Sarbanes-Oxley: Policy Brief and Violation Case Study. George Louthan
|
|
- Lionel Lester
- 6 years ago
- Views:
Transcription
1 Sarbanes-Oxley: Policy Brief and Violation Case Study George Louthan April 14, 2010
2 Contents 1 Policy Brief Introduction Background Overview of Sarbanes-Oxley Title Overview Primary Effects PCAOB Risk Assessment Summary Breach Case Study: Enron Note on the meaning of breach with respect to Sarbanes-Oxley Introduction Background Financial Fraud Specifics IT Security Flaws Mitigating Controls Conclusion References
3 Chapter 1 Policy Brief 1.1 Introduction The Sarbanes-Oxley Act of 2002, also known as the Public Company Accounting Reform and Investor Protection Act, was passed in response to multiple financial scandals around the turn of the millennium. It imposed numerous reforms upon publicly traded corporations, including stricter auditing requirements and more stringent controls to ensure the accuracy of companies financial statements and annual reports to the Securities and Exchange Commission (SEC). In addition to these financial regulatory measures, Sarbanes-Oxley (also called Sarbox or SOX) has information security consequences, specifically related to internal controls and risk assessments with IT components. In particular, IT is expected to contribute to controls that minimize material misstatement risk (MMR), meaning the risk of meaningfully incorrect reporting about the company s financial situation. 1.2 Background In the early part of the 2000s, several highly publicized, highly damaging scandals involving large publicly held corporations caused some of the largest bankruptcies in history, causing stockholders, employees, and retirees to lose millions of dollars due largely to accounting fraud. Because of an apparent lack of accountability and less than stringent requirements for auditing firms, corporate executives were able to perpetrate fraud on massive scales. Shoddy accounting practices, embezzlement, corporate looting, and stock price manipulation among numerous very large companies led to a rash of highly visible bankruptcies and corporate failures in 2001 and For example, in the Enron scandal, the $64 billion dollar company was driven to bankruptcy when it became clear that its balance sheets had been manipulated to hide liabilities and to exaggerate profits, and its audits had failed spectacularly to discover any of these practices; in fact, the company was bankrupt. Other companies driven to bankruptcy due to financial fraud in the same timeframe include WorldCom (who had the same auditor), Adelphia, Tyco International, and others. These failures led to widespread embarrassment at the state of the U.S. corporate financial system, which was gaining a reputation for these shoddy business practices and executive fraud. As a result, there arose a perceived need to impose regulatory reforms upon publicly traded US companies, and on July 30, 2002, the Sarbanes-Oxley Act, intended to address these issues, was enacted after being passed virtually unani- 2
4 mously by both chambers of the United States Congress. 1.3 Overview of Sarbanes-Oxley Title Overview Sarbanes-Oxley contains 11 titles. Not all of them need be addressed here, because only two specific sections deal with information systems; however, for completeness, a very brief summary of each title and its intent is provided below. Title 1: PCAOB Establishes the Public Company Accounting Oversight Board, which has SOX-backed regulatory authority. Title 2: Auditor independence Regards approval requirements and conflict of interest limitation for auditors. For example, auditing companies may not provide other services for audit clients. Title 3: Corporate Responsibility Makes senior executives personally responsible for correctness of financial reports. Title 4: Enhanced Financial Disclosures New, more detailed financial reporting requirements are instituted; requires internal controls for assuring the accuracy of financial reports, and audits thereof. Title 5: Analyst Conflicts of Interest Creates a code of conduct for securities analysts, including conflict of interest disclosure. Title 6: Commission Resources and Authority Gives the SEC authorities to govern brokers, advisors, and dealers in securities. Title 7: Studies and Reports Requires the SEC and Comptroller General to conduct various studies and produce reports. Title 8: Corporate and Criminal Fraud Accountability Creates criminal penalties for interference with financial records, and institutes whistle-blower protections. Title 9: White Collar Crime Penalty Enhancement Failure to certify corporate financial reports is made a criminal offense; new, stronger sentencing guidelines for white collar crimes are instituted. Title 10: Corporate Tax Returns The CEO must now sign the company s tax return. Title 11: Corporate Fraud Accountability Creates new authorities for the SEC to freeze unusual transactions, and deals with the criminalization of corporate records tampering Primary Effects The most important and expensive portions of the act have turned out to be Sections 302 and 404. Relatively brief in their statement, they create sweeping requirements for organizations: the executives are now personally responsible for ensuring that their material misstatement risk (MMR) is minimized, and there must be instituted, assessed, and audited internal controls to minimize MMR. The specific details of these requirements are delegated to PCAOB (the Public Company Accounting Oversight Board, often pronounced peek-a-boo ), which provides copious and detailed guidance and standards foe conducting these assessments. 3
5 1.4 PCAOB Risk Assessment Perhaps the most important aspect of SOX, as far as an information systems risk manager is concerned, is the Section 404 Top-down Risk Assessment, a process that is only indirectly required by SOX itself. Instead, PCAOB, the regulatory body responsible for implementing the general requirements of SOX, has issued Auditing Standard 5, which specifies this risk assessment. Perhaps the most widespread and damaging misconception about SOX is that it imposes specific, checkliststyle IT security requirements. In fact, SOX requires nothing more of IT than an accomplishment of due diligence necessary to prevent computer security incidents that lead to material misstatement risk, and allows virtually any reputable computer security framework to be employed to achieve this (though the COSO framework is specifically endorsed but not IT focused, and the COBIT framework, which is IT-focused is also encouraged and frequently applied). Furthermore, the IT side of Sarbanes-Oxley compliance can result encompass the use of information systems to implement internal controls over accounting practices. For instance, the deployment of an automated system for monitoring financial documentation designed to detect and report anomalies