Sarbanes-Oxley is going to process my company out of business

[Dewey_Cheatem_Undhow]

dropzone:

No, you only said that it was a good thing for the accounting firms in the short term because they get to bill more hours.

Keep reading. Don’t stop at the first clause of the first sentence of the second paragraph.

You did not get into how it’s their bloody job to keep up with the ways companies play with numbers, that if they had been doing their jobs Endrun et al would not have gotten away with it as long as they did, and that if they are caught up not doing what they were hired for (verifying numbers), what the accounting profession was created for (tracking numbers), and why they are allowed a large bit of self-regulation (investors are supposed to be able to trust the auditors) they deserve whatever bad may befall them.

1. The AA accountants on Enron failed to meet even pre-SOX auditing standards (most notably, they allowed local partners to override the objections of their opinion review committee, something no other Big 4 accounting firm allows). Mentioning them isn’t really relevant to the additional burdens and risks created by SOX.

2. You are sadly mistaken as to what an audit is supposed to provide. An audit is not an absolute guarantee that the numbers are correct. A “clean” audit only means that the risk of misstatement is tolerable and that the numbers are fairly presented in accordance with generally accepted accounting principles.

3. For more, see the expectations gap. (an Aussie site, but the issues it talks about are true in the US as well).

4. The simple fact is, there is no such thing as a perfectly designed audit that will catch any and all instances of fraud. And there is no such thing as a fraud-proof set of accounting controls. Saying the accounting profession “deserves what they get” is like saying the police department should be sued for failing to stamp out muggings.

Full disclosure: Ms. Undhow is a Big 4 auditor; my undergraduate degree was in accounting. And while you may take that as a source of bias on my part, you shouldn’t. My wife is vocal about the shortcomings of her profession. But she also has a lot of insight into the limits of audit procedures, limits that the backlash from corporate scandal has woefully failed to take into account.

dropzone:

And this is bad…how? Isn’t the whole POINT of an audit is to make sure adequate accounting controls are in place and to FIND any financial misstatements? It certainly IS NOT to sign off on whatever crap the company’s management hands them. If they can’t do their jobs then good riddance.

Your homework assignment for tonight is to sit down and read an audit opinion. You can find one at the back of the annual financial statements for any publicly-traded company.

Pre-SOX, audits did not include signoff on accounting controls, although as a matter of client service the firms would recommend improvements and as a risk mitigation tool the firms would not take on a client who had clearly inadequate accounting controls. While a good accountant is always skeptical, an audit is not designed to root out fraud.

[dropzone]

Dewey Cheatem Undhow:

Your homework assignment for tonight is to sit down and read an audit opinion.

What makes you think I do my homework?

[MaddyStrut]

scout1222:

Wow. Thank you so much for this, because now when people at my company bitch about how tight we are with expenses (and believe me, we have very low spending authorities) I can bust out this example in a “See? Could be worse!” fashion.

Ay caramba.

Glad I made you smile! The ironic thing is my company really isn’t that tight. I could go to the supply closet any day and take way more than $28 worth of supplies. However, certain expenditures are subject to more scrutiny. A white paper with industry information is classified as research–which is one of those expenditures.

Now, that I think of it, maybe I can make some sort of barter arrangement with the vendor to trade a copy of their white paper for $28 worth of pens…

[dropzone]

…Or white paper! $28 = about ten reams of cheap copier paper, right?

[ParentalAdvisory]

Count me as another who FUCKING HATES these new SOX procedures implemented by our company. And I totally agree that most of what we have to do is completely unnecessary and makes things totally unproductive (our company has adopted the “you need a ticket to wipe your ass, and another to pull up your pants policy”). Creating tickets requires a ticket, which requires a change request, which in then requires a variance #. :rolleyes: What’s amusing is that you can still get away with security violations if you know what you’re doing. I don’t see how any of this is improving anything. I can see the point of SOX, but corporations have gone frantic and haven’t taken the time to understand what is actually required. Protecting finances I understand. But requiring a SOX ticket and a weeks notice to initialize a tape? Fucking stupid.

[TroubleAgain]

E&Y are the ones interpreting SOX for us. And they’re killing us. We are a large corporation, so we did have some darned good change management procedures and some good access request procedures, but it’s getting WAY tighter. Which isn’t a bad thing, but the timeframe this has been crammed into at my company is gordawful. They’ve made major changes to the programming on our mainframe, and we are hosed. And we have E&Y auditors coming on 10/25 and we MUST PASS THIS AUDIT.

[scout1222]

TroubleAgain, I think that’s the thing that’s paining my company as well. See, we need to have our controls in place for the Q3 audit, so that they can verify we’re doing what we need to be doing, so that when the auditors come in at year end they can confidently evaluate our numbers.

So the big push was to get everything done this month. It’s not that it’s not important, it’s just that it’s a lot more work than I think anyone realized.