Knowledge Center
 White Papers
 Data Sheets
 Advisors Research

Wednesday, November 30, 2005

Sarbanes-Oxley Compliance To Boost Tech Spending

Sarbanes-Oxley (SOX) requirements will cause companies to increase spending on technology in 2006 while actual headcount numbers dedicated to compliance efforts will decrease slightly, according to a report released Tuesday.
After interviewing more than 300 IT and business leaders, AMR Research concluded that spending to meet the requirements of the federal compliance act will be $6 billion, essentially the same as the $6.1 billion expected to be spent in 2005.

"Budgets [in 2006] allocated to internal headcount are expected to fall by 8 percent while the technology allocation will grow by more than 13 percent in real dollars over 2005 numbers," AMR Research reported.

AMR said it expects headcount/labor totals to come it at $2.3 billion for 2006 while $1.9 billion will be spent on technology, much of it to automate compliance efforts.

"Budgets are shifting from headcount to technology so that compliance can become repeatable," said AMR vice president of research John Hagerty in a statement. "These spending predictions support a long-term approach to SOX compliance."

posted by Brian Moran @ 8:53 AM   1 comments

Tuesday, November 29, 2005

AMR Research Estimates Sarbanes-Oxley Spending Will Exceed $6 Billion in 2006

Companies Must Focus on Making Compliance Repeatable, Sustainable, and Cost-

BOSTON, Nov. 29 /PRNewswire/ -- AMR Research estimates that companies will
spend $6 billion on complying with Sarbanes-Oxley Act (SOX) requirements in
2006, on par with the $6.1 billion that will be spent in 2005. These findings
are based on a recent study conducted by AMR Research in which over 300
business and IT leaders were surveyed on their Sarbanes-Oxley and broad
compliance spending priorities.

In 2006, there will be key differences in how budgets are spent. Budgets
allocated to internal headcount are expected to fall by 8% while the
technology allocation will grow by more than 13% in real dollars over 2005
numbers. External consulting activities, which do not include audit fees, are
expected to hold steady in 2006.

* $2.3 billion (39%) - Internal labor / headcount
* $1.9 billion (32%) - Technology
* $1.8 billion (29%) - External consulting

Technology is playing an increasingly significant role in the integration
of SOX compliance initiatives into business processes. Throughout 2005,
companies reported that they were refining existing business and IT controls
in preparation for automation efforts using technology.

"These spending predications support a long-term approach to SOX
compliance," said John Hagerty, vice president of research at AMR Research.
"Budgets are shifting from headcount to technology so that compliance can
become repeatable, sustainable, and cost-effective."

AMR Research also found the following about companies complying with SOX:
* 39% of companies currently have an operational SOX solution, while 37%
are implementing one in 2005. Even so, over 80% of companies plan to
add to or improve on what they have in place in 2006.
* 40% of companies have a specific budget for SOX compliance; the
remainder fund efforts from existing operations.
* None of the companies surveyed have spent less than anticipated.

In early January, AMR Research will release the detailed results of this
broad-based compliance spending survey. For more information, please visit or call 617-542-6600.

About AMR Research:
AMR Research provides world class research and actionable advice for
executives tasked with delivering enhanced business process performance and
cost savings with the aid of technology. Five thousand leaders in the Global
1000 put their trust in AMR Research's integrity, depth of industry expertise,
and passion for customer service to support their most critical business
initiatives, including supply chain transformation, new product introduction,
customer profitability, compliance and governance, and IT benefit realization.
More information is available at

posted by Brian Moran @ 8:44 AM   0 comments

Monday, November 28, 2005

Ahold to Pay $1.1 Billion to Settle U.S. Class Action

Royal Ahold NV, the Dutch owner of the Giant and Stop & Shop supermarket chains, agreed to pay $1.1 billion to settle a U.S. class-action lawsuit over the company's false earnings statements.

The accord will result in a third-quarter cost of 585 million euros after taxes, Peter Wakkie, the executive board member responsible for Amsterdam-based Ahold's corporate governance, said today on a call. It's the biggest securities class-action settlement by a European company in the U.S. Ahold gets about two-thirds of its revenue from the U.S.

posted by Brian Moran @ 2:13 PM   0 comments

Tuesday, November 22, 2005

U.S. corporations: Scared ethical?

