Corporate and finance leaders have constantly reacted and voiced their concerns about the overwhelming hard costs of implementing the various internal control aspects of the Sarbanes-Oxley Act of 2002. These costs include having internal and external resources assess the design, test and effectively remediate internal controls. In addition, there are the legal costs of assessing and changing various corporate governance structures.
“However, the statistics regarding the percentages of companies within the United States equity markets required to comply with the act at this time are surprisingly low,” says Warren S. Binderman, a principal in the Accounting and Auditing Department at Tauber & Balser. “Only six percent of U.S. equity market capitalization is comprised of 78.5 percent of U.S. public companies.”
The accompanying table summarizes some key statistics of the composition of the U.S. equity markets. This information has been extracted from the Final Report of the Advisory Committee on Smaller Public Companies to the U.S. Securities and Exchange Commission, dated April 23, 2006.
This data is reflective of a situation where smaller public companies would, if required by the U.S. Securities and Exchange Commission (SEC), need to comply with some of the more high impact, capital and labor intensive areas of SOX’s Section 404.
So what is included in this report? And what relief can smaller public companies expect should the SEC adopt the recommendations in it? Smart Business asked Binderman these and other questions.
If a smaller company were required to comply with Section 404 of the Act, would related audit fees and costs be proportionate to the size of the company?
Although fees after the first year of SOX implementation generally decline, a study of companies (with market capitalization between $75 million and $700 million) indicates that costs and fees will be, on average, $900,000 after year one. When costs of compliance are measured as a percentage of revenue, smaller companies (under $100 million in revenues) average 2.55 percent. Large companies in the range of revenues from $100 million to $499 million have average SOX compliance costs-to-revenues of 0.53 percent, while companies with revenues over $499 million decrease even more on a percentage-of-revenue basis.
What are some of the key elements of the report?
The recommendation included in the report for ‘exemptive relief’ is called upon for smaller companies unless, and until, an appropriate framework is developed for assessing internal controls. This recommendation is as follows:
- Microcap companies with less than $125 million in annual revenue and smallcap companies with less than $10 million in annual product revenue would be required to adhere to standards relating to audit committees in conformity with Rule 10-A3 under the Exchange Act. This audit committee standard relates to audit committee member independence, appointment, compensation, and oversight of the issuer’s independent registered public accounting firm, and whistleblower provisions.
- Adoption of a code of ethics within the meaning of Item 406 of Regulation S-K, applicable to all directors, officers and employees, and disclosure of the code in connection with the company’s obligations under Item 406(C) relating to the disclosure of a code of ethics. This code of ethics disclosure would apply to whether the reporting company has adopted a code of ethics for key executives, and if not, why it has not done so.
If the SEC determines that Section 404 audits are required, what guidelines would be followed, and who would set these guidelines?
If the SEC reaches a conclusion from a public policy perspective that a Section 404 audit is required, changes should be made to the requirements related to the external auditor requirement. The report stipulates that a cost-effective standard to be developed by the Public Company Accounting Oversight Board (PCAOB). The SEC would (1) direct the PCAOB to develop a new audit standard for smaller public companies that would be more cost effective, and (2) have the new standard specify a report be issued similar to that in Section 501.71 of Standards for Attestation engagements such that the auditor would report on the design of internal control over financial reporting to prevent or detect material misstatements in the company’s financial statements on a timely basis.
The Final Report of the Advisory Committee on Smaller Public Companies to the U.S. Securities and Exchange Commission has been submitted to the SEC for approval, but has not been finalized at this time. To view the report in its entirety, you can visit the Website www.sec.gov/info/smallbus/acspc/acspc-finalreport.pdf.
WARREN S. BINDERMAN is a principal in the Accounting and Auditing Department at Tauber & Balser. His 16 years of experience includes working with public and privately held firms for a variety of industry sectors including not-for-profit, governmental and extensive knowledge of Sarbanes-Oxley Act requirements. Reach him at (404) 814-4995 or [email protected].