Transformation Plan, is responsible for the Postal Service's voluntary compliance to Sarbanes-Oxley, which requires documenting and testing internal controls.

"Given the unique status [of USPS], it makes sense that they would want to monitor financial statements in a more similar way to the private sector," said Drew Crockett, spokesman for Rep. Tom Davis, R-Va., chairman of the House Government Reform Committee, which oversees the Postal Service. Sarbanes-Oxley applies to the private sector, but the Office of Management and Budget recently instructed agencies to strengthen their internal controls in line with that regulation.

Postal Service boosts internal controls

Tell us what you think. (0) comments.
Send to a friend:   

Regulators Hold Firm on SOX Rules for Mutuals

A Pennsylvania insurance official heading a panel of state regulators met with mutual insurance company representatives last week and held firm to the notion that they need more regulation to insure their solvency.

At issue is a measure the National Association of Insurance Commissioners' panel is considering that would have such non-traded companies institute internal assessment control procedures that mirror those requirements for stock companies that are contained in the federal Sarbanes-Oxley Act.

Steve Johnson, deputy insurance commissioner for Pennsylvania, who chairs the so-called Title IV subgroup of the panel looking at applying federal Sarbanes-Oxley Act disclosure and accounting rules for non-public insurers, said at the meeting in Orlando, Fla., that it was doubtful that a cost-benefit analysis could be applied to addition of such rules.

Title IV refers to the section of the federal law that requires yearly annual assessment by management of the company's internal control measures, along with a separate attestation by the company's auditors.

“How can it be a bad thing to have management make representations about internal controls?” Mr. Johnson asked.

Regulators Hold Firm on SOX Rules for Mutuals

Tell us what you think. (0) comments.
Send to a friend:   

Corporate boards in search of women, minorities

While minorities and women continue to remain largely absent from corporate boards, those battling to change that say greater opportunities are arising, and it's important to know how to make the most of them.

In the next three years, nearly half of all board seats are expected to turn over, mostly in backlash to recent corporate scandals and because of the Sarbanes-Oxley Act. So notes Linda K. Bolliger, founder and chief executive officer of Boardroom Bound, whose nonprofit helps companies find qualified minority and female board candidates.

Companies are having difficulty filling seats as Sarbanes-Oxley has required greater independence and oversight, she said. That translates into more work for directors and makes it more difficult for the same "old boy" cast of characters to serve on multiple boards, said Bolliger, whose group kicks off a two-day conference and board service development seminar series in Chicago today.

Meanwhile the number of minorities and women who are ascending into corporate senior management has been increasing, and minority and female business owners have surged in number, she observed.

"We have a seriously underreported talent pool," she said.

Corporate boards in search of women, minorities

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, February 15, 2005

Investment bank slashes number of requests for IT system changes

The London-based investment bank installed software from Serena to help it track changes to its IT systems and comply with financial regulations.

But the immediate benefit was in showing which departments were driving change requests to the bank's 200-plus applications. The software revealed that almost 75% of the 150 requests to change its IT systems each month were coming from IT staff rather than end-users.

This made it difficult to distinguish which changes were being driven by a real business need. It also made it difficult to calculate the cost of IT staff's time in responding to requests from users.

After educating users about procedures for changing IT systems, 75% of requests now come directly from a business unit. Just 25% come from IT personnel, and these are limited to upgrades and minor maintenance.

Investment bank slashes number of requests for IT system changes

Tell us what you think. (0) comments.
Send to a friend:   

Scrushy Defense Attacks Main Witness

Richard Scrushy's lawyers on Tuesday depicted a main witness against the fired HealthSouth chief as a free-spending, tax-dodging liar who made millions while orchestrating a huge fraud at the rehabilitation giant.

But the tough cross-examination didn't sway former HealthSouth finance chief Bill Owens from the central theme of his 10 days on the stand: That Scrushy was behind what prosecutors describe as a scheme to overstate earnings by some $2.7 billion.

Testimony showed Owens — one of 15 former HealthSouth executives who pleaded guilty and could testify against Scrushy — paid cash for more than $3 million worth of property and has a $700,000 tax lien from 1996 on his $1.3 million home.

Owens, an accountant, testified he failed to file federal tax returns for nine years beginning in 1995, the year before the HealthSouth accounting fraud began.

He insisted Scrushy was in charge of the fraud at HealthSouth and kept close tabs on how many people were involved in the scam.

"Mr. Scrushy was always concerned about who knew and how much they knew," said Owens.

Scrushy Defense Attacks Main Witness

Tell us what you think. (0) comments.
Send to a friend:   

White Paper: What Every Company Should Know About Sarbanes-Oxley and Instant Messaging

Instant Messaging - authorized or not - is subject to an increasing number of industry and government regulations, Sarbanes-Oxley. Failing to comply with SOX can result in significant financial and legal liabilities.

Under SOX sections 404 (Management Assessment of Internal Controls) and 105(b), there is a consensus that best practices for compliance means establishing processes for managing electronic communications and a system for archiving relevant messages, and that instant messages should be included in these efforts.

No organization should accept the risk of SOX non-compliance due to unknown or uncontrolled Instant Messaging. Download this important paper to understand the risks and benefits of controlling IM on your network, and how you can easily and effectively take control.

White Paper: What Every Company Should Know About Sarbanes-Oxley and Instant Messaging

Tell us what you think. (0) comments.
Send to a friend:   

CIOs turn spotlight on Sarbanes security issue

Chief information officers and chief technology officers from large corporations in the US and Europe are to meet in May to hammer out the implications of Sarbanes-Oxley compliance regulations for IT security.

Paul Kurtz, executive director of the Cyber Security Industry Alliance and former presidential adviser, will tell the RSA Security conference this week the meeting is needed to tackle "grey areas" in the effect of compliance regulations on IT systems.

Organisations that have US stock listings, including many UK companies with US branches, are grappling with section 404 of the Sarbanes-Oxley Act, which requires businesses to put in place independently audited internal financial controls.

But there is a great deal of confusion about how far these requirements extend into IT systems and what they will mean for businesses' IT security policies, said Kurtz.

"Sarbanes-Oxley has a direct impact on IT security, but it is not exactly clear what a company must do to comply. It is not clear what are adequate company controls," said Kurtz.

"There is a lot of grey area in what companies have to do to comply. Chief information officers and chief technology officers are grappling with these issues."

CIOs turn spotlight on Sarbanes security issue

Tell us what you think. (0) comments.
Send to a friend:   

Survey Reveals SOX Compliance Chasm

A central debate in the effort to comply with Sarbanes-Oxley (SOX), particularly sections 302 and 404 which govern financial reporting and documentation of internal controls respectively, is whether operational benefits will outweigh the costs.

A new survey of 220 businesses conducted by RevenueRecognition.com and International Data Corp. suggests that while costs are front loaded, there is proportional value once companies get through the full compliance process. However, a "compliance chasm" exists -- companies that crossed it achieved more effective results at less cost.

In the survey, respondents were asked to rate the cost of six major Sarbanes-Oxley compliance tasks as well the effectiveness of those tasks for improving risk management. The costs and effectiveness ratings were approximately even for activities such as documenting accounting policies, certification and sign off on internal controls, certification of financial statements, and responding to external audit attestation processes.

However, there were two exceptions: the cost of documenting internal controls was rated substantially higher than its effectiveness for improving risk management; and the cost of remediation of weaknesses found was rated substantially lower than its effectiveness for improving risk management.

Survey Reveals SOX Compliance Chasm

Tell us what you think. (0) comments.
Send to a friend:   

Monday, February 14, 2005

Building Apps The Sarbanes-Oxley-Compliant Way

Building applications can be hard enough without having to worry about the result not complying with Sarbanes-Oxley Act rules. Application-quality software maker Newmerix Corp. has updated its Automate Program Manager with features designed to help companies regulated by Sarbanes-Oxley maintain compliance.

The application is a change-management tool that centralizes the collection, prioritization, and tracking of service requests made for in-development apps. It can be used for companies doing internal development and vendors creating packaged apps.

The updated version of Automate Program Manager boasts change-control functions, customization, auditing, and notification features. Newmerix charges $45,000 per server, $1,000 for a named user, and $1,500 for each concurrent user.

Building Apps The Sarbanes-Oxley-Compliant Way

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes Oxley Group Announces Professional SOX Certifications

In response to the industry's cry for certification standards for Sarbanes Oxley professionals and auditors, the Sarbanes Oxley Group today announced the launch of its SOXBase- and SOXPro-level training and certification programs.

This announcement comes on the heels of a recent survey of the Group's global membership which revealed that as many as 86% of the respondents knew of no formal training programs for Sarbanes Oxley certification. As one frustrated executive rightly pointed out, "there are standards for corporate compliance, but there are no standards for the individuals who would lead us there."

While certification at the SOXBase-level requires an individual to pass a qualifying exam which tests factual proficiency in the fundamental tenets of SOX, the SOXPro-level certification additionally mandates an experience evaluation and approval by the Board before the certification may be conferred upon the candidate. "Our goal," said SOX Group Chairperson Sanjay Anand "is to put 'compliance' back into 'compliance training and education.'"

SOX Certification from the Group has been very well received by industry experts. According to Curtis Wegfahrt, Recruiting Manager at one of the largest global staffing and consulting service companies, "SOX Certification from the Sarbanes Oxley Group is one of the most valuable and practical certifications that every professional should have regardless of their industry or field." Wegfahrt also adds that "employers and recruiters will be looking for this highly respected mark of industry achievement as professionals look to take their jobs, their careers and their companies to the next level."

Sarbanes Oxley Group Announces Professional SOX Certifications

Tell us what you think. (2) comments.
Send to a friend:   

IT governance: Laying down the law

"Show me the money!" shout CEOs and CFOs in unison as CIOs shove another IT investment proposal in their faces. Can IT governance -- the latest hype term to hit the headlines -- articulate IT's role in business terms and help the money-guys see the light?

The term "IT governance" may leave senior executives scratching their heads, while vendors crank up their marketing machines to deliver their "solutions" to the IT governance problem. Some firms realize that board-level IT oversight is now required to consistently and effectively manage IT in the best interests of the organization. But how is that best achieved?

According to research firm Gartner, governance of IT is the assignment of decision-making authority and accountability to ensure desirable behavior in the use of IT.

Does this philosophy require the CIO to sit on the board? Not necessarily, but CIOs that do sit on the board can help business executives achieve a better view of their firm's IT landscape while ensuring that IT is on a level playing field with other organization functions.

This helps deliver both greater transparency in the decision-making process and consistent guidelines for project funding, evaluation, prioritization, and implementation.

IT governance: Laying down the law

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley becomes money pit for small biz

Complying with the U.S. Sarbanes-Oxley Act has been a weighty endeavour for public companies and the cost of meeting the new corporate governance legislation is only now becoming evident to shareholders.

Section 404 of the Sarbanes-Oxley Act (SOX) requires companies to have new internal controls in place and sets the deadline to comply with new audit regulations. As of Nov. 15, 2004, companies have 45 days past their year-end to file their new internal controls systems to the U.S. Securities and Exchange Commission (SEC). That means a host of companies should begin filing this month.

"We're going to be able to read in companies' reports in Feb. '05, what do they do and how did they develop these internal controls for their financial reporting," said Geoffrey Gilbert, a specialist in corporate law with Ogilvy Renault. "The challenge that represented to companies was huge. The cost of corporate governance and compliance with SOX year over year just continues to increase for companies. I have heard numbers like five-fold in terms of just developing these protocols. Part of the hidden cost is that auditors also have an important function to develop a shadow set of controls that are verifying the company's own information."

For Zim Corp., a company that is currently trading at less than $0.25 on the U.S. Nasdaq (NASDAQ: ZIMCF), getting internal controls in place to comply with Section 404 has cost the company a lot of time and resources, both of which could have been applied to business development, according to its chief financial officer, Jennifer North.

Sarbanes-Oxley becomes money pit for small biz

Tell us what you think. (1) comments.
Send to a friend:   

Accountants just love Sarbanes

The Big Five accounting firms, blackened by scandal a few years ago, firmly denied responsibility for the great corporate failures that occurred under the rules and standards they had established. Now reduced to the Big Four, the profession is back, enforcing a new raft of standards that replace and augment the ones they said were just fine only a few years ago.