Thirty years ago, law enforcement came up with the approach documented in the film "Scared Straight" — using tough-talking prison inmates to frighten juveniles out of their lawless behavior.

Today, corporate America is using the same approach to teach ethics. The tough guys this time are corporate executives who've served prison time for accounting fraud, stock manipulation and other such crimes and who now lecture their fellow executives and business students on the dangers of ethical misbehavior. Their message: You're going to get caught and humiliated, and even if you don't, you'll have trouble sleeping at night.

Two things seem to be driving Scared Straight II: Public concern that the unethical behavior that has been in the news at least since the Enron scandals must be the result of inadequate ethical training, in colleges and elsewhere; and the recent Sarbanes-Oxley legislation that puts corporate executives at risk for the unethical behavior of their employees — unless they can show that they provided ethical training for them.

posted by Brian Moran @ 8:00 AM   0 comments

U.S. corporations: Scared ethical?

Thirty years ago, law enforcement came up with the approach documented in the film "Scared Straight" — using tough-talking prison inmates to frighten juveniles out of their lawless behavior.

Today, corporate America is using the same approach to teach ethics. The tough guys this time are corporate executives who've served prison time for accounting fraud, stock manipulation and other such crimes and who now lecture their fellow executives and business students on the dangers of ethical misbehavior. Their message: You're going to get caught and humiliated, and even if you don't, you'll have trouble sleeping at night.

Two things seem to be driving Scared Straight II: Public concern that the unethical behavior that has been in the news at least since the Enron scandals must be the result of inadequate ethical training, in colleges and elsewhere; and the recent Sarbanes-Oxley legislation that puts corporate executives at risk for the unethical behavior of their employees — unless they can show that they provided ethical training for them.

posted by Brian Moran @ 7:56 AM   0 comments

Monday, November 21, 2005

FEI Benchmarks Sarbanes-Oxley Compliance Best Practices

Nov. 21, 2005 (SmartPros) — Financial Executives Research Foundation (FERF), the research affiliate of Financial Executives International (FEI), released two new reports on Sarbanes-Oxley compliance and Management's Reports on Internal Controls.

"This research provides helpful insight into best practices for Sarbanes-Oxley and we are excited to publish this," said Colleen Cunningham, President and CEO of FEI and FERF. "With the bulk of Section 404 implementation in place at many companies, we believe this is an important time to assess the progress made, and to look ahead at helpful business lessons we can apply to the future. The report identifies best practices for companies in 2006 and beyond."

"Sarbanes-Oxley Section 404 Compliance - From Project to Sustainability" summarizes the compliance practices of leading companies and describes how they are improving their processes in the second year of compliance as they strive toward long-term sustainability. FERF produced this report with Dr. Robert A. Howell, Distinguished Visiting Professor of Business Administration at Dartmouth's Tuck School of Business.

The report is the result of Section 404 implementation leaders from some of the nation's largest companies gathering to share their experiences with Section 404. This discussion, arranged by FEI, found that most participants agreed the time and expense of compliance was not sustainable, and that they would have to look for and implement process improvements.

posted by Brian Moran @ 8:43 AM   1 comments

Friday, November 18, 2005

Compliance Matrix Analysis of Oversight Systems Customers: Tangible Savings in Financial Processes & Sarbanes-Oxley Compliance; Independent Review Qua

Real-time transaction inspection delivers bottom-line results by eliminating errors in financial processes and automating controls for Sarbanes-Oxley compliance, according to the Compliance Matrix Group’s independent analysis of Fortune 500 companies that have deployed continuous monitoring solutions from Oversight Systems Inc.

Atlanta, GA (PRWEB) November 16, 2005 -- Real-time transaction inspection delivers bottom-line results by eliminating errors in financial processes and automating controls for Sarbanes-Oxley compliance, according to the Compliance Matrix Group’s independent analysis of Fortune 500 companies that have deployed continuous monitoring solutions from Oversight Systems Inc.

Compliance Matrix, a consulting group to major corporations for Sarbanes-Oxley and other regulatory compliance efforts, published the report today, which can be downloaded at

"As executives struggle with the cost of compliance, they should evaluate IT solutions for real-time transaction inspection, which can automate compliance while creating business value," said Matthew Kovar, CFA, SOX practice director and principal for the Compliance Matrix Group. "Our detailed research illustrates that the average Fortune 500 Company can save between 75-95 percent in their SOX monitoring costs by replacing manual controls with automated controls. Additional analysis of business value creation showed the annual benefit to one customer quickly approaches $4 million for a single instance of the Oversight solution for real-time transaction inspection."

