Wednesday, June 20, 2007

Was All That Effort For Naught?

Is Sarbanes-Oxley delivering on its promise of preventing another Enron from happening? Apparently not, according to a new survey of public and private fraud examiners.

The cost to companies of heightened compliance demands has been documented ad nauseam. But doesn't stricter oversight benefit the public by lowering the incidence of corporate deception? The results of Oversight Systems' latest survey of certified fraud examiners suggest the answer is a resounding, "No!"

Only 3 percent of respondents – about 1 in 30 – said institutional fraud is less widespread than five years ago, when SOX was enacted. An overwhelming 76 percent said fraud is more common today. More than half (56 percent) said they personally observed corporate misconduct within the past year.

Oversight Systems, an Atlanta-based vendor of compliance software and systems, polled 86 certified fraud examiners for its latest report. They included internal and external auditors, law enforcement officials and others.

Compared with a similar survey two years ago, the numbers appear to be moving in the wrong direction. The proportion that found fraud more prevalent rose since 2005, while the already tiny group that saw fraud as less prevalent shrank further.

Four out of five respondents felt corporate fraud would decrease if white-collar criminals were punished as severely as violent offenders. However, when asked to pinpoint the single best preventive measure, the largest portion, 43 percent, called for "a strong tone from the top of the organization."

Ironically, the very same proportion felt that "corporate vigilance and executive interest has already started to fade."

In announcing the survey results, Oversight quoted professor Dana Hermanson of Kennesaw State University:
Culture is everything when it comes to fraud and fraud prevention. If there is a culture of never missing targets, some people will cheat to make the numbers. Their rationalization is that they are just doing what the top people want them to do. Directors and executives need to clearly communicate that ethics come before making targets.
Oversight Systems CEO Patrick Taylor is hopeful about new regulatory guidance for internal controls that is nearing approval. The SEC's recent "interpretive guidance" for Section 404 internal controls and a related new PCAOB audit rule called AS-5 embody a shift from "the checklist approach" to a risk-based approach for monitoring and auditing, Taylor says:

With the announcement of AS 5, the SEC is guiding companies towards a risk based approach to financial controls. If implemented correctly, these changes will enhance financial reporting integrity while decreasing overall compliance costs.

Oversight Systems Annual Corporate Fraud Survey [Press release]

No comments: