When it comes to administration, the Swiss are famous for their efficiency and attention to detail. It is somewhat surprising, then, that a number of changes to company audit law are only now coming into effect. Most notably, from January 1st 2008 auditors must verify internal control systems at the companies they audit.
Inevitably, this evokes comparisons with the widely reviled Section 404 of the Sarbanes-Oxley Act in the US. Swiss officials, however, sought to avoid similarly onerous rules, explains Simon Marti, a partner at KPMG in Zurich. For example, early draft legislation required auditors to verify that internal control systems were “functioning,” a term that was later removed “to avoid extensive operational effectiveness testing,” Marti says. Under the new rules, audits need only to verify the existence of internal controls using a walk-through test of a single transaction. What’s more, executives are not required to sign off or certify control systems.
For the many Swiss multinationals with secondary listings in the US or elsewhere in Europe, the new law changes little. However, Marti says, there will still be extra work to do “to formalise, standardise and improve controls” to meet the letter of the law. And it will lead companies without internal audit departments to set them up, he adds.
A fair number of companies “could be caught on the wrong foot,” says Christian Christen, an attorney at Lutz Rechtsanwälte in Zurich. For private firms, audits are now based on size rather than legal structure, Christen notes, ensnaring “certain smaller companies that didn’t pay too much attention” to formal internal control procedures before. But in general, he says, “companies are prepared.”
Despite the many differences between the new Swiss rules and Sarbanes-Oxley, there is at least one notable similarity. Analysts at Credit Suisse recently published a bullish report on the Swiss corporate-services sector, noting “above-average demand potential” for auditors, lawyers and consultants in 2008.