Oversight Systems, the leading provider of independent, continuous monitoring solutions for real-time transaction inspection, commissioned this independent report, which further quantifies the conclusions of other independent research firms.

In a September 2005 report entitled "Profiles in Compliance," AMR Research wrote that Oversight Systems’ real-time transaction inspection "is definitely in line with the need to reduce the cost of compliance by making it repeatable, sustainable, and automated." The AMR Research report went on to state: "Oversight Systems’s products should be evaluated by companies that are planning to automate testing of controls for compliance. The ancillary benefits of early error detection and quick resolution should pay for this system easily."

The Compliance Matrix study quantifies the benefits of implementing a real-time transaction inspection solution and describes how Oversight System creates business value within the procure-to-pay and order-to-cash processes by eliminating mistakes and errors, such as improper payments, un-reconciled accounts for un-vouchered receipts, invoice errors, and unused discounts and credits.

"These independent studies demonstrate the value-creating benefits of Oversight’s real-time transaction inspection," said Patrick Taylor, CEO of Oversight Systems. "Our Fortune 500 customers can confidently say that Oversight drives quality through their financial processes and reduces both their compliance and operation costs."

About Oversight Systems, Inc.
Oversight Systems is the leading provider of independent, continuous monitoring solutions for real-time transaction inspection. By combining the expertise and experience of security, fraud, audit and enterprise software development professionals, Oversight Systems ensures the quality of financial processes, strengthens the control environment and automates controls for Sarbanes-Oxley compliance. For more information, visit

About the Compliance Matrix Group
The Compliance Matrix Group is a research and consulting organization dedicated to providing unparalleled assistance to executives in driving their compliance solutions. Compliance is about products, processes, policies, and people all deployed in a program that meets a specific performance objective. We provide the experience, knowledge, and expertise enterprises rely on to succeed in the face of mounting regulatory pressures.

posted by Brian Moran @ 8:43 AM   1 comments

Tuesday, November 15, 2005

IT the key to cutting SOX costs

The Sarbanes Oxley Act (SOX) has already celebrated its third birthday. And like many three-year-olds it can still create lots of mess - and plenty of sleepless nights - for the companies that fall under its power.

IT departments have had to deal with a fair amount of the teething problems. SOX demands a single version of the truth from companies in terms of the financial figures they deliver. But with the complex systems they have built up, one plus one doesn't always equal two, which means many companies have been scrambling to get their systems straight.

Companies have to prove they have strong controls in place. These controls can cover a range of situations - such as not sending more stock to a customer that has reached its credit limit. This could be done manually, by pouring over spreadsheets every week, or could be built in automatically.

posted by Brian Moran @ 8:49 AM   2 comments

Monday, November 14, 2005

Learning To Love Sarbanes-Oxley: A few companies have discovered that compliance actually helps to cut costs

Ask any CEO: Section 404 of the Sarbanes-Oxley Act is the corporate equivalent of root canal. Big public companies spent thousands of hours and an average of $4.4 million apiece last year to make sure that someone was looking over the shoulder of key accounting personnel at every step of every business process, according to Financial Executives International (FEI). Designed to nip accounting problems in the bud before they blossom into fraud, Section 404 is a core provision of the 2002 corporate-reform law. The number of companies that disclosed serious chinks in their internal accounting controls jumped to 586 in the first four months of 2005, compared with 313 for all of 2004, according to Glass, Lewis & Co., a financial research firm. But that's a tiny fraction of all public companies, leaving most CEOs griping about an exercise that seems to be all pain, no gain.

Most CEOs -- but not all. A few companies are discovering, to their surprise, that taking stock of internal controls can help beyond just unmasking accounting problems. By forcing executives to dig deep into how their companies get work done, Section 404 is enabling businesses to cut costs and boost productivity. "There truly is a silver lining" in 404, says Gary Moran, managing director of Alvarez & Marsal Business Consulting LLC. His firm and CFO Research Services sponsored a report that discusses the unexpected benefits that 404 yielded at Cisco Systems, Genentech, and other companies.

posted by Brian Moran @ 8:36 AM   1 comments

Friday, November 11, 2005

Sarbanes-Oxley Act Adds to Costs But Pushes Companies To Prepare

Compliance burdens posed by the Sarbanes-Oxley Act are proving to be costly for many I.T. departments, according to Gartner Inc. But companies may be better equipped to meet any new federal regulations thanks to the processes they have developed for complying with the law, I.T. executives said last week.