indicative of fraud would itself constitute an internal control. In the eyes of SOX and PCAOB, IT controls are not a distinct domain; rather, they are part of an overarching controls strategy. PCAOB has promulgated Auditing Standard 5, the standard specifying the procedure known as the SOX Section 404 Top-Down Risk Assessment. This risk assessment is intended to be a holistic approach to assessing an organization s risk of material misstatement on financial documents. Again, this is the only risk that SOX requires be assessed; the SOX 404 Risk Assessment is not concerned with other kinds of risks to the company, only with the risk that the company will misrepresent its financial information. Auditing Standard 5 addresses IT security, emphasizing that there is not a distinct, separate IT security assessment; any assessment of IT controls is necessarily only one component of an integrated, top-down risk assessment of all aspects of an organization s MMR controls. In fact, the auditing standard provides criteria for determining whether the assessment need deal specifically with IT at all. 1.5 Summary In summary, the Sarbanes-Oxley act created new requirements for accountability, auditing, and risk assessments for public companies, which were standardized and specified by the Public Company Accounting Oversight Board (PCAOB), also created by SOX. These risk assessments are concerned entirely with the efficacy of internal controls (specifically accounting controls) in preventing material misstatement on financial documents and SEC reports, with the goal of preventing the kind of fraud that bankrupted Enron, WorldCom and others. The effects of SOX in information technology are confined to two aspects: the ability of IT to provide controls to detect and prevent actions leading to material misstatement, and the secure deployment of information systems to avoid their causing material misstatement. Like all other internal controls, information systems are subject to SOX compliance top-down risk assessments, as standardized in PCAOB Auditing Standard 5. The IT risk assessment is not a separate process, but rather (if it even occurs) is integrated into the overall risk assessment. These risk assessments focus upon the material misstatement risk (MMR) of the company. 4
6 Chapter 2 Breach Case Study: Enron 2.1 Note on the meaning of breach with respect to Sarbanes-Oxley In order to put any case study of a violation or breach into the proper context of Sarbanes-Oxley, it is important first to describe what exactly is meant by a breach or violation in this particular case. Unlike many other information security related regulations, SOX is not concerned primarily with preventing data leakage or intrusions; rather it is wholly and exclusively focused upon the ability of information systems to prevent, detect, and avoid causing material misstatement of financial records. For this reason, a breach of Sarbanes-Oxley does not necessarily look like most other IT security breaches; its hallmark is not disclosure or downtime, but rather fraud. For this reason, this case study is likely to look very different from many others; it is concerned with financial fraud, and the lack of proper controls that would have detected, reported, or prevented that fraud; and also of the failure of audits to determine the need for such controls. 2.2 Introduction In December of 2001, owing to massive financial fraud on the part of its executives, Enron declared bankruptcy. Through shoddy accounting practices, conflicts of interest among external auditors, and a lack of proper financial reporting controls, the company s management created the illusion of profitability in order to elevate stock prices when, in reality, the company was billions of dollars in debt. The company also reportedly suffered from serious computer security flaws, among its other troubles with poor internal controls. Aside from the poor accounting practices, relatively simple computer systems could have been deployed that would have detected and reported the sorts of shoddy financial activities that doomed Enron. These continuous auditing systems would have allowed a SOX-compliant external financial audit to detect and report these dealings. Although Sarbanes-Oxley was enacted largely to prevent Enron-style scandals from occurring in the future, Enron is still an extremely useful example of a company that broke virtually every rule that SOX imposes. It had flaws in its financial structure, its auditing systems, and its information systems, all of which rendered it noncompliant with the regulations that SOX would later impose regulations that would have prevented its artificial stock price inflation and, later, its disastrous bankruptcy. 5
7 2.3 Background Enron s compensation structure, especially for executives, was based heavily upon bonuses for stock price performance. This led to a corporate culture obsessed with the kind of short-term gains that inflated stock prices, and the company s accounting practices soon came to reflect a desire to emphasize profits and hide debts in order to appear strong to Wall Street Financial Fraud Specifics The specific accounting practices that allowed the company s fraud were related to special purpose entities, a type of legal entity created to fulfill a special purpose. By the time of its bankruptcy, Enron had created hundreds of special purpose entities, to which its massive liabilities and debts were assigned, in order to allow these debts to be hidden from its balance sheets. The auditing firm, Arthur Andersen, responsible for verifying Enron s accounting practices, was also retained as an accounting consultant for Enron. In effect, they were verifying their own work, a significant conflict of interest. It is likely that a rigorous traditional audit would have detected the practices that led to the company s failure IT Security Flaws Enron was also reportedly guilty of grossly neglecting proper computer security practices. Employees were regularly allowed to use peer-to-peer file sharing applications with firewall exceptions; the due to poor patch management, the company s computer systems were hit extremely hard by the Code Red and Nimda viruses. Complicated password policies and lack of enforcement resulted in Post-It notes and papers with passwords to multiple accounts and many workstations and desks; and, perhaps most disturbing, all IT management systems were custom-built. Incidentally, in the midst of its death throes, Enron s travel booking system (managed by a company called Concur) was attacked; in spite of Enron s poor security practices, this attack was thwarted by Concur and was, in any event, unrelated to material misstatement risk, the primary concern of SOX. Nevertheless, this reveals the possibility that, because of IT inadequacies, executive accounting practices were not Enron s only source of material misstatement risk. 2.4 Mitigating Controls The financial accountability requirements imposed by SOX would likely have prevented the kinds of shoddy practices that led to Enron s failure. However, there are some IT controls that were not only necessary to lessen the company s MMR and provide auditing tools to prevent the debacle that occurred, but also controls that ought to have been part of the basic due diligence of the company s IT department. One software method for detecting accounting problems is called continuous audit. In continuous auditing based on anomaly detection, strange and unusual (a vague description that will stand for the moment) financial activity is detected and automatically reported to management and audit personnel. Extraordinary transactions, such as the transfer of debts into an assetless shell company simultaneous to removal of those debts from the main company s balance sheet would constitute an event worthy of reporting. Because these kinds of transactions were at the heart of Enron s frauds, a system capable of detecting them 6
8 as they occurred would have created a higher level of assurance that the company s accounting practices were on the level thereby reducing material misstatement risk. Furthermore, Enron would have been well served by taking a generally top-down, holistic approach to managing their risk of violating accounting practices. In the business world, a general approach for doing this is provided by COSO, the Committee of Sponsoring Organizations of the Treadway Commission, in their Internal Controls framework. Their IT vulnerabilities would have been mitigated by, again, taking an integrated, systematic approach to developing and deploying the company s information systems. A process like that provided by the COBIT framework would have enabled them to develop such an approach. 2.5 Conclusion In spite of all of the possibilities that existed for mitigating Enron s material misstatement risk, the main flaw with Enron was with the company s corporate culture, which emphasized profits over transparency, and even over compliance with the law. If the company had made it a priority to develop the kinds of internal controls that Sarbanes-Oxley later mandated in order to prevent financial misstatements, it would likely have avoided being rocked by the massive scandal that it experienced. This example was illustrative of the reasons that SOX requires what it does; the risk of material misstatement of a company s financial records should be considered parallel to its risk of a massive Enron-style corporate meltdown. Relatively simple accounting controls and IT-based auditing tools would easily have caught and prevented the fraud that Enron s executives perpetrated upon its shareholders. Frameworks now exist that can be followed to prepare a corporation for SOX compliance (such as COBIT and COSO); auditing standards have been promulgated that would allow independent auditors to catch the kind of fraud that caused Enron s failure. And simple information systems can automate these controls. SOX exists largely because of Enron s failures, and it even though it predated the law, it is perhaps the best example of what not to do concerning the law. 2.6 References Sarbanes Oxley for IT Security? Would Continuous Auditing Have Prevented the Enron Mess? Enron: Security Woes Too? SANS Sarbanes-Oxley Whitepaper. Sarbanes Oxley Act of 2002, hosted by University of Cincinnati College of Law. Serena Software. The Impact of Sarbanes-Oxley on IT and Corporate Governance. PCAOB Auditing Standard No PCAOB AU On the Docket: Free Enterprise Fund and Beckstead and Watts v. Oversight Board. Public Company Accounting 7
» Gain insight into the hows and whys of corporate fraud;» Discuss Enron's "business model" and subsequent collapse;
Gain insight into the hows and whys of corporate fraud; Discuss Enron's "business model" and subsequent collapse; and Discuss other frauds and Sarbanes-Oxley For this lesson, please read: Rosoff, Pontell
More informationThe Sarbanes-Oxley Act and Corporate Governance
The Sarbanes-Oxley Act and Corporate Governance 1 The Sarbanes-Oxley Act and Corporate Governance Copyright 2014 by DELTACPE LLC All rights reserved. No part of this course may be reproduced in any form
More informationThe Lord & Benoit Report:
The Lord & Benoit Report: The Sarbanes-Oxley Investment A Section 404 Cost Study for Smaller Public Companies Author: Bob Benoit President & Director of SOX Research Lord & Benoit, LLC, One West Boylston
More informationSARBANES-OXLEY: A BRIEF OVERVIEW. On July 30, 2002, the United States Congress passed, by a nearly unanimous
SARBANES-OXLEY: A BRIEF OVERVIEW On July 30, 2002, the United States Congress passed, by a nearly unanimous vote, the Public Accounting Reform and Investor Protection Act of 2002", commonly known as the
More informationFinancial Accounting, 1e Chapter 6: Ethics, Internal Control, and IFRS Test Item File
Financial Accounting, 1e Chapter 6: Ethics, Internal Control, and IFRS Test Item File 6.0-1 Some accounting professionals believe that GAAP may have contributed to the accounting scandals as early as the
More informationLecture 12 Creditors and Auditors. Prof. Daniel Sungyeon Kim
Lecture 12 Creditors and Auditors Prof. Daniel Sungyeon Kim Debt as a disciplinary mechanism Institutional lenders as corporate monitors Credit rating agencies International perspective Financial Reporting
More informationTHE SARBANES-OXLEY ACT OF 2002 Summary of Key Provisions of Interest to Internal Auditors
THE SARBANES-OXLEY ACT OF 2002 Summary of Key Provisions of Interest to Internal Auditors Sec. 1. Short title; table of contents. The Sarbanes-Oxley Act of 2002. Sec. 2. Definitions. Defines terms used
More informationImpact of Sarbanes Oxley (SOX) Act on Corporate Governance Practices
Pacific Business Review International Volume 8 issue 6 December 2015 Impact of Sarbanes Oxley (SOX) Act on Corporate Governance Practices Dr. Abhishek Soni Associate Professor Department of Management
More informationThe 9th International Anti-Corruption Conference The Papers
The 9th International Anti-Corruption Conference The Papers COSO STUDY ON FRAUD IN FINANCIAL REPORTING Carlo di Florio Introduction TI-Home Lima Declaration Durban Commitment I have been asked to address
More informationWorldCom: A Simple Recipe for Cooking the Books
WorldCom: A Simple Recipe for Cooking the Books by Rebekah A. Sheely, Ph.D., CPA Enron, Tyco, Global Crossing, Adelphia, WorldCom, and HealthSouth - the list continues to grow. While Enron is perhaps the
More informationCHAPTER 29. Corporate Governance. Chapter Synopsis
CHAPTER 29 Corporate Governance Chapter Synopsis 29.1 Corporate Governance and Agency Costs Corporate governance is the system of controls, regulations, and incentives designed to maximize firm value and
More informationEDGE. Who s Afraid of Sarbanes-Oxley?
