Justice, SEC actions backpedal a bit on post-scandal rules

December 18, 2006 from Associated Press – “They were two early Christmas gifts for corporate America -- with potentially far-reaching effects for investors and the financial landscape. At the Justice Department and the Securities and Exchange Commission, separate actions last week both had the effect of easing landmark rules laid down in response to the 2002 crisis of corporate malfeasance.

Culminating an intense months long lobbying campaign by an array of companies, the five SEC commissioners voted at a public meeting Wednesday to propose a plan giving corporate managers more flexibility in assessing the strength of internal financial controls. It would especially benefit smaller companies.

The sweeping anti-fraud law known as Sarbanes-Oxley was enacted in 2002 amid the wave of scandals that engulfed Enron Corp., WorldCom Inc. and other big corporations. The law contains a key section requiring public companies to assess the strength of their internal safeguards to ensure that their financial statements are accurate. Companies have complained to the SEC that those rules are overly burdensome and costly, especially for smaller businesses…

Some business-friendly Democrats who are assuming power positions in January have expressed support for Sarbanes-Oxley relief for companies -- and their preference for the SEC to wield its regulatory scalpel as opposed to Congress' heavier hand of legislation.

The SEC move was a "reasonable approach" in light of the disproportionate burden of the financial-control rules on small companies, said James Cox, a professor at Duke University who also is a securities-law specialist.

Still, he said, with more leeway under the SEC plan -- allowing, for example, less stringent testing of internal controls for some companies, "Those (financial) numbers are going to be less trustworthy than they would be otherwise. ... Investor protection's going to suffer."

SEC officials insisted that would not happen. Agency Chairman Christopher Cox called the new plan "making Sarbanes-Oxley work for investors at the right price"…

180 View – We thought that the article was vague so we went to the source at http://www.sec.gov/rules/proposed/2006/33-8762.pdf released by the SEC on December 20, 2006. We have highlighted what we believe are the key points.

“The proposed guidance is organized around two broad principles. The first principle is that management should evaluate the design of the controls that it has implemented to determine whether they adequately address the risk that a material misstatement in the financial statements would not be prevented or detected in a timely manner. The guidance describes a top-down, risk-based approach to this principle, including the role of entity-level controls in assessing financial reporting risks and the adequacy of controls. The proposed guidance promotes efficiency by allowing management to focus on those controls that are needed to adequately address the risk of a material misstatement in its financial statements. There is no requirement in our guidance to identify every control in a process or document the business processes impacting ICFR. Rather, under the approach described herein, management focuses its evaluation process and the documentation supporting the assessment on those controls that it believes adequately address the risk of a material misstatement in the financial statements. For example, if management determines that the risks for a particular financial reporting element are adequately addressed by an entity-level control, no further evaluation of other controls is required.

The second principle is that management’s evaluation of evidence about the operation of its controls should be based on its assessment of risk. The proposed guidance provides an approach for making risk-based judgments about the evidence needed for the evaluation. This allows management to align the nature and extent of its evaluation procedures with those areas of financial reporting that pose the greatest risks to reliable financial reporting (i.e., whether the financial statements are materially accurate). As a result, management may be able to use more efficient approaches to gathering evidence, such as self-assessments, in low-risk areas and perform more extensive testing in high-risk areas.

By following these two principles, we believe companies of all sizes and complexities will be able to implement our rules effectively and efficiently. As smaller public companies generally have less complex internal control systems than larger public companies, this top-down, risk-based approach should enable smaller public companies in particular to scale and tailor their evaluation methods and procedures to fit their own facts and circumstances. We encourage smaller public companies to take advantage of the flexibility and scalability of this approach to conduct an efficient evaluation of internal control over financial reporting. Further, we believe the proposed guidance will assist companies of all sizes in completing the annual evaluation of ICFR in an effective and efficient manner by addressing a number of the common areas of concern that have been identified over the past two years.”