Business Forum: Sarbanes-Oxley: Enron's Revenge

By Isaac Cheifetz
Published April 14, 2003

President Bush signed into law the Sarbanes-Oxley Act of 2002 in July. Sarbanes-Oxley is the most important legislation regulating publicly held companies and their audit firms since the Securities Act of 1933, signed by President Franklin D. Roosevelt in his first year in office.

The 1933 act was the first federal securities legislation, in reaction to the stock-market crash of 1929. The next year, the Securities Exchange Act of 1934 created the Securities and Exchange Commission (SEC), the sheepdog of U.S. securities markets.

Whether or not one agrees with the need for Sarbanes-Oxley, it is now the law of the land. Businesses quickly adapted to the legislation of the 1930s, and will now as well. There is, fortunately, far less corruption now than in that era; the overwhelming majority of professionals and companies are honest.

In February, SEC Commissioner Paul Atkins said: "Sarbanes-Oxley contains many advances for corporate governance, although it also represents what formerly would have been an unimaginable incursion of the U.S. federal government into the corporate governance area. Sarbanes-Oxley acknowledges the importance of stockholder value. Without equity investors and their confidence, our economic growth and continued technological innovations would be slowed."

Sarbanes-Oxley mandates the creation of a Public Company Accounting Oversight Board to oversee and investigate the audits and auditors of publicly traded companies and their financial reports. Audit firms, and to a lesser extent, corporations, fought aspects of Sarbanes-Oxley as an overreaction to scandals such as Enron and WorldCom. And indeed, the specifics of the legislation mostly address the sins of Enron, with a few of WorldCom's thrown in.

Primary Points

Key provisions of the Sarbanes-Oxley Act include:

• Board independence. On a corporation's board of directors, the audit committee is charged with monitoring that the books are clean.

To strengthen their hand, Sarbanes-Oxley mandates that audit committee members must be truly independent, with no other revenue derived from the company. Also, the audit firm will be chosen by, and report to, the audit committee, not corporate management. In the real world, finding independent yet financially sophisticated board members will be a challenge.

• Audit firm independence. When Enron sank, so did Arthur Andersen, for 70 years the world's premier corporate auditor. To keep auditors from getting too chummy with their corporate clients, Sarbanes-Oxley prohibits audit firms from providing their audit clients with other consulting services, such as information technology systems, mergers-and-acquisitions strategy, internal audit outsourcing or the outsourcing of back-office functions.

To avoid the temptation of future employment influencing an audit (many of Enron's top financial executives were former Andersen employees), an accounting firm will not be able to provide audit services to a public company if one of that company's top officials was employed by the firm and worked on the company's audit during the previous year.

• Beefed-up criminal penalties. The law creates tough penalties for those who destroy records, commit securities fraud and fail to report fraud. CEOs and CFOs will reimburse ill-gotten profits from corporate malfeasance in the previous 12 months. And corporations are prohibited from extending personal loans to executives, one of the highlights from WorldCom's demise.

• Keeping it real. "Pro forma" financial statements, the rose-colored glasses preferred by dot-coms ("We're profitable if you exclude all the money we are spending"), are severely limited in use. And "off-balance-sheet entities," which Enron abused by parking liabilities in corporate shells to mask corporate losses, must be described clearly in the parent companies' financial reports.

• The buck stops here. This clause gives the act teeth. The CEO and CFO must sign financial statements filed with the SEC as fairly presenting the operations and financial condition of the company, with potential penalties for violations including fines up to $5 million and jail time of 20 years.

• Management assessment of internal controls. Each annual report must contain an "internal control report," in which senior management analyzes and explains their procedures for internal financial controls, based on standards set by the Public Company Accounting Oversight Board. This section is the one receiving the bulk of attention from corporate finance professionals.

Key Tech Tool

What do financial executives think of Sarbanes-Oxley? I can provide anecdotal feedback. I serve on Financial Executive International's National Committee on Finance & Information Technology.

At a February planning meeting in Los Angeles, CFOs expressed a strong desire that their audit firms avoid future conflicts of interest and excitement about using information technology to help companies comply with Sarbanes-Oxley.

XBRL (Extensible Business Reporting Language), the rapidly evolving financial e-commerce standard, is seen as a critical tool.

The foundation of the information revolution is standardization. Railroads did not spread across the country until the manufacture of rail ties was standardized so that any two fit together exactly.

The Internet is based on a similar standardization of communications (TCP/IP), viewing data (HTML) and now, sharing data (XML). XBRL is the finance-specific form of XML, which will allow investors to compare the underlying financial realities of companies with the click of a mouse. This information always was available but was the domain of financial analysts examining the fine print of financial statements.

Like the securities legislation of the 1930s, Sarbanes-Oxley attempts to shine a bright light on the realities of a company's financial performance. And financial transparency (and reliability) is a critical enabler for investment and collaboration in the global economy.

Describing the limitations of legislated ethics, SEC Commissioner Atkins said: "Revelations of corporate mismanagement, malfeasance and/or incompetence have undermined the world's financial markets in a profound way.