The high cost of SOX just went down

Companies are spending a ton of money complying with the Sarbanes-Oxley law, and that probably includes your firm. Just listen to the numbers. In 2007, American businesses spent $6 billion on SOX, as the federal regulation is commonly called. And while it has leveled off a bit, it still takes a big bite out of a company's budget.

The law was passed in 2002 in reaction to enormous corporate transgressions taking place such as the Enron meltdown. It made company executives liable if erroneous financial statements were filed. The regulations putting SOX into effect made CEOs vulnerable if they did not ensure the integrity of the systems that process their data. That was a high bar to jump for any CEO!

The Public Company Accounting Oversight Board (PCAOB), which was charged by Congress to enforce accounting regulations, has watched how accounting firms have run up huge fees as companies try to comply with the law that requires auditors to tie compliance directly to its impact on financial reporting. "If you can't link something to the financial statements, it's out of scope." explains Sharon Virag, the PCAOB's technical policy implementation director. "We used to hear people talk about the financial-transaction flows through this system, so the system is brought into scope. Now, you only need to focus on the parts that apply to the risk."

The change lifts the burden from the CEO and puts it on the back of the auditor. "For the first time, auditors are not going to be allowed a blank check for compliance," says Connie Whitecotton, vice president and chief risk and compliance officer at Alfa Insurance, a $700 million insurance company in Montgomery, Ala. She says the key to SOX is understanding risk and adequate controls. "We've got to understand it to contain the auditors," she said. And it all might mean that there's a little more money in your budget. Let us know if this is any sort of relief to you.

For more on SOX:
- See this Baseline Magazine article