Gartner estimates that the government's Sarbanes-Oxley mandates have led to an average increase of 3.3 percent in corporate I.T. costs. The financial reporting law has spurred increased spending in areas such as records management and security, as well as purchases of new tools needed to ensure the accuracy of financial data, the firm says.

posted by Brian Moran @ 1:27 PM   3 comments

Thursday, November 10, 2005

Continuous Controls Monitoring: Where To Start?

Where do I start?

With CCM, a good place to start is in areas of high exposure where you know or suspect violations are occurring. After you install the software, run it and see what the testing process comes up with.

Are there a disproportionately high number of errors in a particular process?
Are there any patterns that have emerged that can pinpoint source(s) of errors?
Another strategy: start from the outside and work your way back in. For example, examine your customer- or supplier-facing processes first, and then examine your internal processes that support them. Spotting a fraudulent invoice from a vendor or sniffing out duplicate payments is significantly more straightforward and can have a quicker Return on Investment (ROI), especially when compared to an internal process of managing security settings in an ERP system. Much of the security work in support of segregation of duties requirements requires companies to untangle some snarly situations. Examining these outward-facing processes and transactions first can point to basic flaws in your internal processes. It’s tough to see where the security violations are happening in your ERP system if you can’t see what results they are producing or allowing.

Q. Where is the ROI for CCM?

Continuous controls monitoring software provides two kinds of ROI:

Soft dollars come from time saved manually testing controls. Once the software is up and running, companies spend fewer hours testing for their internal audit.
Hard dollars come when companies find errors or fraud and recoup money. In turn, the software can quickly pay for itself, and this helps buyers create a strong business case for implementing the software in even more areas of the business, even outside traditional financial processes.

Each panel participant presented several good case studies on how companies recouped the cost of the software quickly, sometimes within weeks, usually within months. Oversight Systems presented a particularly compelling example: a supplier was billing two divisions of the same company, one in the United States and the other in Mexico. Because the two divisions’ ERP systems didn’t talk to each other, they both paid the supplier because there was no way to check across divisions. The company implemented the Oversight software and within minutes found the duplicate payments that nearly paid for the Oversight software immediately. That’s a textbook definition of quick ROI.

posted by Brian Moran @ 9:46 AM   0 comments

Wednesday, November 09, 2005

Double Dipping on SOX: Some companies are leveraging Sarbanes-Oxley investments for business; others are leveraging business investments to comply

Mention the Sarbanes-Oxley Act to a CIO or a corporate executive, and he's likely to roll his eyes or grimace.

That's because most executives view the compliance requirements as a grim burden, like cleaning out a pack rat's basement.

At the end of 2004, American Electric Power Co. (AEP) began using software from Oversight Systems Inc. in Atlanta to help it monitor transactions in its accounts payable group. If a manager authorizes a purchase above his spending limit, the system recognizes it and spits out an exception report, says Mike Sullivan, assistant controller at the Columbus, Ohio-based power company.

Those capabilities have helped AEP comply with Section 404 requirements. But the company has also been able to use the software to determine whether any of its IT staffers or other workers have tried to modify software fields in other transaction systems for fraudulent purposes, says Sullivan.

The company plans to extend the use of the software to its accounts receivable department by year's end. "We should see some operational savings once we go through another [Section 404] cycle," Sullivan says, because AEP will be able to cut back on some of its internal controls testing.

posted by Brian Moran @ 8:55 AM   1 comments

Tuesday, November 08, 2005

Regs Aren't Putting The Hurt On Fraud

We would never get a chance to be a fly on the wall during something as sensitive as a fraud examination, but Oversight Systems provides us with the next best thing. The company released today the results of a survey of 204 U.S. fraud examiners identifying current institutional fraud trends. And the findings are, well, eye-opening, to say the least.