It's an amazing turnaround. Ridiculed as incompetents and sellouts, and the butt of numerous jokes, accountants are now riding a wave of unprecedented power and influence. Three years ago this week, former Fed chairman Paul Volcker called the profession "greedy." Today, audit fees have doubled and accountants are heroes. Accounting firm executives are lumbering through the corporate world issuing directives, pushing around CEOs and board directors, and lecturing everyone on the moral and investment merits of Sarbanes-Oxley.

Of the many burdens created by Sarbanes, section 404 has drawn the most criticism. It requires all corporations to issue certified statements certifying the effectiveness of their internal accounting and financial controls. There is no evidence such reports and controls will ever add anything to the bottom lines of corporations. Some companies, including major firms such as Kodak, have received adverse audit opinions because of "material weaknesses" in their internal financial controls.

Accountants just love Sarbanes

Tell us what you think. (1) comments.
Send to a friend:   

Schools, CPAs face new audit proposal

A piece of legislation on Albany's chalkboard has grabbed the attention of accountants statewide.

A bill expected to be introduced in the coming weeks would mandate that school districts put their audit business out for bid every five years.

That requirement is part of a proposal that would require New York's school districts to adopt financial information disclosure procedures approaching those imposed on public companies by the federal Sarbanes-Oxley Act of 2002. The proposal, which is currently being written by downstate senators and assemblymen, could change the long-standing relationships between schools and their accountants.

Re-evaluating relationships with clients would be new when it comes to school boards, but it is accepted practice elsewhere in accounting and auditing, said Raymond D'Agostino, a partner in Deloitte & Touche LLP's upstate practice. The firm has performed audits for the Buffalo and Rochester school districts for about eight years.

"It's a fresh look at what's being done," he said. "It's not a mandatory rotation of firms but a re-evaluation of the relationship. Based on the services you provided, you would hope you would keep your clients. It's part of the business."

Schools, CPAs face new audit proposal

Tell us what you think. (0) comments.
Send to a friend:   

Sunday, February 13, 2005

Numbers game

As an accountant, Matthew Bradvica has rarely tabulated numbers so easily.

"It seems like every day we get another call from a company that needs our services," said Bradvica, managing director of RSM McGladrey's San Diego office. "But we have a rule around here: You bring in a new client, you've got to get rid of an existing one."

Like others who do corporate accounting, RSM McGladrey is overflowing with work. The Bloomington, Minn.-based firm has ramped up to meet the demand, but still has 50 job openings in Southern California, including 10 in its San Diego office.

"We've turned away more than a dozen new accounts in San Diego simply because we don't have the staff to handle them," Bradvica said.

These are salad days for accounting and auditing firms. New federal regulations for public companies designed to protect investors are propelling demand for the services the firms provide.

Numbers game

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley needs tweaks to lessen burden

During the peak of the corporate corruption scandal, Congress raced to rescue the financial markets, the American economy and their own jobs.

In the summer of 2002, things did look bleak. The news was dominated by endless revelations of appalling behavior by corporate leaders at Enron, Tyco, WorldCom, Adelphia and others.

The already wobbly stock market was devastated as investors lost confidence in corporate financial reports. The Nasdaq composite plunged nearly 80 percent in two years. Even blue-chip indexes such as the Standard & Poor's 500 nursed losses of 40 percent or more.

Fear was rampant, both on Wall Street and in Washington.

Republicans, in particular, were terrified that collapsing stock prices, a sluggish economy and public disgust at corporate crooks would spell disaster in the November 2002 midterm elections. So the GOP offered little resistance when Democrats called for major regulatory changes aimed at corporate governance and accounting.

The result was the bipartisan Sarbanes-Oxley bill, which sailed through Congress and was promptly signed by President Bush.

Sarbanes-Oxley needs tweaks to lessen burden

Tell us what you think. (0) comments.
Send to a friend:   

Friday, February 11, 2005

SEC may delay Sarbanes-Oxley enforcement

U.S. regulators appear close to letting foreign companies with U.S. stock listings delay compliance with a costly provision of the Sarbanes-Oxley Act.

Under the existing timetable, foreign companies whose shares are listed on a U.S. exchange must begin complying with the new law's provisions for documenting internal controls this July, the Financial Times reported Friday.

Such compliance is proving unusually burdensome to U.S. public companies, and many European companies have been seeking a delay in their own compliance timetable.

For foreign private issuers with a calendar year end, the staff is considering a delay that would require them to report on their internal controls over financial reporting as of Dec. 31, 2006, said Donald Nicolaisen, chief SEC accountant.

SEC may delay Sarbanes-Oxley enforcement

Tell us what you think. (0) comments.
Send to a friend:   

Good financial reasons to invest in openness

The recent settlement in which Enron directors agreed to use personal funds to compensate shareholders for their losses, and a similar one by WorldCom directors that was later overturned, represent significant events in the newly complex world of regulatory compliance. They come at a time when companies are struggling with the high cost of complying with new laws and regulations, such as the US Sarbanes-Oxley act. They also come amid growing fears that legal and financial exposure will deter competent individuals from joining public company boards. American companies estimate that Sarbanes-Oxley compliance costs alone could run into hundreds of millions of dollars. Are these onerous and unnecessary expenditures or a worthwhile investment? In the end, will they really benefit investors?

Corporate opposition to increased regulation has met with some success. Deadlines for enacting the Sarbanes-Oxley requirements for certifying internal financial controls were extended. The Securities and Exchange Commission is also looking at ways to make it easier for US-listed European companies to meet Sarbanes-Oxley requirements or delist. But it would be a mistake to conclude that the overwhelming response of companies to these new regulations is obstruction, delay and then grudging compliance.

PricewaterhouseCoopers' recent research with 1,300 chief executives around the world has found a divide between CEOs who view these newly mandated compliance expenditures as costs involving onerous requirements, and those who view them as investments offering significant opportunities and sources of competitive advantage. The "investment" group outnumbers the "cost" group by almost two to one.

Good financial reasons to invest in openness

Tell us what you think. (0) comments.
Send to a friend:   

SEC chief denies diluting Sarbanes-Oxley rules

William Donaldson, chairman of the Securities and Exchange Commission, has predicted that the commission will consider making modest, but not wholesale, changes to some major regulations adopted after a wave of corporate scandals.

Under heavy pressure from Bush administration officials, business groups and Wall Street, Donaldson denied on Wednesday that the agency was in a period of significant retrenchment, but said that it was part of his plan to reflect on the regulatory experience of the past two years and make some rules more "cost-effective" without diluting their impact.

