Free Pricing | JCPenney Coupons | Pizza Hut Coupons | Home Depot Coupons
Inside Sarbanes Oxley http://insidesarbanesoxley.com All the SOX news that's fit to print Fri, 10 Sep 2010 16:42:12 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 Whistleblowing – What you need to know about the Dodd-Frank Act http://insidesarbanesoxley.com/2010/09/whistleblowing-what-you-need-to-know-about-the-dodd-frank-act/ http://insidesarbanesoxley.com/2010/09/whistleblowing-what-you-need-to-know-about-the-dodd-frank-act/#comments Fri, 10 Sep 2010 16:42:12 +0000 Toby Lucich http://insidesarbanesoxley.com/?p=2438

If your organization isn’t already offering incentives to ferret out inappropriate behaviors, the new Dodd-Frank Act and whistleblowing rewards just might (and could make your company the next public spectacle).

Deloitte’s “Whistleblowing and new Race to Report” offers a very useful orientation to the impact of this new act. From their site,

The Dodd-Frank Wall Street Reform and Consumer Protection Act has created rewards of 10 to 30 percent of monetary sanctions for whistleblowers who report to the Securities and Exchange Commission (SEC) original information leading to securities law enforcement actions that recover more than $1 million. 

Press releases announcing settlements by the SEC in the first seven months of 2010 show how large future rewards for whistleblowers could be.

In addition, proposed changes to U.S. Federal Sentencing Guidelines may lead to a reduction in organizational sentences when the organization has an effective compliance and ethics program that incorporates direct reporting obligations from the head of the compliance program to the board of directors or audit committee.

]]>
http://insidesarbanesoxley.com/2010/09/whistleblowing-what-you-need-to-know-about-the-dodd-frank-act/feed/ 1
Internal Audit: The Continuous Conundrum http://insidesarbanesoxley.com/2010/05/internal-audit-the-continuous-conundrum/ http://insidesarbanesoxley.com/2010/05/internal-audit-the-continuous-conundrum/#comments Thu, 27 May 2010 05:44:13 +0000 Toby Lucich http://insidesarbanesoxley.com/?p=2431

The department painstakingly went through its inventory of SOX controls to determine which ones could be assessed just by analyzing data in company systems. Then data-analytic scripts were written to allow exceptions to be found. Now, for example, the entire population of journal entries can be examined quickly for segregation-of-duty violations.

..Look directly for irregularities traceable to the finance operation. Journal entries by senior finance executives or business-unit leaders are flagged, because entries normally are made by lower-level accountants. Likewise, any entries that boost revenue by a certain percentage, particularly those that put the business unit just above its budgeted monthly goal, are flagged.

Internal Audit: The Continuous Conundrum

]]>
http://insidesarbanesoxley.com/2010/05/internal-audit-the-continuous-conundrum/feed/ 0
How to choose the right nonexecutive board leader http://insidesarbanesoxley.com/2010/05/how-to-choose-the-right-nonexecutive-board-leader/ http://insidesarbanesoxley.com/2010/05/how-to-choose-the-right-nonexecutive-board-leader/#comments Wed, 26 May 2010 10:01:27 +0000 Toby Lucich http://insidesarbanesoxley.com/?p=2427

Ever since stock-listing requirements prompted many US companies to name an independent director to serve as the chairman, lead director, or presiding director of the board, these companies have been grappling with what, exactly, this board leader should do and how to find the right person for the job.

The change in governance followed corporate scandals (in the early part of the decade) that led to investor pressures to strengthen corporate governance by separating the roles of CEO and chairman. This separation represented a step into the unknown, because the CEO traditionally served as chairman in most US companies and was the board’s undisputed leader.

How to choose the right nonexecutive board leader

]]>
http://insidesarbanesoxley.com/2010/05/how-to-choose-the-right-nonexecutive-board-leader/feed/ 0
How To Punish Leadership Negligence http://insidesarbanesoxley.com/2010/05/how-to-punish-leadership-negligence/ http://insidesarbanesoxley.com/2010/05/how-to-punish-leadership-negligence/#comments Tue, 25 May 2010 04:58:40 +0000 Toby Lucich http://insidesarbanesoxley.com/?p=2423

In any sensible system of institutional governance, negligence would be sanctioned. So why is it that leaders of major corporations often seem to escape punishment for negligent conduct? Why is it that Tony Hayward, the head of BP, can publicly admit that it was “probably true” that the company should have done more to prepare for deep-water drilling emergencies and still keep his job?