Despite the increase in regulatory oversight, only seven percent of the respondents felt that institutional fraud is less prevalent today than it was five years ago. Of course, that backs up one of the major arguments put forward when the Sarbanes-Oxley act was first introduced: that the SOX requirements wouldn't reduce unethical and fraudulent business practices, it would just force the practitioners to get better at what they do.

I never fully bought into that argument. It's a bit like the argument against banning handguns, that if you make the guns illegal, only criminals will own guns. But this survey makes one wonder just how uniformly the mandates are being followed.

I found it interesting that while a majority of the guys whose job it is to uncover institutional fraud felt that SOX has been somewhat or very effective in identifying incidences of financial-statement fraud, they don't feel that more government regulation is the answer to preventing fraud. Instead they point to enforcement as the problem, indicating that companies needed to be more vigilant about pressing charges against employees suspected of or identified in fraudulent activity. In addition, they say that those convicted of fraud should receive heftier sentences.

Guilty As Charged

The survey also looked at several of the high-profile convictions, from WorldCom's Bernard Ebbers to Enron's Jeffrey Skilling and Kenneth Lay, and asked examiners whether they agreed with the verdicts against the recently charged executives. In all but one instance, the examiners were nearly unanimous with 93 percent to 97 percent agreeing with a guilty verdict. Did you guess who the anomaly was? That's right, 28 percent of the examiners have a soft spot for Martha Stewart.

posted by Brian Moran @ 9:00 AM   0 comments

Monday, November 07, 2005

The Process Improvement Payoff

Capabilities developed from Sarbanes-Oxley compliance activities can be applied to processes as narrow as A/P or as wide as governance best practices.

Last year, American Electric Power discovered just how closely connected compliance work and process improvements can be. As the compliance team at the giant Columbus, Ohio-based power generator and distributor worked to fulfill the requirements of Sections 302 and 404 of the Sarbanes-Oxley Act, the finance department noticed an opportunity. The organization's growing focus on internal controls and financial processes afforded the chance to prune the number of duplicate and erroneous payments that typically occurred during the A/P process.

The finance function shopped for an A/P monitoring tool and settled on an application from Oversight Systems that automatically detects irregular payments to suppliers. The software was installed as the company's first-year Section 404 work neared a close at the end of 2004. By the middle of this year, the tool had already helped American Electric Power reduce its A/P costs by 75 percent.

Transforming Transactional Processes
Ask American Electric Power and other accelerated filers flush with similar success whether Sarbanes-Oxley compliance provides opportunities to deliver process improvements, and they'll answer yes. This question is becoming pivotal as public companies start to strengthen their ongoing Sarbanes-Oxley capabilities and apply them to other financial and operational areas in the process.

Mark Schmeling, CFO advisory services practice leader for Archstone Consulting LLC in Chicago, says that the tactical aspects of Sarbanes-Oxley compliance consumed much of the finance function's attention during Year One. "Most process-improvement-oriented efforts were deferred until the organization was able to complete the initial SOX compliance," he explains. "Now that the first year is behind most public companies, the finance leadership is beginning to focus on driving improvement within the finance organization."

American Electric Power's successful adoption of a monitoring tool to transition one of finance's prime candidates for process improvement is a case in point. "We monitor our A/P process on much more of a real-time basis [than before]," says Mike Sullivan, director of accounting services. "The tool identifies transactions that don't look right and then corrects or cancels [them]. Previously, our internal controls around payables were not as timely or rigorous. Plus, we're identifying a larger population of transactions that are exceptions. By addressing them on a daily basis, we can prevent most of the losses we previously incurred."

Sullivan expects to apply the tool to his company's accounts receivable process in the near future.

Streamlining Testing and Documentation
The byproducts of American Electric Power's overhaul of its A/P process extend far beyond immediate transactional cost savings, according to Sullivan. "By using the Oversight [Systems] tool to monitor our compliance with business rules, we will be able to significantly reduce the transaction testing we're doing and some of our [internal controls] documentation," he reports. "We can now document within a database that the rule and checking of the rule was completed. If there was a failure to follow the rule, it is documented as an exception, and then we document the review and the resolution in the database as well."

Sullivan would like to give the company's internal and external auditors access to the database to reduce the amount of Section 404-related evaluation both groups need to conduct in the future and possibly to lower audit costs. He appreciates how the automated monitoring of just one key financial process -- A/P in his company's case -- can greatly reduce the large amounts of paperwork that the new law requires. He also recognizes that auditors, particularly external auditors, may take some time getting used to the process of evaluating databases.