CAPITAL Legislative & Regulatory Update EDGE Who s Afraid of Sarbanes-Oxley? Accountability legislation creates additional document retention requirements and responsibilities for records managers Bob
More informationWhat Real Estate Lawyers Need to Know About the Sarbanes-Oxley Act of 2002
What Real Estate Lawyers Need to Know About the Sarbanes-Oxley Act of 2002 Ann M. Saegert Dennis R. Cassell Bart J. Biggers Peter D. Christofferson Haynes and Boone, LLP 2505 North Plano Road, Suite 4000
More informationA Thesis. Entitled. The Sarbanes-Oxley Act: Effects on Public Accounting Firms. Yun Jin. As partial fulfillment of the requirements for
A Thesis Entitled The Sarbanes-Oxley Act: Effects on Public Accounting Firms By Yun Jin As partial fulfillment of the requirements for the Bachelor of Business and Innovation Degree with Honors in Accounting
More informationSarbanes-Oxley Affects Your Private Company Clients
http://www.wisbar.org/wislawmag/2004/06/lieberman.html Make a Selection Vol. 77, No. 6, June 2004 Sarbanes-Oxley Affects Your Private Company Clients Although the Sarbanes-Oxley Act does not directly affect
More informationSarbanes-Oxley Act of Regulation BTR Regulation G Attorney Conduct Rules
Sarbanes-Oxley Act of 2002 Public Company Accounting Reform and Corporate Responsibility (United States Code Title 15, Chapter 98) Regulation BTR Regulation G Attorney Conduct Rules A Red Box Õ Service
More informationCERTIFICATION AND INTERNAL CONTROL REGIME FOR CROWN CORPORATIONS
Internal Management Oversight: CERTIFICATION AND INTERNAL CONTROL REGIME FOR CROWN CORPORATIONS Crown Corporation Guidance This document is intended as advice or guidance and as a source of considerations
More informationSarbanes-Oxley Simplified
Sarbanes-Oxley Simplified 2nd edition Michel Morley, CPA Nixon-Carre Ltd., Toronto, ON Contents Introduction pg xi Chapter 1 - The Birth of the Act...
More informationKERNS, PITROF, FROST & PEARLMAN, L.L.C.
KERNS, PITROF, FROST & PEARLMAN, L.L.C. ATTORNEYS AT LAW 333 WEST WACKER DRIVE SUITE 1840 CHICAGO, ILLINOIS 60606 DIRECT DIAL: 312-261-4552 TEL. 312-261-4550 E-MAIL: epitrof@kpfplaw.com FAX: 312-261-4565
More informationLegal Alert: Congress Passes The Sarbanes Oxley Act of 2002
Legal Alert: Congress Passes The Sarbanes Oxley Act of 2002 On July 25, 2002, Congress passed the Sarbanes-Oxley Act of 2002 (the Act ) and President Bush signed the Act into law on July 30, 2002. The
More informationFried, Frank, Harris, Shriver & Jacobson August 26, 2003
August 26, 2003 Timeline Effective Dates for Implementing The Sarbanes-Oxley Act of 2002 ("SOX") and New and Proposed SEC, NYSE & Nasdaq Rules for Non-U.S. Issuers Disclosure 1. CEO/CFO certification A.
More information43. Major Policy Lessons from the Corporate Scandals
43. Major Policy Lessons from the Corporate Scandals Congress should clarify that the criminal penalties in the Sarbanes-Oxley Act (SOA) require proof of malign intent and personal responsibility for some
More informationThis memorandum updates and supersedes our similarly titled memorandum dated January 10, 2003.
