Now back to work, SEC Enforcement once again takes up the issue of internal control over financial reporting. In this instance, the SEC announced settled charges against four public companies for failing to remediate internal control weaknesses—for years! We’re talking seven to ten years. The companies seemed to be under the misimpression that, as long as they disclosed the material weaknesses, they were in the clear. But they learned the hard way that that was not the case. According to Melissa Hodgman, an Associate Director in Enforcement, “Companies cannot hide behind disclosures as a way to meet their ICFR obligations. Disclosure of material weaknesses is not enough without meaningful remediation. We are committed to holding corporations accountable for failing to timely remediate material weaknesses.”
A number of members of the SEC accounting staff addressed the 2018 AICPA Conference on Current SEC and PCAOB Developments. Some of the remarks provided helpful guidance for evaluating internal control over financial reporting.
It’s not just Dodd-Frank that has been roundly disparaged in some quarters, SOX 404(b)—the requirement to have an auditor attestation and report on management’s assessment of internal control over financial reporting—has also recently been much maligned. For example, at a recent House subcommittee hearing devoted to the reasons for the decline in the number of IPOs and public companies, a majority of the subcommittee members attributed the decline largely to regulatory overload, with a number of the witnesses training their sights directly on SOX 404(b). (See the SideBar below.) And then there are the legislative efforts to limit the application of SOX 404(b), such as the provision in the Financial Choice Act to allow certain time-lapsed EGCs another five-year exemption from the audit-attestation requirement. (See this PubCo post.) Whether you view these efforts as heavy-handed or not enough of a good thing, the notion that internal controls might diminish fraud risk remains controversial: some maintain that they are a strong deterrent, while others challenge that contention in light of management’s ability to override controls. A recent study by academics in Texas analyzed whether the strength of internal control significantly affects fraud risk. The result: the study found “a strong association between material weaknesses and future fraud revelation,” leading to the authors’ conclusion that “control opinions that do cite material weaknesses provide a meaningful signal of increased fraud risk.”
by Cydney Posner The warnings are everywhere—it’s time to get serious about revenue recognition. The new standard is expected to result in significant changes to measuring, recognizing and reporting of revenue—regarded as the key line item in the financials for most companies. While the impact of the new standard will […]
by Cydney Posner In a recent speech at the University of Tennessee, “Advancing the Role and Effectiveness of Audit Committees,” SEC Chief Accountant Wes Bricker discusses his recommendations for — wait for it — improving the effectiveness of audit committees. The speech addresses issues such as diversity, work overload, tone […]
by Cydney Posner In a speech at the end of 2015 to the AICPA National Conference on Current SEC and PCAOB Developments, SEC Chair Mary Jo White emphasized that “it is hard to think of an area more important than ICFR [internal control over financial reporting] to our shared mission of providing […]