10 compliance threats to smaller companies

Smaller public companies performing their first management assessment under Sarbanes-Oxley Section 404 may find their first year of compliance particularly challenging. To help unravel the maze of uncertainty, Lord & Benoit has gathered historical evidence of material weaknesses from companies with revenues under $100 million. Since smaller public companies are uniquely transitioning from an entrepreneurial environment to a more controlled or structured growth, some companies may find that rather challenging.

The research was compiled aggregating the results of 148 first time companies with revenues under $100 million (using Audit Analytics and our experience in assisting smaller public clients). Clients with clean internal controls were excluded from this study.

This list provides crucial data that you can use in developing your strategy to assess high level risks within your company. The following are the ten leading material weaknesses in Lord & Benoit’s study:

1. Accounting and disclosure controls
Perhaps the biggest surprise to smaller public companies may be that they are expected to have no significant auditor adjustments. Therefore we found that of the 148 companies we reviewed with material weaknesses, nearly two thirds or 94 had issues relating to accounting and disclosure controls. Included were a number of departures from GAAP, income tax accounting and inadequate or inaccurate financial statement disclosures.

2. Treasury
The next level of material weakness noted was in the process level control area of Treasury. There were 92 findings noted in this category including accounting for stock, debt, investments, derivatives and cash controls. Common in the cash area were lack of separation of duties between signing checks and access to accounting records. Wire transfers with only one person involved was also noted in many instances.

3. Competency and training of accounting personnel
The third highest number of material weaknesses were in the area of adequate training and competency of accounting personnel. The lack of management commitment to the competency and formal training program were described as the root cause for 85 instances of improper accounting and disclosures.

4. Control environment
The fourth greatest threat facing smaller companies in their first year of compliance relates to Audit Committee effectiveness, lack of effective internal audit function, ineffective monitoring of code of ethics and ineffective technical review of financial statements leading to financial restatements. Nearly half of the companies fell into this category.

5. Design of controls/lack of effective compensating controls
About 60 companies reported issues with regards to proper segregation of duties. When we drilled down, we found the cause was not only segregation of duties but the breakdown in the compensating controls that were designed to mitigate the preventive control. In other words, what management thought was happening was different than what was really happening.

6. Revenue recognition
About one third of the companies in the study had improper revenue recognition. The issues mainly dealt with proper cut off and timing of transactions.

7. Financial closing process
About a third of the companies struggled with weaknesses in their financial closing processes. For a number of reasons the financial closing processes did not identify non-recurring and adjusting journal entries that should have been made. Consequently material audit adjustments were necessary leading to material weaknesses in internal controls over financial reporting.

8. Inadequate account reconciliations
In addition to the closing process mentioned in item 7 above, a number of account reconciliation deficiencies were noted in our study. There were 47 instances of material inadequate account reconciliations noted.

9. Information technology
Access controls, change controls, ineffective application controls, and critical spreadsheet controls were some of the points contributing to 45 companies having material IT weaknesses.

10. Consolidations, mergers, intercompany accounts
Another 43 companies had material weaknesses in the mergers and acquisitions, intercompany accounting controls, consolidations and foreign exchange translation gains and losses.

In conclusion, our recommendation would be to use this list as a starting point for a macro level risk assessment within your company. We recommend that you review this list carefully, identify potential concerns that apply and develop an action plan to remediate these identified risks as quickly as possible. Quick action could minimize the likelihood of an adverse Section 404 report at the end of your first year of compliance.

You may like these other stories...

Companies are taking their time transitioning to the 2013 Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control-Integrated Framework, even though the updated guidance is set to take effect...
By Jason BramwellOfficials from the Public Company Accounting Oversight Board (PCAOB) said on August 19 that deficiencies were found in all sixty of the broker-dealer audits conducted by audit firms that the PCAOB inspected...
By Frank Byrt and Anne RosivachThe Public Company Accounting Oversight Board (PCAOB) issued a cautiously optimistic report on US auditors' performance, saying the Board found a reduced rate of "significant audit...

Already a member? log in here.

Upcoming CPE Webinars

Oct 9In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards.
Oct 15This webinar presents the requirements of AU-C 600, Audits of Group Financial Statements (Including the Work of Component Auditors).
Oct 21Kristen Rampe will share how to speak and write more effectively by understanding your own and your audience’s communication style.
Oct 23Amber Setter will show the value of leadership assessments as tools for individual and organizational leadership development initiatives.