APPLICATION OF THE SARBANES-OXLEY ACT TO VOLUNTARY FILERS OF PERIODIC REPORTS WITH THE SEC 1 SIMPSON THACHER & BARTLETT LLP JUNE 23, 2003 The Securities and Exchange Commission, through its rules and informal
More informationThe Dodd-Frank Clawback And The Problem Of Excess Pay
The Dodd-Frank Clawback And The Problem Of Excess Pay by Jesse M. Fried and Nitzan Shilon The Dodd-Frank Act requires firms to adopt clawback policies for recovering certain types of excess pay overpayments
More informationAuditing and Assurance Services, 15e (Arens) Chapter 2 The CPA Profession. Learning Objective 2-1
Auditing and Assurance Services, 15e (Arens) Chapter 2 The CPA Profession Learning Objective 2-1 1) The legal right to perform audits is granted to a CPA firm by regulation of: A) each state. B) the Financial
More informationSARBANES OXLEY ACT OF 2002 (PL ) AND IMPACT ON THE IT AUDITOR
EDP AUDITING SARBANES OXLEY ACT OF 2002 (PL 107-204) AND IMPACT ON THE IT AUDITOR Frederick Gallegos, CISA, CGFM, CDE INSIDE Major Points from the Sarbanes Oxley Act of 2002; Criminal Intent; Legal Implications
More informationOVER SOX ED? A GOLDEN GATE UNIVERSITY SURVEY OF CORPORATE EXECUTIVE RESPONSE TO THE SARBANES-OXLEY ACT
OVER SOX ED? A GOLDEN GATE UNIVERSITY SURVEY OF CORPORATE EXECUTIVE RESPONSE TO THE SARBANES-OXLEY ACT By Terry Connelly, Dean of the Edward S. Ageno School of Business, Golden Gate University At the close
More information"Observations On Auditors' Implementation Of PCAOB Standards Relating To Auditors' Responsibilities With Respect To Fraud"
Summary of the Public Company Accounting Oversight Board (PCAOB) report titled "Observations On Auditors' Implementation Of PCAOB Standards Relating To Auditors' Responsibilities With Respect To Fraud"
More information716 West Ave Austin, TX USA
: What Every Accountant Should Know About Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION Video Supplement... 1 Course Objectives
More informationAN ANALYSIS OF SMALL COMPANY FRAUDS AND IMPLICATONS FOR AUDITORS IN DETECTING FRAUDS
AN ANALYSIS OF SMALL COMPANY FRAUDS AND IMPLICATONS FOR AUDITORS IN DETECTING FRAUDS Michael Ulinski Pace University mulinski@pace.edu ABSTACT: While much has been written about large company corporate
More informationLegal Alert: Sarbanes-Oxley Act Certification Requirements and Best Practices September 12, I. Introduction
Legal Alert: Sarbanes-Oxley Act Certification Requirements and Best Practices September 12, 2002 I. Introduction Since the Sarbanes-Oxley Act of 2002 (the Act ) became law on July 30, 2002, much attention
More informationSARBANES-OXLEY ACT OF 2002 WHAT YOU NEED TO KNOW NOW
SARBANES-OXLEY ACT OF 2002 WHAT YOU NEED TO KNOW NOW On Tuesday, July 30, 2002, President Bush signed into law the Sarbanes-Oxley Act of 2002, one of the most sweeping revisions of the federal securities
More informationSarbanes-Oxley Act of 2002
Sarbanes-Oxley Act of 2002 Regulation BTR Regulation G Attorney Conduct Rules A Red Box Service Publication Sarbanes-Oxley Act of 2002 Public Company Accounting Reform and Corporate Responsibility (United
More information2006 NON PROFIT MANAGEMENT CENTER. August 2006
2006 NON PROFIT MANAGEMENT CENTER August 2006 1 Regulation 2 Table of Contents SOX Impact Texas States Matrix ACCOUNTABILITY History Budget Audit Committee Finance Internal Control Internal Audit Budget
More information2 4 Generally accepted auditing standards are the Statements on Auditing Standards issued by the Auditing Standards Board.
CHAPTER 2 Professional Standards Review Questions 2 1 The Sarbanes-Oxley Act of 2002 created the PCAOB and gave this body authority to develop auditing standards for the audits of public companies. The
More informationGENESCO INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
GENESCO INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS PURPOSE The primary purpose of the Audit Committee (the Committee ) is to assist the Board of Directors (the Board ) in fulfilling
More informationFraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER
Fraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER Disclaimer The material appearing in this presentation is for informational purposes only and should not be construed as advice of
More informationLord & Benoit Report: First Year SOX Results for Small Business
Lord & Benoit Report: First Year SOX Results for Small Business Benefits of the Delays Author: Bob Benoit President & Director of SOX Research Lord & Benoit, LLC, One West Boylston Street, Worcester, MA
More informationTHE SARBANES-OXLEY ACT OF 2002 AND THE IMPACT ON PUBLIC EMPLOYEE RETIREMENT SYSTEMS
Presentation at State Association of County Retirement Systems SACRS THE SARBANES-OXLEY ACT OF 2002 AND THE IMPACT ON PUBLIC EMPLOYEE RETIREMENT SYSTEMS Presented by Thomas A. Hickey, III Kirkpatrick &
More information2007 global economic crime survey
Investigations and Forensic Services 2007 global economic crime survey Introduction We are pleased to present PricewaterhouseCoopers 2007 Global Economic Crime survey:. While the Global survey is based
More informationINTERNATIONAL STANDARD ON AUDITING 550 RELATED PARTIES CONTENTS
INTERNATIONAL STANDARD ON 550 RELATED PARTIES (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction Scope of this ISA... 1 Nature
More informationWebMemo22. Congress Should Repeal or Fix Section 404 of the Sarbanes Oxley Act to Help Create Jobs. Published by The Heritage Foundation
No. 3380 WebMemo22 Published by The Heritage Foundation Congress Should Repeal or Fix Section 404 of the Sarbanes Oxley Act to Help Create Jobs David S. Addington Americans need jobs. The private sector
More informationSARBANES-OXLEY ACT OF 2002 AND ITS NEW RULES FOR SENIOR MANAGEMENT OCTOBER 3, 2002 WALTER A. LOONEY S IMPSON THACHER & BARTLETT LLP
SARBANES-OXLEY ACT OF 2002 AND ITS NEW RULES FOR SENIOR MANAGEMENT WALTER A. LOONEY SIMPSON THACHER & BARTLETT LLP OCTOBER 3, 2002 The U.S. federal securities laws have traditionally been described as
More informationCHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF MINERALS TECHNOLOGIES INC.
