Wednesday, November 29, 2006
Unless you're a corporate tool or a corporate lawyer or a public accountant, you probably don't give a fig about the Sarbanes-Oxley law. Too bad, because aspects of it are gumming up the American economy and hurting the competitiveness of our capital markets.
Not only does compliance with the new law impose large costs in dollars and management time, but it is promoting an atmosphere of caution, conservativism and even decisional paralysis in what has long been the Western world's most dynamic economy. SarbOx promotes "analysis paralysis" by various means, including by forcing corporate executives to think in a way that is, frankly, alien to American business culture and legal practice. It does this by criminalizing the filing of financial statements that are subsequently found not to adhere to "generally accepted accounting standards." SarbOx, in effect, turns GAAP into a criminal statute, and every one of the thousands of management judgments that have to be made to prepare financial statements in accordance with GAAP are now at risk to be challenged by regulators and prosecutors after the fact.
Now, the criminalization of GAAP is not a genuinely new development. All the various Enron-era prosecutions were sustained under pre-SarbOx statutes (which invites the question, why did we need SarbOx?, but that's not the point of the post). The new risk arises from the deliberate insertion of ambiguity into the liability standard. It is not sufficient merely to read the words of GAAP and the various guidance documents and apply them. One must divine the intention of those words, which as any lawyer knows is far easier said than done.
The practical difficulty of this has bothered me for a long time, but it hit me over the head this morning while I was reviewing the web-based compliance training that we require of our employees in "control positions". Here's a single bolded line from the compliance program, which is part of a canned module that is given to thousands of employees in hundreds of public companies around the United States: "No longer can companies follow only the letter of accounting rules -- they must also follow the spirit of the rules or face strict penalties."
Got that? Executives of American public companies now face strict penalties unless they follow the spirit of GAAP.
Naturally, I have a question.
If it is sufficiently possible to divine the spirit of complex regulations spanning more than 1000 pages of tiny text that it is fair to punish people who fail in that divination, why do we need judges and courts? Let's just have lawyers and their clients comply with the spirit of the law and the rules of evidence and procedure. Once litigants have agreed on the spiritual purpose of the legal point over which they differ, surely they will agree on everything else.
My take on the "spirit" is that it does not want me providing excessive detail which conflicts with the business methods by which we track project status. It forces me to keep it simple since we have a "one size fits all" template for reporting $20B in sales of all kinds of things.
No matter how the template changes over time, it can never adequately cover all of the business methods we have. Trying to make it fit just causes an do-loop which takes up more and more time to correct.
It does this by criminalizing the filing of financial statements that are subsequently found not to adhere to "generally accepted accounting standards."
I don't know. If I file tax returns that contain false information I've broken the law. It seems to me you're arguing the parade of horribles. If it's inconvenient for corporations and their executives to suffer the constraints of truth, that inconvenience might be worth the confidence investors have in their financial statements post Enron.
I admit that I come at SarbOx from the point of view of an investor, not a corporation. My understanding of the spirit of GAAP is the honest disclosure of a company's financial activities to the shareholders, debt holders, and the public. A lot of activity at Enron (one of many examples) was dedicated to finding gaps in GAAP to hide their debt, to misrepresent the company's condition. What they did technically complied with GAAP but was conspiracy to commit fraud in its execution.
As an investor, I suspect the reference to spirit is simply the caution, "try to be honest."
Your interpretation of the intent of the spirit clause may be accurate. I doubt that lawmakers intended to make it so hard to comply. On the other hand, I doubt that any lawmakers actually, you know, read the statute in its entirety.
Either way, the "try to be honest" guidance won't amount to much next time a company goes under and a political government attorney goes after the firm for not abiding by the spirit of GAAP...
Now that the egregiously bad guys have been put in jail for a very, very long time - won't their examples serve enough of a deterrent so that we can relax the standards of SarbOx and make them more realistic. I cannot imagine Bernie Ebbers, Dennis Kuzlowski, Jeff Skilling or Mark Schwartz think that the millions they made is worth going to jail for the rest of their lives was worth it. I can only envision those people of suspect character thinking long and hard before they signed a document they know is false now knowing that they will do real time in the Federal Pen. Especially now the way that every number of a publicly held company is scrutinized as much as it is that it would only be a matter of time before the truth is revealed.
Pudentilla: The difference between your example and the SarbOx standard is that in the first you have broken the law by providing false information in your tax return. With SarbOx and GAAP, you have to apply to your particular situation vague rules that were written by committees of accountants and often were written for wildly different fact sets and you often have little or no guidance as to what the "correct" application might be. As often as not, you find that the "consensus" opinion of the mandarins in the NATIONAL OFFICE of your audit firm results in disclosure that is arguably less accurate regarding the company's true financial condition than an alternate position. You now are in a situation in which you can choose to challenge your auditor, but if you do so, there might be a "disagreement" (which believe me is like handing a "please sue me" request to the plaintiffs' bar). On the other hand, if you follow your auditor's advice and are later found to have applied the rule incorrectly, you remain liable and have no recourse against the audit firm, unless they are found to have been negligent - which is almost never going to be the case. As a former Nasdaq-listed company general counsel, I can assure you that we often spent days with bastions of lawyers and accountants discussing issues of revenue recognition for complex contracts and similar issues, with the result often being - "here's what we think the answer is that complies with the rules . . . we know it doesn't make sense, but that's what the rules say." And then they'd say, "but it's your decision, they are your financial statements." Thank you very much. I'm so glad that I'm now paying you two to three times the fees I did before SarbOx. You weasels. That kind of frustration, along with the attendant personal liability, is why I am now "Exlawyer."
