The ERM Current™

This week, the U.S. Supreme Court agreed to hear a case regarding the constitutionality of the Public Company Accounting Oversight Board (“PCAOB”) formed as a result of the Sarbanes-Oxley Act of 2002 (“SOX”).  The crux of the case is the question of who should appoint the PCAOB directors.  As it stands today, the directors are appointed by the U.S. Securities & Exchange Commission (“SEC”).  The case argues that the board members should be appointed by the U.S. President or an appointee of the President.  However, the real aim of the case is to render the entire SOX act unconstitutional due to the lack of a severability clause in the legislation.  Here is some background on the case as reported by CFO magazine.

The question over the PCAOB’s constitutionality began three years ago, when the Free Enterprise Fund, a policy group interested in promoting small government, took on the case of a small accounting firm criticized by the board after one of its inspections. The group contends that because the regulator was not a legal body under the constitution, it had no standing to perform such inspections or make such criticisms.

According to the noted origins, it looks like a case of sour grapes on the part of an accounting firm that has gained a foothold with those looking to overturn SOX.  We are in a much different environment than we were three years ago when the case was filed.  As a result, the Supreme Court decision should be very interesting. Stay tuned.

A recent study by the Financial Executives Research Foundation highlights the opportunities for many companies to improve the effectiveness and efficiency of their Sarbanes-Oxley (“SOX”) Compliance programs. In this week’s edition of Compliance Week, the study was examined and those interviewed in the article all agreed that room for improvement still exists.  The four main areas of improvement for most programs are:

• Transforming controls to focus less on manual controls and more on automated and entity-level controls;
• Consolidating processes into a reduced number of systems or a reduced number of locations, through a shared-services or business process outsourcing approach;
• Adopting more sophisticated testing strategies, including remote testing; and
• Conducting SOX testing work more deliberately and selectively.

Wheelhouse Advisors is uniquely qualified to provide cost-effective solutions in each of these areas.  Visit our website at www.WheelhouseAdvisors.com to learn more.

Last week, the Public Company Accounting Oversight Board (“PCAOB”) released proposed standards for auditors to examine and utilize risk assessments in their upcoming audits of major corporations.  These standards could prove to be significant in the evolving audit approaches for internal control over financial reporting (i.e. Sarbanes-Oxley Section 404).  Mark Olson, PCAOB Chairman commented on the purpose of these new standards,

“An appropriate assessment of risk is the foundation of a high quality audit. Today’s proposals are intended to strengthen that foundation, which should result in improvements throughout the audit.”

In performing their assessment of risk, auditors are guided first to examine the company’s own assessment of risk.  For those companies that do not have a solid framework and/or understanding of their risks, this new standard could be problematic.   The standard states,

The auditor should obtain an understanding of management’s process for:

a. Identifying risks relevant to financial reporting objectives, including risks of material misstatement due to fraud (“fraud risks”), b. Assessing the likelihood and significance of misstatements resulting from those risks, and c. Deciding about actions to address those risks.

Factors that should be evaluated in determining which risks are significant risks include:

a. Whether the risk is a fraud risk; Note: A fraud risk is a significant risk. b. Whether the risk is related to recent significant economic, accounting, or other developments; c. The complexity of transactions; d. Whether the risk involves significant transactions with related parties; e. The degree of complexity or judgment in the recognition or measurement of financial information related to the risk, especially those measurements involving a wide range of measurement uncertainty; and f. Whether the risk involves significant transactions that are outside the normal course of business for the company, or that otherwise appear to be unusual due to their size or nature.

If your company is looking to strengthen its risk assessment process or build a new risk assessment framework to prepare for the new proposed standard, then click here to contact us and learn more about how our firm can help your company Navigate Successfully™.