"I'm not reacting to the 'pendulum swinging too far,"' Donaldson said in an interview. "I'm acting out the plan that has always been here. We would be foolhardy if we didn't try to adjust it with experience," he said, alluding to a section of the Sarbanes-Oxley Act of 2002, the landmark law enacted in the wake of corporate fraud that requires executives and their auditors to tighten controls.

SEC chief denies diluting Sarbanes-Oxley rules

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, February 10, 2005

Sarbanes-Oxley Section 404: The Section of Unintended Consequences and its Impact on Small Business

AeA, the Nation's largest high-tech trade association, today released its report titled Sarbanes-Oxley Section 404: The 'Section' of Unintended Consequences and its Impact on Small Business. The report was formulated by AeA member company CFOs and senior executives from its 18 councils throughout the United States. While it is highly complementary of Sarbanes-Oxley and its effectiveness on corporate governance, the report is critical of Section 404, which requires extensive new internal controls for financial reporting. AeA states that section 404 is having a devastating impact on small- and medium-sized companies and many of the objectives of the legislation's authors will not be realized.

Sarbanes-Oxley Section 404: The 'Section' of Unintended Consequences and its Impact on Small Business presents the major problems with Section 404 and makes recommendations to the Securities and Exchange Commission (SEC), the Public Company Accounting Oversight Board (PCAOB), and Congress to take action and improve implementation. The report is not asking for legislative changes. Rather, it recommends modifications to the guidance that has been provided, the regulations implementing Section 404, and the interpretation of same by the auditing firms.

In referring to Section 404, William T. Archey, President and CEO of AeA said, "This is the quintessential example of the law of unintended consequences, and Section 404 of Sarbanes-Oxley is not meeting its objectives. It has been an unnecessary burden for small- and medium-sized companies throughout the United States, and while section 404 is well intentioned, the tremendous increase in cost to smaller companies is out of control. At the same time, many of the requirements being imposed will not help prevent corporate fraud. Our mission is simple: We are trying to improve implementation of Section 404 through the regulatory process; not roll back Sarbanes-Oxley. There was unanimous agreement among AeA's Committee that Sarbanes-Oxley, with the exception of Section 404, is improving corporate governance in a cost effective way."

"When Congress passed the Sarbanes-Oxley Act, the SEC estimated the cost of implementing these regulations would be less that $1.5 billion," said Alex Davern, Chairman of AeA's Sarbanes-Oxley Advisory Committee and Chief Financial Officer of National Instruments Corporation (Nasdaq:NATI - News). "The true cost will be close to $35 billion for the first year. Smaller companies neither require, nor can they afford, the same level of investment in internal controls as larger companies. Implementation of Section 404 needs to be reevaluated and modified to prevent permanent damage to the small- and medium-sized businesses that are the job growth engine of the U.S. economy. Without change, the objectives of Section 404, to impose effective internal controls to help prevent fraud, will not be realized. The SEC and the PCAOB must act now, and Congress needs to exert its oversight authority by holding hearings on this issue immediately."

Sarbanes-Oxley Section 404: The Section of Unintended Consequences and its Impact on Small Business

Tell us what you think. (1) comments.
Send to a friend:   

SAS Grabs Win in Compliance Category

For Datamation readers, the choice was clear: Garnering twice as many votes as its closest competitor, SAS Institute's Credit Risk Management software was voted first place winner in the Compliance category for our annual Product of the Year competition.

Readers voted Cognos Controller from Cognos Inc., the number two product in the Compliance category, while Enterprise Configuration Manager from Configuresoft grabbed the third-place finish.

With compliance mandates in the forefront of most business decision-makers minds, industry watchers expect IT spending on compliance solutions to soar in 2005. Targeting the financial industry in particular, SAS Credit Risk Management enables users to assess and report the risk of potential credit losses and calculate capital reserves required to cover that risk. Without the appropriate controls in place for credit risk management, financial institutions risk regulatory noncompliance and financial instability.

''The benefits of credit risk management is that this type of solution gives a company a better understanding of risk and the ability to analyze risk,'' says Mary Knox, a research director at Gartner Inc., adding that, in short, this enables the company to conduct better business.

While this type of product is not new, the nature of credit risk management is changing.

SAS Grabs Win in Compliance Category

Tell us what you think. (0) comments.
Send to a friend:   

S.E.C. Chief, Under Cross-Pressure, Sees Some Modest Changes

William H. Donaldson, chairman of the Securities and Exchange Commission, predicted on Wednesday that the commission would consider making modest, but not wholesale, changes to some major regulations adopted after a wave of corporate scandals.

Under heavy pressure from Bush administration officials, business groups and Wall Street, Mr. Donaldson denied that the agency was in a period of significant retrenchment, but said that it was part of his plan to reflect on the regulatory experience of the last two years and make some rules more "cost effective" without diluting their impact.

"I'm not reacting to the 'pendulum swinging too far,' " Mr. Donaldson said in an interview in his sixth-floor office here. "I'm acting out the plan that has always been here. We would be foolhardy if we didn't try to adjust it with experience," he said, alluding to a section of the Sarbanes-Oxley Act of 2002, the landmark law enacted in the wake of corporate fraud that requires executives and their auditors to tighten controls.

S.E.C. Chief, Under Cross-Pressure, Sees Some Modest Changes

Tell us what you think. (0) comments.
Send to a friend:   

Secret Recordings Played in Scrushy Trial

Two weeks into a trial that could last four months, prosecutors are at a key point in their fraud case against fired HealthSouth CEO Richard Scrushy: Secret recordings they contend prove his guilt.

Jurors listened to a digital recording Wednesday in which Scrushy instructed aides to tell federal investigators the medical rehabilitation giant's financial statements were accurate, after warning: "This conversation did not take place."

While prosecutors claim that recording and others that have yet to be played show Scrushy was behind the scheme, the defense contends they demonstrate Scrushy's innocence.

Testimony resumes Thursday, with more recordings on the way.

Secret Recordings Played in Scrushy Trial

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, February 09, 2005

J.D. Power: Nine out of 10 CFOs Say Benefit of Sarbanes-Oxley is Not Worth Cost

Nine out of 10 CFOs say that the costs of implementing the new rules and requirements associated with the Sarbanes-Oxley Act of 2002 are greater than the benefits of those changes, according to Ron Conlin, partner at J.D. Power and Associates, who spoke last Wednesday at the 10th Annual Forbes CFO Forum.

