The Sarbanes-Oxley Act:
The sections of the Act in an easy to read format
The complete
legislative text
The Sarbanes-Oxley
Act mandates a number of reforms to enhance corporate responsibility,
enhance financial disclosures and combat corporate and accounting
fraud.
Every Monday
Top 10 risk and compliance management related news stories and
world events
Do you want to receive every Monday the
Top
10
risk and compliance management related
news stories
and world
events
that (for better or for worse) shaped the week's agenda,
and what is next?
You may submit the form that follows.
We meet strict national and international privacy standards. You
can unsubscribe at any time.
Study of the Sarbanes-Oxley Act of 2002 Section 404
Internal
Control over Financial Reporting Requirements
OFFICE OF
ECONOMIC ANALYSIS UNITED STATES SECURITIES AND EXCHANGE COMMISSION,
September 2009
This is a report by members of the Office of
Economic Analysis, U.S. Securities and Exchange Commission. The
Commission has expressed no view regarding the analysis, findings,
or conclusions contained herein.
Executive Summary
The
Public Company Accounting Reform and
Investor Protection Act, otherwise known as the Sarbanes-Oxley Act
(the “Act”), was enacted in July 2002 after a series of
high-profile corporate scandals involving companies such as Enron
and Worldcom.
Section 404(a) of the
Act requires management to assess and report on the effectiveness
of internal control over financial reporting (“ICFR”). Section
404(b) requires that an independent auditor attest to management’s
assessment of the effectiveness of those internal controls.
Because the cost of complying with the requirements of Section 404
of the Act (“Section 404”) has been generally viewed as being
unexpectedly high,1 efforts to reduce the costs while retaining
the effectiveness of compliance resulted in a series of reforms in
2007.
The analysis of the
survey data is designed to inform the Commission and other
interested parties as to whether changes occurring since 2007 are
having the intended effect of facilitating more cost-effective
internal controls evaluations and audits, especially as they may
apply to smaller reporting companies.
The findings of the
analysis relating to efficiency include evidence on the total and
component compliance costs, the changes in costs over time, and
the factors that help to explain why costs are lower or higher for
some companies than for others.
These findings include
evidence of direct and indirect effects that management ascribes
to Section 404 compliance, including evidence on intended
benefits.
The 2007 reforms
that are the focus of this inquiry include the SEC’s June 2007
Management Guidance and its order approving the Public Company
Accounting Oversight Board’s (PCAOB) Accounting Standard No. 5
(AS5) (collectively referred to as the “2007 reforms”).
We are primarily
interested in whether and how companies’ experience with Section
404(b) compliance changed following the reforms, yet this report
also presents evidence on the implementation of both Section
404(a) and Section 404(b).
This reflects the
interrelationship between the two requirements.
The survey was open to
all reporting companies with relevant experience in complying with
Section 404, recognizing that only large accelerated filers and
accelerated filers are currently required to comply with both
Section 404(a) and Section 404(b) and, thus, have information
on the overall cost of compliance with
these sections.
These experienced filers
that responded to the survey tend to have public float in excess
of $75 million, which is large compared to that of non-accelerated
filers that are not yet required to comply with Section 404(b).
The evidence on the
experiences of larger companies may be useful in evaluating the
extent to which additional improvements to the implementation of
Section 404(b) should be undertaken before it becomes applicable
to non-accelerated filers.
Notwithstanding, it is
important to highlight that the analysis in this report is not
designed to provide compliance cost estimates for companies that
have yet to comply with the relevant requirements of Section 404.
The general
conclusion from the analysis of survey data is that compliance
costs vary with company size (increasing with size), compliance
history (decreasing with increased compliance experience), and
compliance regime (lower after the 2007 reforms).
Larger companies
tend to incur higher compliance costs in dollar terms (“absolute
cost”), while smaller companies report higher costs as a fraction
of asset value (“scaled cost”).
The evidence suggests
that companies bear some fixed start-up
costs of compliance that are not scalable.