I. PURPOSE The primary purposes of the Audit Committee (the Committee ) are to: 1. Assist the Board of Directors (the Board ) in its oversight of (i) the integrity of the Company s financial statements,
More informationANTI-BRIBERY & CORRUPTION POLICY
1 INTRODUCTION 1.1 The Board of Directors of Ascendant Resources Inc. 1 has determined that, on the recommendation of the Corporate Governance Committee, Ascendant should formalise its policy on compliance
More informationCRIME IN THE SUITES. Doing the perp walk: Enron CEO Kenny Boy Lay & Adelphia Communications CEO John Rigas
CRIME IN THE SUITES Corporate crime any illegal act by a corporation or top officials: fraud, tax evasion, price fixing, embezzlement, unsafe products, government bribery, environmental damage, occupational
More informationFiduciary Duty, Corporate Scandals, SOX and the Non-For-Profit
HCCA Audit and Compliance Committee Conference Fiduciary Duty, Corporate Scandals, SOX and the Non-For-Profit P R E S E N T E D B Y: Daniel R. Roach V.P. Compliance & Audit Catholic Healthcare West TOPICS
More informationCorporate Fraud. BDO Dunwoody Weekly CEO/Business Leader Poll By COMPAS in Canadian Business For Publication April 3, 2008
Corporate Fraud Panel Calls for More Jail Time for Wrongdoers, and Better Protection for Whistle Blowers Major Loss of Confidence in SOX SEC Outperforms OSC BDO Dunwoody Weekly CEO/Business Leader Poll
More informationThe Corporate Governance and the Distorted Accounting Information
The Corporate Governance and the Distorted Accounting Information Qiufei Wang School of Management, Shenyang Jianzhu University, Shenyang 110004, China Tel: 86-24-2424-3733 E-mail: wangqiufei@126.com Abstract
More informationCONDUCTING INTERNAL INVESTIGATIONS GATHERING EVIDENCE AND PROTECTING YOUR COMPANY
CONDUCTING INTERNAL INVESTIGATIONS GATHERING EVIDENCE AND PROTECTING YOUR COMPANY World Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA I. PREPARING FOR AN INVESTIGATION When Is
More informationPART THREE FUNDAMENTALS OF FINANCIAL INSTITUTIONS. Copyright 2012 Pearson Prentice Hall. All rights reserved.
PART THREE FUNDAMENTALS OF FINANCIAL INSTITUTIONS Copyright 2012 Pearson Prentice Hall. All rights reserved. CHAPTER 7 Why Do Financial Institutions Exist? Copyright 2012 Pearson Prentice Hall. All rights
More informationCORPORATE GOVERNANCE Table of Contents
CORPORATE GOVERNANCE Table of Contents I. Introduction... 1 A. Dual structure... 1 B. Contact info... 1 C. Take-home Exam... 1 D. Things to do... 1 II. Definitions; The Basic Structure of Governance Within
More informationEVINE LIVE INC. AUDIT COMMITTEE CHARTER
EVINE LIVE INC. AUDIT COMMITTEE CHARTER I. PURPOSE, DUTIES, and RESPONSIBILITIES The audit committee (the Committee ) is established by the board of directors (the board ) of EVINE Live Inc. (the company
More informationCITIZENS, INC. BANK SECRECY ACT/ ANTI-MONEY LAUNDERING POLICY AND PROGRAM
I. Introduction CITIZENS, INC. BANK SECRECY ACT/ ANTI-MONEY LAUNDERING POLICY AND PROGRAM The Bank Secrecy Act/Anti-Money Laundering Responsibilities of Insurance Companies U.S. insurance companies have
More informationUniversity of Connecticut IDENTITY THEFT PREVENTION PROGRAM
University of Connecticut IDENTITY THEFT PREVENTION PROGRAM I. BACKGROUND II. III. IV. PURPOSE AND SCOPE DEFINITIONS IDENTIFICATION & DETECTION OF RED FLAGS V. APPROPRIATELY RESPONDING WHEN RED FLAGS ARE
More informationPresentation Notes Derek Ramm, Officer FINTRAC. April 20, 2010
Presentation Notes Derek Ramm, Officer FINTRAC April 20, 2010 About FINTRAC FINTRAC is a regulator False. We are considered a Financial Intelligence Unit, with a primary mandate to assist in the detection
More informationBusiness & Financial Communications: The Key Players, Terms and Channels
Business & Financial Communications: The Key Players, Terms and Channels The Guidelines Generally Accepted Accounting Principles (GAAP) are a set of accounting rules that guide financial statements that
More informationAct language and concepts. David T. Mittelman
The Sarbanes-Oxley Act language and concepts David T. Mittelman The Sarbanes-Oxley Act of 2002 Public Company Accounting Reform and Corporate Responsibility Generally seen as the most comprehensive revision
More informationTHE COST OF COMPLIANCE: THE CASE OF SOUTH AFRICAN BANKS
THE COST OF COMPLIANCE: THE CASE OF SOUTH AFRICAN BANKS Johan Marx*, Ronald H Mynhardt** Abstract Compliance cost is expenditure of time or money in conforming to government requirements such as regulation
More informationFrequently Asked Questions Regarding Registration with the Board. December 4, 2017
1666 K Street NW Washington, DC 20006 Office: (202) 207-9100 Fax: (202) 862-8430 www.pcaobus.org Frequently Asked Questions December 4, 2017 The Mechanics of Registration 1. How can my firm apply for registration
More informationLeasing and SOX Compliance: The Big Picture Michael Keeler, Ecologic Leasing Solutions - 07 Mar 2006
Leasing and SOX Compliance: The Big Picture Michael Keeler, Ecologic Leasing Solutions - 07 Mar 2006 Sarbanes-Oxley (SOX) has had a big effect on the leasing industry and financial executives at lessees
More informationOn July 30, 2002, the Sarbanes-Oxley Act of 2002 (the Act ) was signed into law. The
SARBANES-OXLEY ACT REQUIRES INVESTMENT COMPANY OFFICER CERTIFICATIONS By Diana E. McCarthy 2002. Reprinted by permission. INTRODUCTION On July 30, 2002, the Sarbanes-Oxley Act of 2002 (the Act ) was signed
More informationUPDATE ON CORPORATE GOVERNANCE: RESPONDING TO ENRON AND OTHER CORPORATE SCANDALS
UPDATE ON CORPORATE GOVERNANCE: RESPONDING TO ENRON AND OTHER CORPORATE SCANDALS In the wake of the recent corporate scandals in the United States, including the bankruptcy of Enron Corp. in December 2001,
More informationBBM2153 Financial Markets and Institutions Prepared by Dr Khairul Anuar
BBM2153 Financial Markets and Institutions Prepared by Dr Khairul Anuar L3: Why Do Financial Institutions Exist? www. notes638.wordpress.com Copyright 2015 Pearson Education, Ltd. All rights reserved.