Lest anyone think that SarbOx only pertains to large, publicly held companies I've now helped two of my small business clients successfully through its labyrinths. They were both forced to adhere to its provisions by their Fortune 1000 customers (who were required to do so so they in turn could be in compliance).
Has there ever been a larger unfunded mandate than SarbOx?
Thanks TH. Howard, part of the problem is that SarbOx provides for liability even if the executive didn't know that the information was false. One of the two certifications of the financial statements is made without regard to knowledge (the Section 906 certification). The CEO and the CFO certify that the filings "fully comply" with the applicable requirements of the Securities Exchange Act and that "the information contained in the report fairly presents, in all material respects, the financial condition and results of operations of the Company." If that proves to be untrue, those officers are criminally liable, irrespective of knowledge (though that has not to my knowledge been litigated yet). Further, under SarbOx, if a restatement of financial statements occurs and it is found to have resulted from fraud - irrespective of who committed the fraud and irrespective of whether there was involvement in or even knowledge of the fraud, the CEO and the CFO are liable for the return of all incentive compensation received during the period of the fraud. Again, I'm unaware of this provision having been used yet. Nonetheless, the existence of these provisions influences the behavior of executives well beyond the intentions of the drafters. When a sales manager in one of your subsidiaries who is five management levels below you and who you've never met can put all of your incentive comp at risk, or worse yet, put you in jail or subject you to other criminal penalties by artificially boosting sales through unreported incentives or allowances, you very quickly clamp down on everyone's authority and create a culture of "no risk." That's a long way from preventing greedy CEOs from committing fraud. I'd also argue that bad guys are bad guys. They rarely examine the ramifications of their crimes before committing them or, if they do, they discount them. Like Skilling and Fastow, they are the smartest guys in the room. Nobody will ever get them.
Amen, I led SOX compliance for a public company in my last job. Any company with decent internal controls is just dragged down by it. SOX basically doubled the backend securities requirements, and made the proxy and 10-K even less readable.
Um, exlawyer let me see if I get this right. I run a company. One of my employees steals from the company and cooks the books to cover it. When we eventually track him down and balance the books, I can get thrown in jail for his crime AND be forced to pay back his booty with my own money.
The incentive for me to tell the Government about the initial crime is what?
And if the crooked employee turns states evidence, he can go free while I go to jail and be forced to pay back his theft?
This is nuts, even for US Law. We should throw out every one of the bums who voted for this hunk of junk.
Technically, that could happen, though as I said, I do not believe either of those provisions has been used yet, nor have they been subjected to challenge. Their primary use is as a hammer to "encourage" management to see things the SEC's way. It's the chilling effect on ordinary business that is the problem. In your scenario, covering up the prior act would violate several other provisions of SarbOx, along with other laws, that definitely would be used.
And if you want to throw every one of the bums out, you'll be busy. SarbOx passed the Senate 99-0 and the House 423-3. Nobody could vote against it in the immediate post Enron environment. It didn't matter what it contained.
Don't list/delist, on US exchanges.
List in London, - AIM, or Footsie.
Now I'll duck the comments.
BUT check out the cost differences, and the number of new international companies listing in London vs US since the SarbOx madness.
The US is losing hundreds.
Better still, if you are a company that can trade anywhere on the globe, or easily move Head office/back office funtions, you may like to consider residence
on the Isle of Man and a London listing, as above.
Geez, I'll get my thoughts assembled someday soon.
Another advantage is that there is No corporation tax, No capital gains tax, and No inheritance tax. Gee Whizzzz
Interest on mortgage payments is tax deductable, as is interest on most other loan/finance payments.
A severe saving on Weasel and been counter costs then.
TH, you're a legal eagle, try this.
Is there a case for class action shareholder activities to force a listed company to relocate to a more tax friendly regime, where the tax savings more than offset the costs of relocation/ongoing funtioning in the new location?? ie, greater EPS.
The Isle of Man is fully compliant with all OECD rules on Financial services, banking legislation, etc.
Several US/Canadian operating Cos have HQ there, and are listed on London.
A half-hearted defense of Sarbanes-Oxley can be found here (from the Weekly Standard, of all places). I don't presume to know more than the commenters here or the author of the linked article, but I just want to address one other point: Sarbanes-Oxley sought to address the culture of plausible deniability that permeated many corporations, with Enron leading the way. In other words, executives might demand certain results (that might nicely dovetail with options packages they had) without wanting to know how those results were obtained.
And don't forget other salutary parts of Sarbanes-Oxley, like eliminating the conflict behind accounting firms acting as ostensible watchdogs to firms at the same time they were trying to get as much consulting business as possible from them, for example.
honest partisan -
Some of the SarbOx law was cheap to implement and made a lot of sense. The anti-conflict rules, for example. Most of the legislation, though, was a reaction to a problem that was dealt with adequately by existing law. Remember, all those guys who went to jail, including the Enron executives, were prosecuted under pre-SarbOx legislation.
SarbOx was designed to elevate liability for failing to adhere to the prescribed process of constructing financial statements to the same level as liability for actually false or fraudulent financials. So under SarbOx it is possible to be prosecuted for filing totally accurate financials that are nonetheless pursuant to an inadequate process. So what do we have? A staggering amount of management time being devoted to process. Anybody who has sat through a board meeting in the last couple of years knows that sheer procedure consumes a huge amount of the total time. Virtually everybody who actually contends with corporate governance (as opposed to academics and government theoreticians) knows that substantive business gets far less attention today than it did a few years ago because the procedural burdens crowd out the part about building a good company. Good directors are quitting right and left just because they are bored to death, and they are being replaced with retired accountants and lawyers who have a professional interest in procedure. It really is cumulatively terrible.
Another point of view is that the time and cost of complying with SOX is a smaller price to pay than the costs of investors losing confidence in the market.
Give me a break, if you have a employee stealing from the company and you have to restate your earnings because of this, you are not overseeing your company. You don't have the right controls. Why should your investors pay for your bad management?
The deck is totally stacked against the average investor, and people are upset that what they tell investors have to be true? Give me a break.
I'm a Business Intelligence architect. I design and build financial reporting systems. Everything I know about SarbOX compliance, when it comes to the technical end of the business, makes perfect sense.
One of the most common complaints that we get in dealing with these systems is that the financial staffs now have to agree what their charts of accounts look like before they actually put them into the system. In the enterprise software business, this is called the 'master data problem' and it's making guys like me rich, but slowly because of foot dragging and intransigence.
What does this mean in the real world? It means that department 1000 can no longer be called 'Joes Department' and a formal approval has to come from the finance organization before people start booking ledger entries to 'Joe'. That Joe in Marketing can't use 1002, if Sam in Sales got there first. That you can't say account 40000-001 is Cash when you use it for Joe but Reserves when you use it for Sam.
It basically means that corporations are going to have to stop running their books in Excel, and if you think that they're not, you have absolutely no idea.
I just recently built a system for a large multinational corp that is not an American company and therefore needn't be SarbOx compliant. They have 4 different ledger codes, and use combinations of these ledger codes to be GAAP or IAS or Canadian GAAP compliant. They have a Global chart of accounts and Regional Charts of accounts. They have intercompany, multi currency transfers that you wouldn't believe.
I'm telling you as somebody who has been into the guts of dozens of corporate accounting, planning and reporting systems that the spaghetti is a mile deep.
I want you to think about this for a moment. I would estimate, having had over 20 years on this business, that only 15% of American corporations can retrieve their own publicly stated revenue reports from their own internal systems as fast as you can get them from Yahoo.
It's not that they can't handle the truth. Most don't even know where to find it.
sixoseven, most can't produce their financials quickly, but investors should invest in these companies?
Companies automated quite a bit of this to comply, but they never took a look at their process of doing business. They never did the change management. They don't follow their own process maps. They all put in BPM, but they didn't document, map and improve their process. Its not a technology thing, its a people thing. Dealing with change management is hard, painful and time consuming. Companies that think technology is the silver bullet is just nuts.
You're absolutely right. It is a fundamental management problem not to have a clean process, and all of this is exposed when it comes to applying the proper technology. Companies that are too lazy to do it right, buy tech, outsource the tech and build no functional competency in their organizations. I should have been clearer. I'm a Demming man from Xerox and in my career I've been involved with ISO 9000 certs as well as Baldridge submissions so I definitely understand process is key. So I think that the penalties of SarbOx are a genuine motivator - I lose patience with organizations that are resistant to common sense change.
ExLawyer hit the nail on the head. For many companies, the hot issue is revenue recognition. A few years back, the SEC stepped in to define how it should work, of course under the "spirit" of GAAP. The examples, as you pointed out, are vague, apply in very limited situations, and are virtually useless. Interpretations of their Staff Accounting Bulletin (SAB101) and subsequent revisions, present a clear as mud interpretation of what one should do. It's so poorly done, that the FASB has it on their plate to address revenue recognition this Spring. That will undoubtedly add another useless, seldom applicable set of guidelines to the body of "authoritative literature".
As for ENRON, I have it from a reliable source who worked for them thru Andersen Consulting that they knew 100% that they were materially assisted in willful representation (AKA Fraud). It came down to the fees and someone's risk assessment.