November 27, 2009

Many small businesses are chafing at the thought of being held accountable under the Sarbanes/Oxley act. Accordingly, there is a push to have them exempt.

Reps. John Adler of New Jersey is attempting to amend the Investor Protection Act of 2009 by adding provisions to the Sarbanes-Oxley Act, the 2002 law that was enacted after accounting scandals at Enron and WorldCom. The law requires firms to audit their financial statements and internal controls. Adler is proposing to exempt publicly-traded firms with a market capitalization of less than $700 million from a provision in the act that mandates an external audit of the firm. Adler would require the Securities and Exchange Commission to develop rules that would ease the "burden" on these smaller firms. Until the SEC developed those rules, firms worth less than $700 million had been completely exempt from mandated external audits. 

However, Bob Benoit believes that would be a mistake. “Small businesses should be kept under the Sarbanes umbrella,” said Benoit, President and Director of SOX Research at Lord and Benoit. “It’s good protection for the country as well as the small business person. Publicly held small businesses should be held accountable for the money they receive. The CFO of a firm will tell you it isn’t necessary but we found an average of ten fraud factors in every small business that would go unchecked.”

“A public company receives millions of dollars from investors and complying with Sarbanes/Oxley might cost a company $30,000. That is nothing compared to the accountability that comes into play,” concluded Benoit.

Here are the common fraud situations Benoit has uncovered:

Accounting/IT-  the number one fraud risk is the ability to sign checks and also have access to accounting transactions. For example, a bookkeeper might have the freedom to write checks to himself and then cover it up in the bank reconciliation. A similar fraud risk is inherent in the lack of segregation of duties with electronic fund transfers.

IT administrators-  having accounting people who are also IT administrators enables users to possibly delete transactions, gain access to accounting systems, and wipe them out to cover their tracks.

Accounting systems - certain off-the-shelf accounting software allows users to revise transaction dates and amounts without leaving an audit trail.

Payroll- in many smaller companies, payroll is not reviewed by anyone other than the sole person responsible for it. Such personnel could create fictitious employees or pay “employees” after they've been terminated.

Weak Audit Committees- audit committees for smaller public companies were not regularly informed about internal control matters, even though these committees have ultimate oversight.

Ethical Ambiguity- many smaller public companies did not bother with background checks, opening themselves up to a greater potential for fraud and, as a result, expensive lawsuits.   

for more info-  http://www.soxlaw.com

                        www.Section404.org.