Five Years and Accounting

This story is Part 1 in a three-part series on how corporate finance has changed since the Sarbanes-Oxley Act was passed.

In July of 2002, President Bush traveled to New York and spoke to a rapt audience just a stone's throw from Ground Zero. Pledging to punish those wrongdoers whose misdeeds and acts of destruction threatened the American way of life, he unveiled a plan to battle the "moral confusion and relativism" that had proven "devastating" to so many innocent people.

His remarks had nothing to do with the terrorist attacks of the previous September. Rather, he was addressing Wall Street in the wake of the Enron and WorldCom scandals, and describing a host of programs to restore investor confidence at a time when the Dow Jones industrial average languished at just over 9,000.

Three weeks after he laid out a strategy to, as he put it, "move corporate accounting out of the shadows," the President signed the Sarbanes-Oxley Act of 2002 into law. Far from ending the spate of corporate scandals, however, that event signaled the beginning of a long and often tortuous effort to reform the governance, auditing, and reporting practices of American businesses. "Sarbox represented a tectonic shift in the focus of securities regulation," says James Cox, a law professor at Duke University. "It reached right into company boardrooms and mandated certain requirements about how companies operate. No one thought that was a place securities law could go."

Indeed, what seemed at the time a hastily drafted effort to shore up perceived weaknesses in corporate accountability has proven instead to be the most significant piece of securities legislation to appear in at least half a century. But that significance has come at a price, both in dollars (estimated to run in the billions and even, by one disputed measure of lost market capitalization, trillions) and in effort, as companies have expended countless hours complying with the law — or trying to.

Those efforts continue, and five years later it is still not clear when, exactly, the dust will settle. In fact, while many lawmakers, academics, and securities experts praise the impact of Sarbox, most CFOs take a far dimmer view. A recent survey conducted by CFO magazine in conjunction with Duke University's Fuqua School of Business found that fully three-fourths of CFOs believe the act should be reformed or repealed, and nearly as many believe the costs have outweighed the benefits. The level of frustration expressed actually exceeds that found in earlier surveys — a surprise, given that earlier surveys were conducted during a time of soaring audit fees and substantial confusion about compliance.

CFOs aren't alone in their frustration. Like an infant being inoculated for the first time, the business community's initial response to Sarbox was a sort of silent scream; today its wailing can be heard far and wide, in the form of cries for relief issuing from a host of committees and trade associations. But in the wake of new guidance from the Securities and Exchange Commission regarding Section 404 — which has been by far the most vexing requirement of Sarbox — and the Public Company Accounting Oversight Board's approval of Auditing Standard No. 5, which clarifies how external auditors should handle their Section 404 responsibilities, it's unclear whether regulators or lawmakers will take any further significant actions.

Two Short Paragraphs
Any piece of legislation as broad as the Sarbanes-Oxley Act — its 30,000 words spell out nearly 70 distinct requirements — is bound to have some unintended consequences, but few could have predicted how much pain the 172 words of Section 404 would inflict on Corporate America.

"It's just two short paragraphs," says Sen. Paul Sarbanes (D–Md., retired), who sponsored the Senate's version of the act. But those paragraphs "left a lot to the regulators" in terms of translating vaguely worded demands for an "attestation" of an "assessment" of "effective internal controls" into actual practice.

Some might be tempted to say malpractice. Auditing fees skyrocketed as accounting firms took a better-safe-than-sorry approach and looked for weaknesses not only in financial reports but in the IT systems and sundry other nooks and crannies of corporate operations that feed into financial statements. Large companies saw audit fees climb 66 percent between 2003 and 2005, and, of course, spent millions on consultants, IT systems, and internal resources in order to comply.

The lesson? "Section 404 is the poster child for how not to implement a demanding compliance requirement," says Cox. "Lawmakers knew Sarbox would be costly," he says. "In fact, it was designed to be. But the folly of regulators was to not take a tiered or incremental approach, or to adopt a much longer time horizon."

Instead, even with varying deadlines (and subsequent extensions) for accelerated and nonaccelerated filers (that is, large and less-large companies), auditing firms found themselves too short-staffed to handle the intense demands of internal-controls audits. That set off a talent crunch that persists to this day, both for audit firms and corporations, and is expected to remain for years to come.

• 1
• 2
• 3
• 4
• 5
• next »