The forum, held in New York, focused on the shifting roles of CFOs today and what is necessary to improve company growth and profitability. Conlin, who spoke on the results of the J.D. Power and Associates Audit Firm Performance Study,SM emphasized that confidence in the auditing industry and performance are both down since Sarbanes-Oxley was initiated in 2002.

"Top management is concerned about the costs of implementing the extensive requirements associated with Sarbanes-Oxley compliance," said Conlin. "This concern is in addition to the increased workload necessary to comply with additional audit requirements. The results are lower accounting firm performance levels and a decline in the confidence of the accounting profession."

Audit committee chairs are also feeling the pressure of increased accountability and liability of the financial reporting process.

The study, which measures audit firm performance in the wake of the Sarbanes-Oxley Act, is based on interviews with 1,007 audit committee chairs and 944 chief financial officers.

J.D. Power: Nine out of 10 CFOs Say Benefit of Sarbanes-Oxley is Not Worth Cost

Tell us what you think. (0) comments.
Send to a friend:   

Kaiser Permanente's Chief Financial Officer Leaving

Robert E. Briggs, chief financial officer for Kaiser Foundation Health Plan, Inc. and Kaiser Foundation Hospitals, announced today he is leaving the organization.

"Bob has made a tremendous contribution to the financial performance and management of the company. He came in a time of financial challenge for us and is leaving at a time when the organization has never been more financially strong," said George Halvorson, chairman and CEO, in accepting Briggs' resignation. "Having gone through this transition, the timing is right for change."

Halvorson said a national search will be conducted to select Briggs' replacement. He said high on the selection criteria will be experience in adopting Sarbanes-Oxley rules and regulations. Kathy Lancaster, KFHP/H's senior vice president for strategic planning, will serve as interim CFO, during the search for Briggs' successor.

Kaiser Permanente's Chief Financial Officer Leaving

Tell us what you think. (0) comments.
Send to a friend:   

Compliance Week: Companies Now Disclosing Adverse Opinions On Sarbanes-Oxley Section 404

According to a review of internal control disclosures made during the month of January 2005, several companies disclosed that their internal control over financial reporting was not effective as of their fiscal year end, and that they expected their auditor would issue an adverse opinion on the effectiveness of those controls.


However, experts warn that the disclosures do not necessarily mean that a large number of companies will fail the internal control test of Sarbanes-Oxley Section 404. "It is still too early to tell," Protiviti managing director James DeLoach told Compliance Week. "We need more data points to get a reliable read as to where this trend line is going."

Estimates on the number of companies that might fail the SOX 404 test have varied widely, with most predicting that 10 percent may receive adverse opinions by auditors. In January, 9.7 percent of the 10-Ks (filed by companies with over $75 million in revenue) included a weakness or deficiency disclosure, and only 4.7 percent of the 10-Qs included such an announcement.

Compliance Week: Companies Now Disclosing Adverse Opinions On Sarbanes-Oxley Section 404

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley Compliance: Meeting Short-Term Goals and Delivering Long-Term Value

For over a decade, finance groups have strived to transform their role from independent scorekeepers to business partners who are focused on developing top-line approaches to corporate success. With the passage of the Sarbanes-Oxley Act of 2002 (the Act), some CFOs fear compliance will minimize Finance's role and overshadow the value the group can bring to the organization.

Daunting requirements and the evolving landscape for year one certification have forced many companies to initially take a short-term approach to compliance and forego opportunities to adequately plan, improve processes, and implement enabling technologies to support compliance activities in year two and beyond. Companies have an ability to redirect their efforts. Decisions made now, during the completion of initial compliance, will have a significant impact on the efficiency and costs of ongoing compliance. Parson Consulting recommends that organizations re-evaluate their compliance programs from the following four perspectives: Ongoing compliance, Remediation prioritization, Process improvements, and Operational structures and efficiency. This article provides a high-level overview of each of these areas. Upcoming issues of Knowledge@Work will discuss each perspective in greater detail.

Sarbanes-Oxley Compliance: Meeting Short-Term Goals and Delivering Long-Term Value

Tell us what you think. (0) comments.
Send to a friend:   

Audit fees double in US

Audit fees from US clients to the Big Four accounting firms have doubled because of work prompted by Sarbanes-Oxley, a new survey claims.

Section 404 on internal controls helped PricewaterhouseCoopers increase its audit revenues by a massive 134%, said the survey. KPMG experienced 109% growth, Ernst & Young, 96% growth, while Deloitte, propping up the pack, still managed a whopping 78% growth in audit fees.

Audit fees double in US

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, February 08, 2005

Bally report blames former CEO and CFO for errors

Bally Total Fitness said Tuesday that its audit committee found that former chief executive Lee Hillman and former chief financial officer John Dwyer were responsible for the company's previously disclosed accounting errors going back to 2000 and for creating a "culture of aggressive accounting."

The gym chain also fired two executives still working for the company - vice president and controller Ted Noncek and treasurer Geoff Scheitlin - who it said acted improperly in relation to the accounting. Bally stopped severance payments to Hillman and Dwyer.

Meanwhile, the company named David S. Reynolds as its new controller. Most recently, he was senior vice president and controller of Comdisco Inc.

Bally said Hillman and Dwyer were responsible for multiple accounting errors between 2000 and the first quarter of 2004 and encouraged aggressive accounting within the accounting and finance groups. The other two executives also acted improperly, Bally said. Hillman left Bally in 2002 and Dwyer left the company in 2004.

Bally report blames former CEO and CFO for errors

Tell us what you think. (0) comments.
Send to a friend:   

After Sarbanes-Oxley, XBRL

Financial execs may not appreciate it yet, but this new data-tagging system should speed the flow of info and create new ways to analyze it. On Feb. 3, financial reporting took a giant step into the future with the Securities & Exchange Commission's announcement that it's ready to start accepting corporate financial reports that have been tagged with newly developed software code known as XBRL.

That jumble of letters stands for Extensible Business Reporting Language. Software developers will easily grasp that it's a kind of XML (Extensible Markup Language), in this case tailored for business reporting. But to most financial professionals, XBRL represents a confusing new intersection of high tech and finance that they aren't quite ready to embrace.

For the uninitiated, the easiest way to understand XBRL's purpose is by comparing it to the humble bar code, which can track a can of soup from the manufacturing plant through the point of sale. Similarly, XBRL tags financial information so it, too, can be tracked, from the first interactions with vendors, to reports submitted to various operating divisions within a company, and finally to become part of a consolidated earnings release. "XBRL will really facilitate the flow of business information" from public companies to analysts and regulators, says Mike Willis, a partner at PricewaterhouseCoopers and one of the programming language's architects.

After Sarbanes-Oxley, XBRL

Tell us what you think. (0) comments.
Send to a friend:   

Yielding opportunities: Sarbanes-Oxley drives some away, but opens doors for up-and-comers

With the 2002 passing of the Sarbanes- Oxley Act, a corporate finance reform bill approved by Congress in the wake of Enron and WorldCom scandals, public companies now have more stringent financial and auditing rules.

For example, if an outside accounting firm keeps Company X's books, that firm can no longer audit Company X; a second accounting firm would need to do the audit. Accountants and auditors also have more regulations to follow. These factors have increased the demand for both accountants and auditors at most firms.

Sarbanes-Oxley also increased the amount of internal financial paperwork for public companies, which has caused many to increase the size of their financial staffs.

In addition to the extra workload, accountants and auditors are under increased pressure to get it right and to find any possible mistakes, misconduct and miscalculations -- and then to personally certify that the forms are correct.

Yielding opportunities: Sarbanes-Oxley drives some away, but opens doors for up-and-comers

Tell us what you think. (0) comments.
Send to a friend:   

WorldCom Ex-CFO, Key to Ebbers Trial, Begins Testimony

Scott Sullivan, the former chief financial officer of WorldCom and the star prosecution witness in the trial of WorldCom's former CEO, Bernard Ebbers, began testifying yesterday. The fireworks — the heart of the government's case — are still to come.

Rarely has one witness meant so much to the prosecution in a complex white-collar trial.

Mr. Ebbers, 63, is charged with multiple counts of securities fraud and related crimes for his alleged part in WorldCom's $11 billion accounting scandal, which pushed the former telecom giant into bankruptcy in 2002. WorldCom emerged from bankruptcy last April under its former name, MCI, after shedding billions in debt.

Halfway through the trial before Southern District Judge Barbara Jones, there seems to be little doubt that WorldCom was the scene of massive understating of operating expenses and inflating of revenues to match growing investor expectations as the telecommunications market was in a precipitous decline.

The question before jurors is: Who was behind the misdeeds?

WorldCom Ex-CFO, Key to Ebbers Trial, Begins Testimony

Tell us what you think. (0) comments.
Send to a friend:   

SEC in Sarbanes-Oxley move

US regulators on Monday unveiled a wide-ranging consultation with companies and their auditors about the most complex and expensive provisions in the Sarbanes-Oxley accounting and governance legislation.

The Securities and Exchange Commission said it would hold a round table discussion on the first year of section 404 of Sarbanes-Oxley, which requires companies and their auditors to report on internal controls that should detect fraud and ensure sound financial reporting.

The round table, scheduled for April, follows widespread corporate concern about the soaring costs associated with section 404. Investors will also be asked to take part in the meeting.

William Donaldson, SEC chairman, said the regulator was considering whether to extend the deadline under which smaller US public companies will have to comply with section 404.

Last month he said that he had asked SEC staff to look at the case for giving foreign companies more time to comply.

SEC in Sarbanes-Oxley move

Tell us what you think. (0) comments.
Send to a friend:   

Monday, February 07, 2005

On Sox

Larry Brown was one of the "lucky" CIOs who had a Dec. 31, 2004, Sarbanes-Oxley (a.k.a. Sox) deadline. Thinking back on the long road to the deadline, the vice president and CIO of Arch Coal shares some of the lessons he learned along the way.

If your year-end is not until April 2005, he strongly suggests asking your already audited peers for additional advice. He also advises asking your external audit firm to discuss the major risk areas it focused on for calendar-year-end 2004 audits. Learning from those who have already been there will help prepare you for the upcoming deadline, year two of Sox and beyond.

On Sox

Tell us what you think. (0) comments.
Send to a friend:   

Honeymoon over, exec refused to sign report

Court testimony Friday showed the fraud at HealthSouth Corp. unraveled when a newly married executive returned from his honeymoon and said he could no longer live a life of deception.

Weston Smith, the company's chief financial officer at the time, said in August 2002 he would quit rather than certify financial statements he knew were false, ex-HealthSouth executive Bill Owens testified at the Richard Scrushy fraud trial.

Smith had good reason not to sign the documents. When he returned from celebrating his marriage, the financial statements requiring his signature were the first bound by the Sarbanes-Oxley Act, which increased criminal penalties on dishonest executives.

Honeymoon over, exec refused to sign report

Tell us what you think. (0) comments.
Send to a friend:   

Sorry, the Auditor Said, but We Want a Divorce

Howard Root, chief executive of Vascular Solutions, got a jolt in September as he was preparing his company for a routine examination by Ernst & Young, the Big Four firm that had been its auditor since it was founded in 1997. Without warning, and less than three months before Vascular's annual report was due at the Securities and Exchange Commission, Ernst & Young quit.

But why? Mr. Root said that there were no financial improprieties or deteriorating prospects at Vascular Solutions, a medical devices maker based in Minneapolis. In fact, he said, the company had just reported record sales and shrinking losses. The company had no disagreements with Ernst & Young, he said.

Rather, Mr. Root said, Ernst & Young told him that it didn't have enough people to handle the mountain of extra work created by the Sarbanes-Oxley corporate watchdog act - especially for smaller clients like Vascular Solutions, which had net sales of around $20 million last year. The Sarbanes-Oxley law, passed in 2002, tightens accounting procedures and imposes new reporting rules on publicly traded companies and their outside auditors.

The timing of Ernst & Young's resignation was like "being served with divorce papers with no notice," Mr. Root said. "If you're going to get dropped," he added, "it's usually for the next year's work." A spokesman for Ernst & Young declined to comment.

Sorry, the Auditor Said, but We Want a Divorce

Tell us what you think. (0) comments.
Send to a friend:   

IT Resources Being Poured Into Sarbanes-Oxley Compliance: Survey

Eighty-three percent of surveyed companies are deploying or evaluating new systems to automate financial processes in a bid to comply.