"It's a pretty new concept, and they seem to be receptive to the idea," Sullivan says of external auditors, who have long relied on hard-copy sign-offs and work papers. "But in practice, they're not yet as comfortable looking into the database to see that all of that same information exists. It's difficult for the auditor to say, 'My evidence of the audit is that I reviewed the client's database, and the database is working as intended and contains all the information they say it contains.' "

Auditors' discomfort with database sign-offs may disappear as continuous monitoring of financial processes and compliance processes become more common. Sullivan is encouraging his auditors to take advantage of his function's process improvements.

Improving Overall Compliance and Governance
The possibility of Sarbanes-Oxley-fueled improvement does not have to be limited to transactional and compliance processes within the finance function. Company leaders are also asking how compliance work related to the new law can help strengthen and streamline non-Sarbanes-Oxley compliance and governance processes companywide. Those sorts of improvements may not shave costs from processes, as American Electric Power's A/P initiative does, but they can bolster an organization's risk management program and help stave off the extraordinary fiscal and reputational costs of lapses in corporate governance and regulatory compliance.

Believe it or not, the Sarbanes-Oxley Act is not the only regulatory requirement bearing down on companies. Although compliance with this law is expensive -- estimates peg the cost at $500,000 to $1 million per $1 billion in revenue -- it is only one large piece of the overall compliance and governance picture. Complying with all regulations that apply to a U.S. company costs roughly $5 million to $6 million per $1 billion in revenue, according to the Open Compliance & Ethics Group (OCEG) of Scottsdale, Ariz.

Carole Stern Switzer, OCEG's executive vice president and general counsel, suggests that organizations can capitalize on commonalities across regulations. "A lot of companies have not previously focused effectively on compliance in terms of coordinating their efforts in a way that would allow for efficiency and flow of best practices from one area of compliance, such as environmental, to another, such as adherence to employment law or the Foreign Corrupt Practices Act," she notes. "But those companies did have to focus on Sarbanes-Oxley and spent a lot of time and money addressing Sarbanes-Oxley."

Organizations can leverage their Sarbanes-Oxley-related spending, Switzer says, to establish a broader, more integrated and more efficient set of compliance capabilities. This internal exchange of best practices among different compliance efforts offers two sorts of payoffs.

First, from a risk management perspective, stronger compliance practices limit negative events such as rule violations, financial restatements, investigations by regulatory agencies and damage to a company's reputation.

"By developing better compliance programs and devising company-sponsored remedial measures for past actions under investigation, companies and their shareholders may spend less on the legal ramifications -- and previously unexpected high costs -- of negative outcomes," says George A. Stamboulidis, a partner in the New York City law firm of Baker & Hostetler LLP.

Second, more sophisticated overall compliance capabilities can impress shareholders. In a Business Finance Webcast this summer, Arnold C. Hanish, chief accounting officer at pharmaceutical giant Eli Lilly & Co. in Indianapolis, said his company has found that regulations requiring transparency -- and most do -- boost shareholder value.

The more information his company can provide to the analyst community while staying within SEC regulations, Hanish said, the higher the likelihood its stock price will rise. He referred to the SEC's Regulation Fair Disclosure, which requires securities issuers to reveal to the public what they disclose to securities market professionals.

Hanish added: "There's a lot of information that we can provide within the framework of regulations that will add significant value from a shareholder perspective. And that's really what our job is."

Developing a sound compliance function requires more than sharing best practices, though. Executives and managers in charge of compliance, ethics and governance activities must be properly trained. To date, most compliance training has been reactive rather than proactive, according to an OCEG study.

Compliance process improvements also require time and money. The OCEG research found that companies that have suffered some level of damage to their reputation in the past invest three times more money in compliance and ethics processes than companies that have suffered no such blow.

"People are beginning to realize that compliance is not just a necessary evil that you layer on top of your business operations," Switzer says. "Rather, it is a core business function, and it has to operate like a business function -- with accountability and measurability."

posted by Brian Moran @ 8:49 AM   0 comments

Wednesday, November 02, 2005

Survey: IT, Other Execs Want Better Sarbox Tools

IT executives and finance managers are working together to meet Sarbanes-Oxley requirements, a new survey says, but want better and more efficient tools to create and manage accounting records.