More informationWhy the Board is Broken. Joseph Anton and Tamar Frankel
Why the Board is Broken Joseph Anton and Tamar Frankel Boards of Directors ( Boards ) are anachronistic to major companies in the 21 st century. Boards had their origin in an era when oversight was easily
More informationCHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF EL POLLO LOCO HOLDINGS, INC.
CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF EL POLLO LOCO HOLDINGS, INC. I. PURPOSE OF THE COMMITTEE The purpose of the Audit Committee (the Committee ) of the Board of Directors (the Board
More informationAnumber of years ago, we had the privilege INDEPENDENCE. Perception or Reality? Opinion
Opinion INDEPENDENCE Perception or Reality? B Y D OUGLAS L. SMITH, CMA, CFM, CPA, AND F R ANK C. M INTER, CPA Anumber of years ago, we had the privilege of working with an outstanding accounting professional
More informationSarbanes-Oxley Act. The U.S. Sarbanes-Oxley Act of 2002: 2004 Update for Non-U.S. Issuers.
Sarbanes-Oxley Act The U.S. Sarbanes-Oxley Act of 2002: 2004 Update for Non-U.S. Issuers www.lw.com Sarbanes-Oxley REPORT September 1, 2004 The U.S. Sarbanes-Oxley Act of 2002: 2004 Update for Non-U.S.
More informationRIMINI STREET, INC. AUDIT COMMITTEE OF THE BOARD OF DIRECTORS AUDIT AND NON-AUDIT SERVICES PRE-APPROVAL POLICY
A. Statement of Principles RIMINI STREET, INC. AUDIT COMMITTEE OF THE BOARD OF DIRECTORS AUDIT AND NON-AUDIT SERVICES PRE-APPROVAL POLICY Amended and Approved as of September 13, 2017 Under the Sarbanes-Oxley
More informationSarbanes-Oxley: A Review of the Empirical Evidence and a Proposal for Reform
Sarbanes-Oxley: A Review of the Empirical Evidence and a Proposal for Reform Financial Markets Reform: Taking Stock A Conference Sponsored by the Federal Reserve Bank of Atlanta Kenneth Lehn University
More informationCHAPTER 7. Internal Control and Cash. Chapter Overview
CHAPTER 7 Internal Control and Cash Chapter Overview Chapter 7 discusses the purposes and characteristics of an effective system of internal control. The text describes four objectives that a company hopes
More informationThe Effect of the Sarbanes-Oxley Act of 2002 on Earnings Quality
James Madison University JMU Scholarly Commons Senior Honors Projects, 2010-current Honors College Spring 2016 The Effect of the Sarbanes-Oxley Act of 2002 on Earnings Quality Emily B. Blair James Madison
More informationThe 2004 Oversight Systems Financial Executive Report on Sarbanes-Oxley
The 2004 Oversight Systems Financial Executive Report on Sarbanes-Oxley www.oversightsystems.com About the Survey Through a combination of an invitation-only online survey and survey intercepts, 222 corporate
More informationLeasing and SOX Compliance: The Big Picture
Leasing and SOX Compliance: The Big Picture 2006-11-13 12:00:00.0 CDT By Michael Keeler Sarbanes-Oxley (SOX) has had a big effect on the leasing industry and financial executives at lessees are now reforming
More informationRATING THE QUALITY OF CORPORATE EARNINGS
RATING THE QUALITY OF CORPORATE EARNINGS Jeffry R. Haber, Iona College Richard Furlin Abstract The accounting profession has been under considerable scrutiny since the Enron debacle. While many reforms
More informationCITIGROUP INC. AUDIT COMMITTEE CHARTER As of March 21, 2012
CITIGROUP INC. AUDIT COMMITTEE CHARTER As of March 21, 2012 Mission The Audit Committee ( Committee ) of Citigroup Inc. ( Citigroup ) is a standing committee of the Board of Directors ( Board ). The purpose
More informationFINAL NOTICE. Nomura House, 1 St Martin s-le-grand, London EC1A 4NP
Financial Services Authority FINAL NOTICE To: Of: Nomura International Plc ( Nomura ) Nomura House, 1 St Martin s-le-grand, London EC1A 4NP Dated: 16 November 2009 TAKE NOTICE: The Financial Services Authority
More informationUNITEDHEALTH GROUP BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER (November 8, 2016)
UNITEDHEALTH GROUP BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER (November 8, 2016) INTRODUCTION AND PURPOSE UnitedHealth Group Incorporated (the "Company") is a publicly-held company and operates in a complex,
More informationRelated Parties 547. Source: SAS No. 122; SAS No Effective for audits of financial statements for periods ending on or after December 15, 2012.
