SEC Proposes Risk-Based Analysis of Financial Controls

The Securities and Exchange Commission (SEC) voted unanimously on Wednesday to allow public companies subject to the requirements of Sarbanes-Oxley (SOX) to evaluate the design of only those financial controls that might carry the risk of having a material impact on financial statements. The proposed rule would make compliance less burdensome for smaller companies that will be required to issue financial statements under the law next year.

Regulators also proposed that managers would not have to consult with external auditors to determine the risks inherent in their internal controls but could rely on their own judgment, the Los Angeles Times reports.

"We are proposing this interpretative guidance to help management make their evaluation process more efficient and cost-effective," said SEC Chairman Christopher Cox, according to the Agency’s release. "In the absence of guidance, management has looked to the PCAOB's auditing standard to conduct their evaluations, which is not what was intended. With this guidance, management will be able to scale and tailor their evaluation procedures to fit their facts and circumstances, and investors will benefit from reduced compliance costs.”

The proposed guidance is principles-based guidance that is organized around two important principles, the SEC statement says:

  • First, management should evaluate the design of the controls that it has implemented to determine whether there is a reasonable possibility that a material misstatement in the financial statements would not be prevented or detected in a timely manner. This principle promotes efficiency by allowing management to focus on those controls that are needed to prevent or detect material misstatement in the financial statements.

  • Second, management should gather and analyze evidence about the operation of the controls being evaluated based on its assessment of the risk associated with those control. The principle allows management to align the nature and extent of its evaluation procedures with those areas of financial reporting that pose the greatest risks to reliable financial reporting.

“Companies of all sizes and complexities will be able to conduct their evaluations more effectively and efficiently by following the proposed guidance,” SEC Chairman Christopher Cox said, according to the New York Times. “As smaller companies have less complex internal control systems than larger companies, this approach enables smaller companies, in particular, to scale and tailor their evaluation methods and procedures to fit their own facts and circumstances.”

"There was never anything wrong with the principles of 404," SEC Commissioner Roel Campos said, Inc.com reports. "What we need to work on is implementation."

Jim Greenwood, president of Biotechnology Industry Organization, a Washington-based trade group, called the proposed guidelines a welcome development, Inc.com says. "Our companies typically have limited cash flow and revenue," Greenwood said in a statement. He said funds that should be re-invested in smaller companies are instead "spent complying with these overly imposing regulations."

The SEC statement concluded that its proposed amendments were intended to clarify the auditor reporting requirement in a consistent manner with the anticipated proposed new auditing standard. The Public Companies Accounting Oversight Board (PCAOB) is expected to release a new auditing standard that “would supersede Auditing Standard No. 2, the Board's existing auditing standard on internal control over financial reporting.” The PCAOB is expected to release their new standard at its meeting on December 19.

Both the proposed guidance on principles and the new auditing standard will be open for public comment for two months.

You may like these other stories...

The Public Company Accounting Oversight Board (PCAOB) on Monday reminded auditors that they should continue adhering to the board’s existing standards when considering an organization’s ability to operate as a...
Exclusive: Lois Lerner breaks silenceIn her first press interview since the IRS Tea Party targeting scandal broke 16 months ago, ex-agency official Lois Lerner told Politico that employers won’t hire her, she’s...
Cybersecurity is no longer the domain of an organization's IT staff. It's moved to the boardroom, and in a big way. Accountants and financial managers may have been thinking it's just the province of the tech...

Already a member? log in here.

Upcoming CPE Webinars

Sep 24
In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards. A dashboard condenses large amounts of data into a compact space, yet enables the end user to easily drill down into details when warranted.
Sep 30
This webcast will include discussions of important issues in SSARS No. 19 and the current status of proposed changes by the Accounting and Review Services Committee in these statements.
Oct 21
Kristen Rampe will share how to speak and write more effectively by understanding your own and your audience's communication style.
Oct 23
Amber Setter will show the value of leadership assessments as tools for individual and organizational leadership development initiatives.