Companies are devoting large chunks of personnel and technology resources to complying with the Sarbanes-Oxley Act's section 404, according to a survey of CFOs, controllers, and compliance leaders by IDC and RevenueRecognition.com. Section 404 requires companies to document and test internal controls over financial reporting, and to attest to the effectiveness of internal controls in annual reports.

IT Resources Being Poured Into Sarbanes-Oxley Compliance: Survey

Tell us what you think. (0) comments.
Send to a friend:   

Friday, February 04, 2005

Digital Life Cycle Management

If these operational and security issues were not enough, there is now a third challenge, which is arguably more compelling than the first two: legal and regulatory compliance. The enactment of numerous regulations, including Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA), is placing a significant strain on business, IT, and auditing resources across the enterprise. Compliance with these regulations demands that controls be defined and enforced to protect the integrity, privacy, and confidentiality of systems and data. In the context of identity management, this requires that an organization be able to provide a full accounting of each user's activity. At a minimum, this means knowing who has access to which resource, and then tracking when each user accessed each resource.

This class of business problem relates to accurately and cost-effectively collecting and processing data about users' access and activity on IT applications.

Digital Life Cycle Management

Tell us what you think. (0) comments.
Send to a friend:   

Scrushy jury sees video of HealthSouth CEO

Jurors at Richard Scrushy's trial watched video of the former HealthSouth CEO exhorting and warning hundreds of employees at a 1998 meeting as another former top executive was indicted in what prosecutors describe as a huge fraud at the corporation.

In a DVD recording played Thursday on a big screen near the witness stand, a fast-talking Scrushy discussed management's "incredible control" of the rehabilitation chain and his own close watch over the company's finances and expenses.

"With the new budget team we have we are so tight," Scrushy said in the meeting, held in Orlando, Fla., for managers of hundreds of medical centers operated by HealthSouth nationwide. Prosecutors say HealthSouth's books were awash that year in more than $600 million worth of fraud ordered by Scrushy.

As testimony in his criminal trial continued, prosecutors announced that former HealthSouth president and director James P. Bennett had been indicted in the fraud, which prosecutors say overstated earnings by about $2.7 billion from 1996 to 2002.

Scrushy jury sees video of HealthSouth CEO

Tell us what you think. (0) comments.
Send to a friend:   

Lessons learned from Sarbanes-Oxley testing

In an incredible delivery point this year, my team came through. Recently, at an office get-together, we had the opportunity to catch up on the year and some of the Sarbanes-Oxley Act initiatives that we will never forget.
We laughed about the late nights in the data center auditing the systems administrators, flying across the country to place boot-time passwords on critical systems and just making the best of a government mandate when there seemed to be so little information out there for interpreting this topic.

It became evident that the lessons learned from 2004's Sarbanes-Oxley initiatives could be broken down into three areas: clarity, planning and a repeatable process.

It was critical early on that we needed to be clear on which systems were to be included in the Sarbanes-Oxley audit. While we used a Big Four accounting firm as a trusted adviser, the scope (the systems to be included in the compliance audit) was best defined by the internal data protection manager and a third-party organization that helped us prepare for our Sarbanes-Oxley testing. It was a powerful advantage that the definition of systems as being in scope and identified for testing was a combined effort of our IT audit company, the internal operations teams and the accounting team.

Lessons learned from Sarbanes-Oxley testing

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, February 03, 2005

CIO Online Quick Poll: Should Sarbanes-Oxley be repealed

Should Sarbanes-Oxley be repealed? Tell us what you think in our
truly quick, and anonymous, poll. Cast your vote and see how your colleagues are responding.

CIO Online Quick Poll: Should Sarbanes-Oxley be repealed

Tell us what you think. (0) comments.
Send to a friend:   

DE-CODER: Sarbox gives security a nudge

Business usually recoils at government meddling, but federal laws and regulations, especially the Sarbanes-Oxley Act, may actually be helping information security efforts. Sarbanes-Oxley was enacted in 2002 to curb corporate wrongdoing in the wake of a number of business scandals. Today, it appears to be paying dividends for information security practices.

Sarbanes-Oxley is a top-of-mind issue for information security experts. For instance, a survey by security vendor RedSiren found two-thirds of computer security professionals believe compliance with Sarbox and other fed regs has made their networks more secure, even though 62 percent of the more than the 300 surveyed say they’re spending more time complying with those regulations.

Little wonder, then, that experts predict a rise in security spending this year. They also predict security attacks over the Internet will also increase.

DE-CODER: Sarbox gives security a nudge

Tell us what you think. (0) comments.
Send to a friend:   

Law Firm Launches SOX Study

National law firm Foley & Lardner LLP has launched its third annual study measuring the cost of corporate governance reforms on public companies as well as on both private and nonprofit organizations. The surveys associated with this latest incarnation of the study are now available online at www.foley.com/2005surveys for executives to complete by Friday, February 18, 2005.

"As companies continue to feel the bottom-line effects of Sarbanes-Oxley and other reforms, this survey is a great opportunity for executives to have their voices heard in the corporate governance discussion," said Tom Hartman, Study Director and Partner with Foley & Lardner. "This is even more timely with the announcement last month that the SEC is creating a committee to examine the impact Sarbanes-Oxley is having on smaller public companies."

This year's survey asks public company executives to comment on the increased costs associated with Sarbanes-Oxley and other SEC and SRO governance requirements, including audit fees, director fees and costs associated with Section 404. For private and nonprofit companies, the survey will ask executives about the increase in costs due to market- and self-imposed governance requirements.

The results of the 2005 private and nonprofit company survey will be announced March 10 at Foley & Lardner's National Directors Institute in Chicago, while the public company results will be announced in May.

Law Firm Launches SOX Study

Tell us what you think. (0) comments.
Send to a friend:   

Sarbox Not the Only Compliance Challenge

Many firms can reap long-term gains by re-designing and streamlining business processes at the same time as rolling out compliance programs, says AMR Research analyst John Hagerty. He recommends using enterprise performance management applications and techniques, and establishing a primary focus on Enterprise software makers and the companies they serve have done much gnashing of teeth in the last year over meeting the requirements of the Sarbanes-Oxley Act (Sarbox). But Sarbox is only one of many regulatory challenges that organizations are struggling to meet, AMR Research's John Hagerty stresses.