So long as we fail to hold business leaders to an appropriate standard of care, we can expect these sorts of disasters to continue. The heads of corporations are seldom held personally accountable for the negligent acts of their organizations.

How To Punish Leadership Negligence

]]>
http://insidesarbanesoxley.com/2010/05/how-to-punish-leadership-negligence/feed/ 0
Just Released – COSO’s Analysis of Fraudulent Financial Reporting 1998-2007 http://insidesarbanesoxley.com/2010/05/just-released-cosos-analysis-of-fraudulent-financial-reporting-1998-2007/ http://insidesarbanesoxley.com/2010/05/just-released-cosos-analysis-of-fraudulent-financial-reporting-1998-2007/#comments Tue, 25 May 2010 02:37:36 +0000 Toby Lucich http://insidesarbanesoxley.com/?p=2434

COSO has released a new research study, Fraudulent Financial Reporting: 1998-2007,that examines 347 alleged accounting fraud cases investigated by the U.S. Securities and Exchange Commission (SEC) over a ten-year period ending December 31, 2007. It provides an in-depth analysis of the nature, extent and characteristics of accounting frauds occurring throughout the ten years, and provides helpful insights regarding new and ongoing issues needing to be addressed.

  • There were 347 alleged cases of public company fraudulent financial reporting from 1998 to 2007, versus 294 cases from 1987 to 1997. Consistent with the high-profile frauds at Enron, WorldCom, etc., the dollar magnitude of fraudulent financial reporting soared in the last decade, with total cumulative misstatement or misappropriation of nearly $120 billion across 300 fraud cases with available information (mean of nearly $400 million per case).
  • The most common fraud technique involved improper revenue recognition, followed by the overstatement of existing assets or capitalization of expenses.
  • The SEC named the CEO and/or CFO for some level of involvement in 89 percent of the fraud cases, up from 83 percent of cases in 1987-1997.

COSO’s Analysis of Fraudulent Financial Reporting 1998-2007

]]>
http://insidesarbanesoxley.com/2010/05/just-released-cosos-analysis-of-fraudulent-financial-reporting-1998-2007/feed/ 0
How mature is your Enterprise Risk Management (ERM) Practice? http://insidesarbanesoxley.com/2010/04/how-mature-is-your-enterprise-risk-management-erm-practice/ http://insidesarbanesoxley.com/2010/04/how-mature-is-your-enterprise-risk-management-erm-practice/#comments Wed, 28 Apr 2010 15:39:00 +0000 Toby Lucich http://iso.siliconflorist.com/?p=5

I wanted to share what I found to be surprising statistics from their recently published 2010 Report on the Current State of Enterprise Risk Oversight: 2nd Edition” published in February.

  • 48.7% of respondents describe the sophistication of their risk oversight processes as immature to minimally mature. Forty-seven percent do not have their business functions establishing or updating assessments of risk exposures on any formal basis. Almost 70% noted that management does not report the entity’s top risk exposures to the board of directors.
  • Almost 57% of our respondents have no formal enterprise-wide approach to risk oversight

More statistics and a call for input on how you are managing your ERM practices – How mature is your Enterprise Risk Management (ERM) Practice?

]]>
http://insidesarbanesoxley.com/2010/04/how-mature-is-your-enterprise-risk-management-erm-practice/feed/ 0
SEC Approves Enhanced Disclosure About Risk, Compensation and Corporate Governance http://insidesarbanesoxley.com/2010/04/sec-approves-enhanced-disclosure-about-risk-compensation-and-corporate-governance/ http://insidesarbanesoxley.com/2010/04/sec-approves-enhanced-disclosure-about-risk-compensation-and-corporate-governance/#comments Tue, 27 Apr 2010 12:45:00 +0000 Toby Lucich http://iso.siliconflorist.com/?p=6

(12/16/2009)
The Securities and Exchange Commission today approved rules to enhance the information provided to shareholders so they are better able to evaluate the leadership of public companies.