Some of these costs are
recurring fixed costs, while others are one-time start-up costs
borne in the first years of compliance that tend to dissipate over
time. For companies complying with both parts of Section 404, the
cost of complying with Section 404(b) is reportedly similar to the
incremental cost of complying with Section 404(a) alone.
The resource
requirements of Section 404(a) and Section 404(b) compliance are
quite different, however.
The Section 404(a)
cost is borne through increased internal labor and outside vendor
expenses, while the Section 404(b) cost is experienced
primarily through increased independent-auditor fees, according to
the survey evidence.
The
evidence also indicates that there is an economically
and statistically significant reduction in Section 404 compliance
costs following the 2007 reforms.
This reduction is most
pronounced among larger companies.
More than half of survey
participants (henceforth also referred to as “respondents”) who
answered explicit questions about the effects of the 2007 reforms
report that the reforms led to a decrease in compliance costs,
consistent with the objectives of the reform and the reported cost
reductions.
Nearly all respondents
indicated that they relied on the Management Guidance and, of
those, a majority found it to be useful.
As a result of the
Management Guidance, there has been a shift
of effort among smaller companies toward evaluating the
effectiveness of ICFR and away from the tasks of identifying risks
to the company’s financial reporting and identifying controls that
address identified risks.
These respondents,
however, had a less favorable response to a question about the
SEC’s responsiveness to concerns about compliance costs.
The Web survey also included questions about respondents’
perceptions of other potential effects of Section 404 compliance,
including potential beneficial effects.
Respondents ascribe some
beneficial effects to Section 404 compliance.
In particular,
respondents were more likely to report direct benefits of
compliance with Section 404 rules (i.e., improvements directly
related to a company’s financial reporting process, such as the
quality of the company’s ICFR), rather than indirect benefits of
compliance (i.e., improvements indirectly related to a company’s
financial reporting process, such as the company’s ability to
raise capital).
Respondents from larger companies and Section
404(b) companies tend to regard Section 404 compliance more
favorably than those from their counterparts in almost every
respect.
Before turning to a
more detailed outline of findings, it will be useful to provide
some background on the size and compliance categories of the
companies that are the subject of the study.
Throughout the analysis,
respondents are partitioned based on the size of their company
using the size thresholds that parallel the SEC’s reporting
thresholds.
Under SEC regulations— typically—non-accelerated
filers have public float of less than $75 million; accelerated
filers have public float between $75 million
and $700 million; and large accelerated filers have public float
of $700 million or more.
The evidence on the
costs and benefits of Section 404(b) compliance is almost entirely
from the last two groups, which are termed “large” and
“medium/mid-sized” companies in this report, because “small”
companies (with public float less than $75 million) were typically
not yet required to comply with Section 404(b) at the time of the
survey.
Following previous
research, in some instances, the analysis of smaller companies
focuses on those having a public float falling within a band above
and below the $75 million threshold that distinguishes
non-accelerated from accelerated filers.
In addition, to separate
the effects of Section 404(a) compliance from those of Section
404(b), when appropriate the analysis partitions companies that
were compliant with both Sections 404(a) and 404(b) in the
relevant fiscal year (henceforth “Section 404(b) companies”)6 from
those that are compliant with Section 404(a) only (henceforth
“Section 404(a)-only companies”).
Receive the New Member Orientation
Newsletters
You will have the
opportunity lo learn what members registered before you have
already learned. Understand better the Sarbanes Oxley environment,
projects, careers, challenges and opportunities.
Q1. How does the cost of complying with
Section 404 vary across companies,
and what factors influence a
company’s compliance cost?
The total cost of
complying with Section 404 varies across companies
depending on
(1) the company’s size, (2) whether the company is complying
with
Section 404(a) only or also with Section 404(b), (3) the company’s
experience in complying with Section 404(b), and (4) whether
compliance
occurred before or after the 2007 reforms.
Specifically, the
absolute compliance cost in dollar terms tends to increase with
company size (measured by public float), but the cost scaled by
asset value tends to decline as company size increases. As one
would expect, total compliance costs are typically larger for
companies complying with Section 404(b) in addition to Section
404(a).