In 2005, U.S. enterprises intend to spend US$15.5 billion on compliance efforts, according to AMR. Only about 40 percent of that total, though, will go toward meeting Sarbox requirements.

Sarbox Not the Only Compliance Challenge

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, February 02, 2005

Transparency Trumps

Data accessibility is a key component of Section 409 of the Sarbanes-Oxley Act, which calls for "real-time disclosures" on material changes to an organization's financial condition. "We fundamentally believe this is a huge systems problem," says John Parkinson, senior vice president and chief technology officer for the Americas at Capgemini. "Everyone is going to have to get much more transactional and get away from this idea that I can store stuff up all week and process it Sunday night."

New regulations are also requiring that organizations provide auditable, transparent systems controls, and that requirement is affecting how systems architectures are being approached and revised. "Clearly, when you looked at [systems] requirements in the past, they were around performance, function and scalability," says Martin Colburn, CIO at the National Association of Securities Dealers Inc. in Washington.

But now more is required.

Transparency Trumps

Tell us what you think. (0) comments.
Send to a friend:   

Coping with Compliance

The problem with much of what you read is that you no longer know just what to believe. If, like me, you occasionally visit the website which happens to be offering the latest and greatest gadget to improve your life, you understand the problem.

I recently bought this wonderful gadget that you plug into the cigarette lighter in your car, and with a standard USB token you now have an instant MP3 player that works with your car radio. Sounded great, promised to solve all my problems. Unfortunately, the reality is not quite what I had hoped for! Maybe if I'm in the middle of the Antarctic it just might work brilliantly, but right in the heart of Western Europe, the results are less than ideal.

Now you may wonder what an MP3 player has to do with IT security. Well actually quite a lot. The product I foolishly wasted my money on promised to solve my entertainment implementation problems, and much of what we see in IT security is often promoted in the same way. It seems as if every vendor has the panacea for all IT security problems.

There Are No Silver Bullets

Coping with Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Operational Risk Management

There is a quiet revolution underway inside board rooms and executive management suites; principles of accountability, transparency and improved financial performance are being translated into demands to quantify and measure as much operational activity as possible and to correlate that activity to the business plan. The larger and more complex the businesses are, the greater the sense of urgency (or even anxiety). Operational mandates are being handed down to better plan activities across the business, ensure proper measurement of those activities and to have the mechanisms in place to appropriately adjust targeted activities to yield better business outcomes - higher revenue and lower costs all within a defined level of risk.

There are two conflicting drivers of this revolution (with the foundation, as always, being the normal demands of the capital markets to deploy capital most efficiently and with the highest return at the lowest defined risk). The first is globalization and the free flow of capital to lower cost countries. The second is enhanced demands by the capital markets for transparency and for better measurement of a business' risk versus other outlets for that capital.

Operational Risk Management

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, February 01, 2005

The Sarb-Ox Shift

When Sen. Paul S. Sarbanes (D-Md.) and Rep. Michael Oxley (R-Ohio) crafted legislation in 2002 aimed at strengthening corporate governance and restoring investor confidence, little could they have known that the new law would help trigger a recasting of the CIO's role and the responsibilities of corporate IT departments across the U.S.

And it isn't just the Sarbanes-Oxley Act of 2002 that's contributing to the shift in the CIO's role. There are roughly 150 corporate governance regulations that companies have to adhere to worldwide, according to George Westerman, a research scientist in the Center for Information Systems Research at the MIT Sloan School of Management.

As a result, CIOs and IT departments have become integral to corporate compliance efforts, and their visibility within the organization has risen to new heights. Still, their increased stature may diminish once IT-related compliance requirements are under control.

Many believe that the evolving regulatory landscape has helped raise CIOs' visibility within their organizations. Sarbanes-Oxley compliance alone "is making people understand what is under the covers and how complex IT really is," says Dennis Fishback, senior vice president and CIO at Calpine Corp., a San Jose-based energy company. For example, Calpine's accounting group conducted 450 tests for its Sarbanes-Oxley Section 404 readiness efforts. In comparison, the company's IT department had to conduct thousands of tests to ensure its readiness, says Fishback.

The Sarb-Ox Shift

Tell us what you think. (0) comments.
Send to a friend:   

Looking for Gaps

When last we looked at the Overtime Guarantee Act known as Sarbanes-Oxley (see "Sarboxing," February 2004), finance managers were busy tapping out distress signals from Documentation Hill. At the time, the compliance deadline for Section 404 of the act was fast approaching. While Section 302 had garnered most of the media's attention, 404 was proving to be the real compliance bear. Among other things, it requires companies to identify key business processes, the controls overriding the processes, and any vulnerabilities in the controls overriding the processes. Summarizing the 404 project at Public Service Co. of New Mexico, Carl Seider, analysis programming lead at the Albuquerque-based utility, says: "It was like, 'OK, stop the world while we take care of this.' "

Instead, officials at the Securities and Exchange Commission stopped the clock, repeatedly pushing back the drop-dead date for implementing Section 404. That gave most accelerated filers a reprieve in 2004, but the deadline is once again looming for most companies (March 15 for dozens of large companies; April 15 for scores of smaller ones). And many finance managers say they will not willingly spend another year in compliance purgatory.

That's understandable. Preparations for 404 have exacted a heavy price. Software maker Micros Systems Inc., for one, has spent roughly $4 million in the past two years on its compliance program for Section 404. And the Columbia, Maryland-based company, with revenues of $487 million, hardly qualifies as a corporate giant. "We've spent an enormous amount of money," says controller Cynthia Russo. "More than we had planned."

Looking for Gaps

Tell us what you think. (0) comments.
Send to a friend:   

Compliance Drives Big Spending

The next five years are going to see over $80 billion worth of e-business spending related to regulatory compliance, according to new research from AMR.

This was predictable, as companies have taken the past several quarters to get ready for Sarbanes-Oxley (SOX) and other initiatives on a process level and are now ready to layer in the technology. What's more interesting is that SOX is just one of many regulatory initiatives driving spending.

Looking at 2005, AMR sees 40 percent of the spending ($15.5 billion) going to SOX, 24 percent going to HIPAA, 15 percent to SEC and FDA regulations, and 21 percent to "other," a category that includes Basel II. The years 2006-2009 will see another $65 billion or so in compliance-related spending.

Compliance Drives Big Spending

Tell us what you think. (0) comments.
Send to a friend: