In addition to the regular reports, public companies must file an 8-K, a form for reporting any major events that can impact the company's financial position. A major event may be the acquisition of another company, the sale of a company or division, bankruptcy, the resignation of directors, or a change in the fiscal year. A public company must report any event that falls under this requirement on the 8-K to the SEC within four days of the event's occurrence. I discuss the rules for SEC Form 8-K in greater detail in Chapter 19.
The rules of the Sarbanes-Oxley Act
All the scandals about public companies that emerged in the early 2000s have made this entire reporting process riskier and more costly for company owners. In 2002, Congress passed a bill called the Sarbanes-Oxley Act to try to correct some of the problems in financial reporting. This bill passed as details emerged about how corporate officials from companies like Enron, MCI, and Tyco hid information from the SEC.
New SEC rules issued after the Sarbanes-Oxley Act passed require CEOs and CFOs to certify financial and other information contained in their quarterly and annual reports. They must certify that
They've established, maintained, and regularly evaluated effective disclosure controls and procedures.
They've made disclosures to the auditors and audit committee of the board of directors about internal controls.
They've included information in the quarterly and annual reports about their evaluation of the controls in place, as well as about any significant changes in their internal controls or any other factors that could significantly affect controls after the initial evaluation.
If a CEO or CFO certifies this information and that information later proves to be false, they can end up facing criminal charges. Since the passage of the Sarbanes-Oxley Act, companies have delayed releasing financial reports if the CEO or CFO has any questions rather than risk charges. You'll probably hear more about delays in reporting as CEOs and CFOs become more reluctant to sign off on financial reports that may have questionable information. Shareholders often panic when they hear about a delay, and stock prices drop.
The Sarbanes-Oxley Act has added significant costs to the entire process of completing financial reports, affecting the following components:
Documentation: Companies must document and develop policies and procedures relating to their internal controls over financial reporting. Although an outside accounting firm can assist with the documentation process, managers must be actively involved in the process of assessing internal controls — they can't delegate this responsibility to an external firm.
Audit fees: Independent audit firms now look a lot more closely at financial statements and internal controls in place over financial reporting, and the SEC's Public Company Accounting Oversight Board (PCAOB) now regulates the accounting profession. The PCAOB inspects accounting firms to be sure they're in compliance with the Sarbanes-Oxley Act and SEC rules.
Legal fees: Because companies need lawyers to help them comply with the new provisions of the Sarbanes-Oxley Act, their legal expenses are increasing.
Information technology: Complying with the Sarbanes-Oxley Act requires both hardware and software upgrades to meet the internal control requirements and the speedier reporting requirements.
Boards of directors: Most companies must restructure their board of directors and audit committees to meet the Sarbanes-Oxley Act's requirements, ensuring that independent board members control key audit decisions. The structure and operation of nominating and compensation committees must eliminate even the appearance of conflicts of interest. Companies must make provisions to give shareholders direct input in corporate governance decisions. Businesses also must provide additional education to board members to be sure they understand their responsibilities to shareholders.
Other key improvements to corporate reporting
In addition to the new requirements for CEOs and CFOs, Sarbanes-Oxley changed other aspects of corporate reporting:
Established the Public Company Accounting Oversight Board (PCAOB; https://pcaobus.org
). This is an independent regulator of auditors of public companies and brokers. The PCAOB has the authority to inspect the operations of these entities in addition to enforcement and standard-setting authority.BEARING THE BURDEN AND EXPENSE OF SARBANES-OXLEYMany major corporations already had the internal controls in place and produced the documentation that the Sarbanes-Oxley Act required. Smaller companies were hit harder with these new requirements. The SEC's only concession for smaller companies was when they must be in compliance with the new rules on internal controls: All small businesses had to be in compliance by November 2004.The rules imposed by Sarbanes-Oxley were such a significant burden on small companies that some of them decided to buy out shareholders and make the companies private again, or merge with larger companies, or even liquidate.When a private company thinks about going public, it must consider whether the process is worth the costs. With the new Sarbanes-Oxley rules in place, a small company pays close to $3 million in legal, accounting, and other costs of being public. Before Sarbanes-Oxley, these costs totaled closer to $2 million. Nowadays, large corporations budget more than $7 million to cover the costs of being a public company.
Strengthened audit committees and corporate governance. Corporate audit committees must now be independent of management for all public companies. The audit committee also has sole authority for the appointment, compensation, and oversight of the external auditor. Every audit committee is required to have at least one financial expert on the committee and the expert’s identity must be disclosed.
Mandated that auditors must now attest to management’s effectiveness of internal controls over financial reporting.
Established the “Fair Funds” program at the SEC, which provides a source of funds to compensate victims of securities fraud.
Impact of the establishment of the PCAOB
For more than 100 years, public accounting firms were self-regulated. Sarbanes-Oxley changed that, and now the PCAOB regulates these firms by:
Requiring that public auditing companies register with the PCAOB
Establishing auditing and ethics standards
Conducting audit quality inspections to assess firms’ compliance with standards and SEC and PCAOB rules, and to identify audit quality issues
Investigating allegations of wrongdoing
Disciplining auditors of public companies and broker-dealers
The SEC has full oversight of the activities of the PCAOB. The SEC appoints members of the PCAOB in consultation with the Secretary of the Treasury and the Chair of the Federal Reserve. Two seats are occupied by individuals certified as public accountants. In addition, the SEC has the opportunity to review rules and standards set by the board It can approve or disapprove of the standards set, but cannot amend them. The SEC also approves the budget of the board. The SEC also has the authority to review and modify final disciplinary sanctions imposed by the board.
Dodd-Frank’s impact on financial industry regulation
Another major piece of legislation passed by Congress after the 2008 financial crisis is the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010. This act sought to restore stability and oversight in the financial industry with the hopes of preventing a repeat of that crisis.
The law was written by two of its