Longer experience with
Section 404(b) compliance, however, is associated with a decrease
in the typical reported costs (scaled by company assets).
The cost of compliance
tends to be lower after the 2007 reforms than before and this
decrease is most pronounced among larger companies.
Q2. What is the observed trend in Section
404 compliance cost before and after the 2007 reforms?
The Web survey
collected response data on audit fees, outside vendor fees,
non-labor costs, and internal labor hours.
These cost components
were aggregated using conservative assumptions in order to obtain
a dollar estimate of the total cost of compliance (see Section
IV.a).
The evidence
generally indicates that the typical total compliance costs have
decreased from the year prior compared to the one after the 2007
reform and are expected to decrease further in the fiscal year in
progress at the time of the survey.
Among Section 404(b)
companies, the mean total Section 404 compliance cost drops
significantly from $2.87 million pre-reform to $2.33 million
post-reform, representing a 19 percent decline in the total
compliance cost.
The compliance cost is
expected to be lower still, with a mean cost of $2.03 million,
representing a combined decline of 29 percent.
When reporting
compliance costs by size category, the mean total compliance cost
decreases from $769,000 to $690,000 among filers with public float
lower than $75 million, but this difference is not statistically
significant.
The reduction in
compliance costs is more pronounced among the medium and large
companies that are already required to comply with Section 404(b).
The medians reveal
similar patterns for the typical company in our sample.8 The
median total Section 404 compliance cost declines significantly
from $1.19 million pre-reform to $1.04 million post-reform, a 13
percent decline.
The median expected cost
for the fiscal year in progress is lower still, at $905,000, a
combined decline of 24 percent relative to the pre-reform median
cost.
For non-accelerated
filers, the median total compliance cost decreased from $579,000
to $439,000, but, as with the means, the difference for these
companies is not statistically significant.
When analyzing
first-time compliance costs before and after the 2007 reforms, the
results are mixed and the mean decrease in total costs is not
statistically significant. In contrast, for companies in their
second year of compliance with Section 404(b), both the mean and
median compliance costs are significantly lower after the 2007
reforms than before.
Meanwhile,
among Section 404(a)-only companies, the
mean total cost also decreased from $425,000 pre-reform to
$336,000 post-reform, but the difference is not statistically
significant, and the median cost actually increased from $111,000
to $162,000.
Both the mean and the
median, however, are expected to decrease for the fiscal year in
progress at the time of the survey
Q3. How do the component costs of complying
with Section 404 compare, and how have they changed since the 2007
reforms?
For Section 404(b)
compliant companies, the largest cost component is internal labor
costs— which can comprise more than 50 percent of the total
compliance cost—followed by the estimated portion of total audit
fees attributed to ICFR (404(b) audit fees), outside vendor fees,
and non-labor cost.
In general, every
component cost declines after the reforms compared to the year
before, and is projected to decline further in the fiscal year in
progress. The most notable changes in the cost components between
pre-reform and post-reform are observed in the outside vendor fees
and the percent of the total audit fees attributable to ICFR.
The mean outside vendor
fee decreases by 29 percent from $438,000
pre-reform to $311,000.
The median outside
vendor fee decreases by 10 percent from $100,000 to $90,000. Both
differences are statistically significant, and the outside vendor
fees are expected to decrease significantly to a mean cost of
$222,000 and median cost of $55,000 in the fiscal year in progress
at the time of the survey.
The
mean portion of the audit fee that
respondents attributed to the ICFR audit also decreases
significantly by 21 percent from $821,000 to $652,000. This
decline is expected to continue. Similarly, the median audit fee
decreases by 13 percent from $358,000 to $311,000 and is expected
to decrease to $275,000.
Q4. What are the benefits of complying with
Section 404, as reported by company executives, and how do they
compare against the costs of compliance?
The survey asked the
respondents to comment on the impact of Section 404 compliance on
twelve characteristics relating to internal governance and
investor confidence, of which six were considered direct effects
of compliance and the remaining six indirect effects of
compliance.
The respondents
recognized Section 404 compliance as having a positive impact on
various dimensions of the financial reporting process, but were
less inclined to recognize these improvements as affecting the
companies’ dealings with other capital market participants.
Furthermore, in an
optional section of the survey, respondents provided their
assessment of the cost-benefit trade-off of Section 404
compliance.
The majority of
respondents to this section perceive the trade-off to be negative
to varying degrees. This perceived trade-off is more favorable
among larger companies and, independently of size, improved
following the 2007 reforms.
Among the characteristics that are most
widely reported benefiting from Section 404 compliance is: the
quality of the respondent company’s internal control structure (73
percent), the audit committee’s confidence in the company’s ICFR
(71 percent), the quality of the company’s financial reporting (49
percent), the company’s ability to prevent and detect fraud (48
percent), and the respondent’s confidence in the financial reports
of other companies complying with Section 404 (40 percent).
The majority of
respondents recognize no effect of Section 404 compliance on: the
company’s ability to raise capital, investor confidence in the
company’s financial reports, the company’s overall firm value, and
the liquidity of the company’s common stock.
Finally, the
perceived effect of Section 404 compliance on the efficiency of
the operating and financial reporting processes and the timeliness
of the company’s financial statement audit varies widely: while a
majority of respondents perceive no effect on these dimensions,
non-trivial portions of respondents recognize a negative
effect—that is, a reduction in the efficiency of the operating and
financial reporting processes and/or the timeliness of financial
statement audit (see Table 14).
In the cross-section,
larger companies were more likely to ascribe positive direct and
indirect effects to Section 404 compliance than were smaller
companies.
Q5. What are the reported benefits of
Section 404 compliance from the perspective of financial statement
users?
In order to obtain a
more complete picture of the effects of Section 404
implementation, staff members from the SEC’s Office of the Chief
Accountant conducted separate in-depth phone interviews of a
sample of 30 users of financial statements—including lenders,
securities analysts, credit rating agencies, and other investors.
Although the sample is
admittedly smaller than that of issuers participating in the
survey, the evidence gathered is useful because it provides the
perspective of financial statement users on the effects of Section
404 compliance.
In general,
financial statement users regard ICFR disclosures to be beneficial
and indicated that Section 404(a) and Section 404(b) compliance
has had a positive impact on their confidence in the companies’
financial reports.
The users generally
indicate that Section 404 compliance leads management to better
understand financial reporting risks, put in place appropriate
controls to address financial reporting risks, and address
internal control deficiencies in a more timely fashion than in the
absence of the disclosure requirement.
Although, users offer
divergent opinions regarding the extent to which disclosures of
material weakness affect their decision-making process, most agree
that severe weaknesses that could take years to remediate are
likely to negatively affect their decision-making.
Users tend not to
perceive the benefits of Section 404 compliance to vary with the
size of the reporting company. Instead, many indicate that these
benefits depend on a company’s complexity and industry
affiliation.
At the same time, the
users agree that variations in compliance requirements based on
complexity and/or industry would likely be impractical.
Finally, most users
indicate that the benefits they perceive from Section 404
compliance have not changed substantially over time. This is an
important finding since it indicates that the 2007 reforms, while
intended to reduce certain duplicative efforts in conducting the
evaluation of ICFR, did not at the same time change financial
statement users’ perception of the effectiveness of Section 404.
Regarding the Section 404(b) requirement, the general
consensus is that the auditor’s report on ICFR required under
Section 404(b) provides an incremental benefit beyond the
management’s report because many respondents perceive the audit
requirement to provide necessary discipline to the reporting
process.
Although some users
express the concern that ICFR evaluation may divert management’s
attention from other important areas of their businesses, these
respondents continued to believe that strong ICFR is necessary and
that financial statements need to be of high quality and reliable.
Most users
interviewed indicate that the process of compliance with Section
404 has become more efficient since the initial implementation in
2004 due to:
(i) reduction in the
level of documentation,
(ii) improved
communications between auditors and management,
(iii) increased use of
professional judgment in scoping and testing,
(iv) more focus on
higher risk areas, and
(v) streamlining of
audits subsequent to the first-time effort required by Section 404
compliance.
Q6. In what ways have
the Commission’s 2007 reforms affected the companies’ procedures
of complying with Section 404?
Nearly all
respondents who completed an optional section of the survey
requesting feedback on management’s Section 404(a) experience
responded that they used Management Guidance and found it to be
useful (see Table 16).
Those who responded
indicate that both Management Guidance and Auditing Standard No. 5
have helped reduce the total cost of compliance, for companies in
every size category.
The respondents also
indicate on average that Auditing Standard No. 5 resulted in a
small decrease in the time it takes to complete the independent
audit of ICFR.
The perceived impact of
AS5, however, varies with the size of the company and its
experience with Section 404(b) compliance. Specifically, the
perceived impact of AS5 on the time it takes to complete the
independent audit of ICFR is significantly smaller among small
filers and among companies with no previous experience with
Section 404(b) compliance.
When asked to
compare the changes in activities associated with management’s
evaluation of ICFR, the respondents indicate a slight decrease on
average from pre-reform to post-reform in the number of risks
subject to testing, the number of controls tested, but a slight
increase in the level of documentation, the use of management’s
interaction with controls as evidence, reliance on evidence gained
from self-assessment, and reliance on evidence from direct
testing.
Like much of the
previous results, the responses varied significantly depending on
the respondents’ size. While smaller companies typically report an
increase in every component, the changes reported by medium and
large filers are not homogenous.
Interestingly, however,
the evidence suggests that the compliance process across companies
of different size has become more homogenous following the 2007
reforms.
Finally, the survey
evidence indicates that companies are increasingly structuring
their evaluations of ICFR with the intent of allowing the
independent auditor to rely on their internal work (see Table 22),
which is consistent with one of the goals of the 2007 reforms
through Auditing Standard No. 5.
Some caveats about
the analysis of Web survey data on Section 404 implementation
There are a number of
caveats to consider when interpreting the evidence presented in
this study, some of which are due to the inherent nature of survey
data, while others are the result of the particular context in
which the Section 404 survey takes place.
First, most, if not
all, analyses of survey data are affected to various degrees by
the following potential difficulties:
•
Self-Selection Bias (i.e., Non-response Bias):
Participation in survey
research is generally voluntary. The process by which survey
participants “select” to participate in a survey can bias the
inference based on survey data, if the participants’ (self-)
selection process is such that particular segments of the
population are systematically over- or under-represented.
We conduct extensive
analyses to test for the presence and the potential severity of
the problem, particularly by investigating the extent to which key
characteristics of the sample of respondents to the survey
coincide or diverge from those of the list of companies identified
as the target population (see Part III).
We find that respondent
companies are representative of the initial list of public
companies identified for this study, particularly among Section
404(b) companies or within company size groups.
We also find that the
typical responses of voluntary participants in the survey are not
significantly different from those of a randomly selected,
stratified sample of companies that were the target of follow-up
efforts to induce their participation.
Overall,
the evidence is consistent with the notion
that the voluntary nature of the participation introduces no bias
in the responses, at least relative to the separate treatment
group where part of the decision to participate is a result of the
follow-up effort.
•
Response Bias: If there are no
penalties for misrepresentation and survey participants have
systematic incentives to be less than fully truthful, inference
based on survey data (or any other self-reported information that
meets those criteria) may not be accurate.
A similar problem
arises when survey questions are designed to elicit the
participant’s subjective perceptions on a particular subject and
the participants’ views are systematically biased. The portion of
survey data that we could independently verify (i.e., audit fees)
indicates that the participants’ representations do not deviate
substantially from what is reported in official
SEC filings.
Aside from this
exercise, it is virtually impossible to assess the extent to which
the remaining survey data may not be accurate.
The nature of the
survey questions varies, with some questions focusing on
quantifiable items (e.g., internal labor hours) and others on
directional perceptions (e.g., assessment of the effect of Section
404 on the quality of ICFR) and others still on
directional/ordinal perceptions (e.g., assessment of the effect of
AS5 on the amount of time it takes to complete the independent
audit under Section 404(b)).
The common element,
however, is that these data cannot be independently verified,
either because companies are do not keep a separate record of the
figures provided (e.g., costs) or because the information provided
is based on the respondents’ perceptions which by their very
nature are not verifiable.
The analysis in this
report provides a characterization of companies’ experiences with
Section 404 compliance that is based on survey participants’
representations of their experiences.
Other caveats are
specific to the analysis presented in this report, as they depend
on the nature and timing of the survey. In particular:
1.
The number of respondents from Section
404(b) companies that are non-accelerated filers and have usable
data is relatively small—approximately 100 companies versus over
1,600 accelerated filers in the most recently completed fiscal
year (see Table 9)—and there are reasons to believe the experience
of these companies may not extend to other non-accelerated filers
that are yet to comply with Section 404(b).
Specifically,
non-accelerated Section 404(b) companies that participated in the
survey are either voluntary compliers or have been required to
comply in the past as accelerated filers and must continue to do
so because their float has not dropped below $50 million since.
To the extent that these
factors affect companies’ experience with Section 404(b)
compliance, one should be careful when extrapolating the results
to non-accelerated filers that are yet to comply.
2. Non-accelerated filers were required to
start complying with Section 404(a) at the end of 2007—after the
reforms.
Yet, a number of
non-accelerated filers responding to the survey reported bearing
Section 404 compliance costs prior to the reform. These
respondents were contacted after the survey was closed to inquire
about the nature of the information provided.
These respondents
indicated that their company began complying with Section 404
requirements prior to the Commission’s public announcement that
the compliance deadline had been extended and, thus, they viewed
the resulting pre-reform costs reported in the survey as
appropriately ascribed to Section 404(a) compliance.
The analysis
of non-accelerated filers’ experience prior to the reforms should
be interpreted with the caveat in mind that it may not be
representative of what the typical non-accelerated filer would
have experienced.
3. The
characteristics of the internal governance structure and financial
reporting process are likely to be important determinants of the
companies’ compliance experiences, including costs and benefits
and the nature of the audit services they obtain under Section
404(b).
To the extent that
accelerated and non-accelerated filers display significant
differences in these dimensions, it may not be appropriate to
extrapolate the analysis of accelerated filers to non-accelerated
filers.
4. All the cost
figures presented in this analysis are based on survey
respondents’ characterization of the resources devoted to Section
404 compliance. As such, the general caveats above apply.
Moreover, there are some aspects specific to our analysis:
a. All estimates
presented in this report are based on non-audited numbers based on
the respondents’ perception provided in the survey.10 Moreover,
the nature of the estimates is limited by the scope of the survey.
b. There are reasons
to question the ability of respondents to provide an accurate
breakdown of audit fees into Section 404(b) fees versus financial
statement audit fees.
Auditors interviewed by the SEC’s OCA staff
highlight this difficulty on the basis that, for Section 404(b)
companies, the two audits are integrated and audit firms do not
typically provide a breakdown of the fees.
Based on conversations
with issuers, however, it seems routine for them to request and
obtain audit fee quotes that account for the incremental auditor’s
work under Section 404(b) requirements before the company begins
complying with this section of the Act.
Thus, it is possible
that respondents’ attribution of audit fees to Section 404(b) may
be inaccurate, to the extent that they are based on quotes
provided by auditors upon first-time compliance with this section
and that such a breakdown does not apply in subsequent years of
compliance
c. It is important to note that the estimates of
internal labor costs presented in this report are based on an
assumption about a reasonable hourly rate.