Related Parties 547 AU-C Section 550 Related Parties Source: SAS No. 122; SAS No. 128. Effective for audits of financial statements for periods ending on or after December 15, 2012. Introduction Scope
More informationChapter 6 Earnings Management 6-1
Chapter 6 Earnings Management 1. Identify the factors that motivate earnings management 2. List the common techniques used to manage earnings 3. Critically discuss whether a company should manage its earnings
More informationCRS Report for Congress
Order Code RS21135 Updated August 12, 2004 CRS Report for Congress Received through the CRS Web Summary The Enron Collapse: An Overview of Financial Issues name redacted, Coordinator Specialist in Public
More informationSecurities Exchange Act of 1934 Reporting Readiness Considerations
Securities Exchange Act of 1934 Reporting Readiness Considerations April 4, 2017 Robert Suffoletta Corporate Bryan King Corporate The materials in this presentation, and the opinions expressed in this
More informationOn 7/30/02 President Bush signed
What Every Private Equity Professional Must Know About Sarbanes-Oxley Reforms Jack S. Levin is a partner at the law firm of Kirkland & Ellis where he concentrates in private equity fund formations, LBOs,
More informationGleim CPA Review Updates to Auditing 2011 Edition, 1st Printing June 3, 2011
Page 1 of 7 Gleim CPA Review Updates to Auditing 2011 Edition, 1st Printing June 3, 2011 NOTE: Text that should be deleted from the outline is displayed with a line through the text. New text is shown
More informationTOWN OF MILLBURY, MASSACHUSETTS MANAGEMENT LETTER YEAR ENDED JUNE 30, 2015
TOWN OF MILLBURY, MASSACHUSETTS MANAGEMENT LETTER YEAR ENDED JUNE 30, 2015 Table of Contents Transmittal letter...1 2 I. Overview...3 II. Informational Items...4 7 III. Findings and Recommendations with
More informationInternal, Operational, and Compliance Auditing
CHAPTER 21 Internal, Operational, and Compliance Auditing Review Questions 21 1 Internal auditing may be defined as an independent, objective assurance and consulting activity designed to add value and
More informationArticles. SEC Proposes New Whistleblower Rules Under the Dodd-Frank Act of Eric R. Markus December 2, 2010
SEC Proposes New Whistleblower Rules Under the Dodd-Frank Act of 2010 Eric R. Markus December 2, 2010 On November 3, 2010, the SEC published proposed rules to implement a whistleblower program to reward
More informationProposed Amendments: N.J.A.C. 11: through 26.6 and 26.9 through 26.14
INSURANCE DEPARTMENT OF BANKING AND INSURANCE OFFICE OF SOLVENCY REGULATION Annual Audited Financial Reports Proposed Amendments: N.J.A.C. 11:2-26.1 through 26.6 and 26.9 through 26.14 Proposed New Rules:
More informationAs management accountants know, the. How Has SOX Affected Foreign Private Issuers? International
International How Has SOX Affected Foreign Private Issuers? Although some costs have risen, there also have been opportunities to improve financial reporting and disclosure. B Y J OERN S CHLIMM As management
More informationTCG BDC II, INC. AUDIT COMMITTEE CHARTER. the quality and integrity of the Company s financial statements;
TCG BDC II, INC. AUDIT COMMITTEE CHARTER I. PURPOSE The purposes of the Audit Committee (the Committee ) of the Board of Directors (the Board ) of TCG BDC II, Inc. and its subsidiaries (collectively, the
More informationLIFETIME BRANDS, INC. AUDIT COMMITTEE CHARTER
LIFETIME BRANDS, INC. AUDIT COMMITTEE CHARTER ORGANIZATION The Board of Directors (the Board ) of Lifetime Brands, Inc. (the Company ) shall appoint an Audit Committee (the Committee ) of at least three
More informationBRIEFING PAPER AUDITOR INDEPENDENCE AND TAX SERVICES ROUNDTABLE JULY 14, 2004
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org AUDITOR INDEPENDENCE AND TAX SERVICES ROUNDTABLE JULY 14, 2004 On the Public Company Accounting
More information716 West Ave Austin, TX USA
: What Every Accountant Should Know About Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION Video Supplement... 1 Course Objectives
More informationSarbanes-Oxley Act of 2002 (SOX): Implementation and Assessment
Sarbanes-Oxley Act of 2002 (SOX): Implementation and Assessment Institute for Independent Auditors National Press Club, Washington, D.C. April 25, 2005 Ethan S. Burger, Esq. Scholar-in-Residence School
More informationImpact on Actuarially Determined Items SEAC Fall Meeting - Atlanta, GA November 19, 2003
Sarbanes-Oxley Act of 2002 Preparing Your Organization for Section 404 Internal Control over Financial Reporting Impact on Actuarially Determined Items SEAC Fall Meeting - Atlanta, GA November 19, 2003
More informationPCAOB Inspections: Auditor Violations and Client Characteristics
PCAOB Inspections: Auditor Violations and Client Characteristics ABSTRACT Mary Jane Lenard Meredith College Norman R. Meonske Kent State University Pervaiz Alam Kent State University The Sarbanes-Oxley
More informationSecure Information Destruction; A Legal Imperative
In this Issue Information as a Double-Edged Sword Not Knowing the Law Secure Information Destruction and Legal Compliance Information Security Recommendations From Shred-it Secure Information Destruction;
More informationDraft Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: November 2017
Draft Guideline Subject: Category: Sound Business and Financial Practices Date: November 2017 I. Purpose and Scope of the Guideline This guideline communicates OSFI s expectations with respect to corporate
More informationChapter 1 Introduction to Corporate Finance
Chapter 1 Introduction to Corporate Finance Konan Chan Financial Management, Fall 2018 Topics Covered Corporate finance and financial manager Forms of business organization Goal of financial management
More informationVycor Medical, Inc. Audit Committee Charter
Vycor Medical, Inc. Audit Committee Charter I. Purpose and authority The audit committee is established by and among the board of directors for the primary purpose of assisting the board in: Overseeing
More information