In particular, the new rules require disclosures in proxy and information statements about:

  • The relationship of a company’s compensation policies and practices to risk management.
  • The background and qualifications of directors and nominees.
  • Legal actions involving a company’s executive officers, directors and nominees.
  • The consideration of diversity in the process by which candidates for director are considered for nomination.
  • Board leadership structure and the board’s role in risk oversight.
  • Stock and option awards to company executives and directors.
  • Potential conflicts of interests of compensation consultants.

The new rules, which will be effective Feb. 28, 2010, also require quicker reporting of shareholder voting results.

SEC Approves Enhanced Disclosure About Risk, Compensation and Corporate Governance

]]>
http://insidesarbanesoxley.com/2010/04/sec-approves-enhanced-disclosure-about-risk-compensation-and-corporate-governance/feed/ 0
Control Rationalization – 8 Best Practices http://insidesarbanesoxley.com/2010/04/control-rationalization-8-best-practices/ http://insidesarbanesoxley.com/2010/04/control-rationalization-8-best-practices/#comments Tue, 20 Apr 2010 10:27:00 +0000 Toby Lucich http://iso.siliconflorist.com/?p=7

The health of your business requires consideration that a continual over assessment of risks and controls encumbers your resources and leads to unnecessary testing. External auditors need a business case to justify reducing SOX compliance requirements. As the business owner closest to the daily processes of your organization, you are in the best position to build this business case.

“Control Rationalization – The 8 Best Practices” from Claret Partners

]]>
http://insidesarbanesoxley.com/2010/04/control-rationalization-8-best-practices/feed/ 0
SOX Life: Revisiting your Control Environment http://insidesarbanesoxley.com/2010/04/sox-life-revisiting-your-control-environment/ http://insidesarbanesoxley.com/2010/04/sox-life-revisiting-your-control-environment/#comments Tue, 13 Apr 2010 19:11:00 +0000 Toby Lucich http://iso.siliconflorist.com/?p=8

I have had too many conversations about “just one more layer for good measure” when it comes to controls in the enterprise.

Never enough time” and “too many competing demands” seems to be the recurring theme, as folks complain about staffing being reduced 10% since 2007, and cashflow being as tight as most of us have ever witnessed.

These complaints seem to come on the heels of

  • “This is a great idea, but we’ve already got 37 strategic initiatives underway, and I don’t know if we can manage since we are running 4 FTEs under budget and have two new temps joining our staff this week.”
  • “We don’t know if management is getting the information they need – we’re too busy trying to keep up with the recording of our transactions.”
  • “Send me an invoice [for consulting services], and we’ll see how the Procurement process plays out.”
  • “I’ve got so many mandatory tasks to perform, I/we never get to the valuable work of analysis and investigation that could really move our company forward.”

Have you re-evaluatead your control environment lately?

]]>
http://insidesarbanesoxley.com/2010/04/sox-life-revisiting-your-control-environment/feed/ 0
Amended Custody Rules and SAS 70s http://insidesarbanesoxley.com/2010/04/amended-custody-rules-and-sas-70s/ http://insidesarbanesoxley.com/2010/04/amended-custody-rules-and-sas-70s/#comments Mon, 12 Apr 2010 15:08:00 +0000 Toby Lucich http://iso.siliconflorist.com/?p=9

On December 30, 2009, the Securities and Exchange Commission (SEC) finalized the
amendments to the custody requirements of Rule 206(4)-2 (the “Rule”), under the
Investment Advisers Act of 1940. What do you need to do to prepare and comply
now that the Rule has gone into effect as of March 12, 2010?

See Deloitte’s “March 12th Effective Date for Amended Custody Rule” for the three most common concerns facing organizations subject to the Rule.

]]>
http://insidesarbanesoxley.com/2010/04/amended-custody-rules-and-sas-70s/feed/ 0