The initial shock of Sarbanes-Oxley's is over, but many executives see no end in sight for the additional resources they need to comply with the requirements.
Accenture released results of a nationwide survey Tuesday that showed IT executives and finance managers are cooperating to meet Sarbanes-Oxley requirements but want better and more efficient tools to create and manage accounting records. The survey queried 304 information technology and finance executives from U.S. businesses with revenues of at least $1 billion.

It found that more than 60 percent of finance executives believe the technology tools for supporting compliance are either somewhat effective or not effective. More than half of respondents (57 percent of IT managers and 51 percent of finance managers) said they have made staffing changes to support compliance. Fifty-three percent of IT managers and 42 percent of finance managers believe they will continue to need additional staff to meet the requirements over the next one to three years.

Gary Curtis, managing partner in Accenture's Strategy practice, said in a prepared statement that Sarbanes-Oxley has demanded dramatic reforms but it also offers an opportunity for improving business performance by better aligning IT and finance functions.

posted by Brian Moran @ 10:28 AM   0 comments

Tuesday, November 01, 2005

Oversight Systems Corporate Fraud Survey Finds Sarbanes-Oxley Effective in Identifying Financial Statement Fraud

Oversight Systems Inc. today announced the findings of the 2005 Oversight Systems Report on Corporate Fraud, a survey of certified fraud examiners. The report explains that most fraud examiners view Sarbanes-Oxley (SOX) as an effective tool in fraud identification, though few think it will change the culture of business leaders.

The survey results (available as a free download at indicate that 65 percent of respondents feel SOX has been "somewhat effective" or "very effective" in identifying incidences of financial-statement fraud. Only 19 percent of those surveyed found SOX to be ineffective or serve to prevent fraud identification.

"This report is full of positive news but foreshadows a real need for continued vigilance among executives toward intuitional fraud," said Patrick Taylor, CEO of Oversight Systems. "SOX legislation and the intense focus on corporate scandals have helped battle this type of white-collar crime, but professionals seem to be worried that the C-suite might quickly lose interest in policing corporate fraud."

Although respondents agree that SOX serves to identify fraudulent activity, they do not feel the recent cultural change among U.S. business leaders toward institutional integrity and fraud prevention in the wake of account scandals will stick. Only 17 percent feel there will be a shift among business leaders to institutional integrity and fraud prevention for the foreseeable future. The remainder of respondents possess a more stark outlook, reporting that interest in such actions will fade in the next five years (39 percent); that vigilance has already begun to fade (32 percent); or that there has been no change among business leaders (12 percent).

"The pendulum of corporate culture and attitudes toward integrity swings back and forth," said Dana Hermanson, Dinos Eminent Scholar Chair of Private Enterprise at Kennesaw State University. Hermanson is also an advisor to Oversight Systems and co-author of the COSO-sponsored research report Fraudulent Financial Reporting: 1987-1997. An analysis of U.S. Public Companies. "We could see very little corporate fraud in the next seven or eight years, but then another boom-and-bust economic period could ignite another wave of financial scandals, which would lead to further accounting and governance reforms."

The State of Institutional Fraud

While corporate vigilance toward fraud prevention has increased at least temporarily, fraud examiners said fraud is a bigger problem today than in the bubble market of 2000. Two-thirds of respondents (67 percent) said institutional fraud is more prevalent today than five years ago. Only seven percent think fraud is less prevalent, while the remaining 26 percent of respondents feel there has been no change in the amount of fraud.

Participants were asked to select the three forms of institutional fraud that present the greatest risk to companies. Respondents identified conflicts of interest (63 percent), fraudulent financial statements (57 percent) and billing schemes (31 percent) as most threatening. Examples of fraud that garnered at least 20 percent support were expense and reimbursement schemes (29 percent), bribery/economic extortion (25 percent) and inventory and non-cash asset misuse (20 percent)

The risk of financial statement fraud is real and not going away," Hermanson said. "However, the perception of increased fraud may stem from Sarbanes-Oxley's effectiveness in uncovering weaknesses in internal controls and the potential for fraud. SOX compliance gives auditors and executives a better position to evaluate a company’s financial reporting system. Instead of only inspecting the outcome, financial reports, SOX forces companies to understand the financial reporting process as well. And like the manufacturing quality movement of the past, SOX pushes companies toward monitoring each step in the process to drive out errors and weaknesses."