The rate adopted for
internal labor is $121 per hour, consistent with the rate quoted
as of September, 2008 for a junior accountant cited in a report on
salaries prepared by the Securities Industry and Financial Markets
Association (SIFMA), to which the Commission frequently refers in
its rulemakings.
This is at the low end of cost estimates
that are provided in the SIFMA report for accounting and related
services, and above the rate of $50/hour (or $100,000 for 2000
hours) that is assumed in a series of Financial Executives
International (“FEI”) reports of survey findings relating to the
costs of compliance with Section 404 that date back to 2005.
Although our assumed
rate is within the range of reasonable estimates for evaluating
the overall costs of compliance, it is not intended for use in
estimating the cost to an individual company.
We have provided
information sufficient for determining how the internal labor
costs are affected by changes in the hourly rate—e.g., doubling
(halving) the rate to $242 ($60.5) per hour doubles (halves) the
associated labor costs— and by changes in internal labor hours,
each of which may vary across companies.
d. Coates (2007),
among others, highlights that implementation of the Sarbanes-Oxley
Act “created new incentives for firms to spend money on internal
controls” even where companies were required to invest such
resources under the previous regulatory regime.
This observation is
particularly relevant in the context of Section 404
implementation. In particular, Section 13(b)(2) of the Exchange
Act requires companies to maintain effective ICFR, while Section
404 requires management to report on the effectiveness of ICFR.
By this reasoning, it is
conceivable that Section 404 may have given issuers incentives to
spend more resources to meet the requirements of the Exchange Act,
causing companies to bear “deferred maintenance” expenses to bring
ICFR into compliance with those requirements.
It is possible that
survey participants include these costs in their assessment of the
incremental costs due to Section 404 compliance.
Whether this is the
correct measure of the incremental costs of Section 404 compliance
depends on the objective of the analysis. For example, issuers
were required to be in compliance with Section 13(b)(2) of the
Exchange Act prior to SOX, so the ICFR maintenance costs might not
seem pertinent.
From this perspective,
Section 404 cost estimates that include the ICFR maintenance
expenses overestimate the cost of compliance with Section 404—by
including more than just the cost of reviewing ICFR and preparing
the mandated disclosures.
Alternatively, if the
argument above is correct, in the sense that companies
systematically shirk in complying with the Exchange Act
requirements absent SOX, then the incremental economic cost of
Section 404 compliance should include the aforementioned
maintenance expenses that would not be borne absent Section 404.
Similarly, it is worth
noting that a parallel logic applies to the benefits of Section
404 compliance.
That is, from an
economic perspective, the incremental benefits of Section 404
include the improvements in ICFR resulting from the deferred
maintenance that would not have occurred absent the new disclosure
requirements of Section 404.
5. Participants in
the survey provided their perceptions of the effects of Section
404 compliance, both on the financial reporting process and their
company’s interaction with capital market participants. The
following caveats should be kept in mind for this part of the
analysis:
a. The assessment of
the benefits is qualitative in nature, given the intrinsic
difficulty of quantifying the benefits of Section 404 compliance
in monetary terms, and not directly comparable to the cost
estimates provided by the same respondents.
b. In addition to
lack of comparability with cost estimates, the analysis of the
survey responses about the benefits of compliance may be subject
to response bias.
In particular, the response bias would seem to
be especially relevant when participants provide their assessment
of how Section 404 compliance affects subjects outside the
corporation (e.g., investors’ confidence in the company’s
reports).
The resulting analysis
may be biased if the respondents’ perception or their
representation of those perceptions is biased.
With this caveat in
mind, the staff of the SEC’s Office of the Chief Accountant (OCA)
conducted in-depth interviews with individuals representing a
variety of external users of financial statements to gather their
views on the effects of Section 404.
This effort complements
the analysis of the views expressed by the companies participating
in the survey, in combination providing a broader and more
complete assessment of the effects of Section 404 on capital
market participants.
6. In various parts
of the survey, the participants provided information about their
experience with Section 404 compliance over several years: the
most recently completed fiscal year; the fiscal year prior to
that, and the fiscal year in progress at the time of the survey.
|