Stopping Institutional Fraud

When asked to identify the measure most effective in preventing or deterrent institutional fraud, 41 percent of professional fraud examiners identified the need for a strong tone from the top of the organization. Visible prosecution was the next most popular response garnering 22 percent support, followed by internal controls and technology-enabled monitoring, each receiving support from 17 percent. Manual quarterly audits and government regulation received only minimal support, earning two and one percent, respectively.

However, when asked what single change would result in the greatest reduction of domestic institutional fraud, opinions were more mixed. An employer pressing charges against employees who commit fraud garnered the most support with 39 percent. The trend of prosecution continued with 32 percent of respondents identifying convictions and hefty sentencing as the next most popular response. Moreover, an additional seven percent would like stiffer laws to increase corporate transparency.

"Stiff penalties and thorough prosecution send a strong message to employees. First, employees are less likely to go along with rogue executives who orchestrate financial reporting schemes. Second, a company’s prosecution of fraudulent employees establishes the corporate attitude that fraud will not be tolerated," Hermanson said.

The Role and Views of Fraud Examiners

Survey participants report that SOX has altered the role of fraud examiners. Nearly all participants (95 percent) explain that their duties have changed with the implementation of SOX legislation, with 47 percent reporting that fraud examiners play a major role in the management of corporate integrity. Additionally, nearly one-third (29 percent) of respondents felt their work in fraud detection has become secondary to SOX compliance.

In recent years it seems white-collar crime has been a staple of the evening news. Enron, WorldCom and Martha are just a few of the high-profile names with which Americans have become all too familiar. When asked, the majority of professional fraud experts felt these well-known defendants should have been found guilty of the charges against them. The percentage of respondents who thought the following executives are guilty of the charges against them is listed below:

John Rigas, Adelphia Communications – 95 percent
Jeffrey K. Skilling, Enron – 95 percent
Kenneth L. Lay, Enron – 96 percent
Richard Scrushy, HealthSouth – 93 percent
Martha Stewart, Martha Stewart Living Omnimedia – 72 percent
L. Dennis Kozlowski, Tyco International – 96 percent
Bernard J. Ebbers, WorldCom – 97 percent

Identity Theft Update

Identity theft is one of the more prevalent forms of fraud known by the average American. A February 2005 Federal Trade Commission report states that for the year 2004, the commission received more than 635,000 reports of consumer fraud and identity theft, with identity theft accounting for 246,570 of the complaints (39 percent).

The 2005 Oversight Systems Report on Corporate Fraud reveals that 22 percent of respondents think the justice system must get tougher on the identification and prosecution of identity thieves. Additionally, 19 percent believe that the federal government needs to pass national identity-theft-protection legislation and another 19 percent feel regulators and consumers must work together to manage consumer information.

Some respondents believe that individuals are the first and most important line of defense. Taking ownership of one’s own personal information was identified by 16 percent of respondents as the best way to reduce identity theft.

posted by Brian Moran @ 9:08 AM   0 comments


Previous Posts

12/01/2004 - 01/01/2005

01/01/2005 - 02/01/2005

02/01/2005 - 03/01/2005

03/01/2005 - 04/01/2005

04/01/2005 - 05/01/2005

05/01/2005 - 06/01/2005

06/01/2005 - 07/01/2005

07/01/2005 - 08/01/2005

08/01/2005 - 09/01/2005

09/01/2005 - 10/01/2005

10/01/2005 - 11/01/2005

11/01/2005 - 12/01/2005

12/01/2005 - 01/01/2006

01/01/2006 - 02/01/2006

02/01/2006 - 03/01/2006

03/01/2006 - 04/01/2006

04/01/2006 - 05/01/2006

05/01/2006 - 06/01/2006

06/01/2006 - 07/01/2006

07/01/2006 - 08/01/2006

08/01/2006 - 09/01/2006

09/01/2006 - 10/01/2006

04/01/2007 - 05/01/2007

05/01/2007 - 06/01/2007

07/01/2007 - 08/01/2007

08/01/2007 - 09/01/2007

Current Posts

Powered by Blogger