Regulators are preparing to review elements of the Sarbanes-Oxley Act to determine whether or not portions of the financial reporting legislation should be relaxed to ease the burden on companies doing business in the US.
On May 24, the Public Company Accounting Oversight Board (PCAOB) - the nonprofit oversight group created to help manage application of the Sarbanes Oxley (SOX) Act - plans to meet in Washington to vote on a range of topics, including several issues that could shift the application of the legislation, originally passed in 2002, to help fight corporate financial fraud.
In the meetings, the group is expected to approve a final standard for auditing internal control over financial reporting as well as a related independence rule and several other measures.
If adopted, the rule will supersede PCAOB's existing Auditing Standard No. 2, also known as "An Audit of Internal Control over Financial Reporting Performed in Conjunction with an Audit of Financial Statements."
The PCAOB also plans to vote on two separate recommendations to amend its rules on the frequency and level of scrutiny in required inspections to test compliance with SOX.
The first recommendation under consideration by the group is a proposed amendment to Rule 4003 of SOX that would remove an existing requirement for the PCAOB to regularly inspect each registered public accounting firm that plays a "substantial role" in SOX audits but does not issue audit reports.
In its original terms, SOX only requires the PCAOB to inspect registered firms that regularly issue audit reports.
The second recommendation under consideration in the meetings will be a proposal for the PCAOB to vote on whether to keep provision D of Rule 4003 in place beyond its planned retirement date on June 30, 2007. The oversight agency first set the so-called "sunset date" when it adopted the measure in December 2006, to allow for public comment before making a final determination on the provision.
The provision was adopted to extend the time period during which the PCAOB must conduct the first and second SOX compliance inspections of firms that registered in 2003 and 2004.
In the next several weeks, regulators with the Securities and Exchange Commission (SEC) - which appoints all members on the PCAOB's five person board - will review a number of proposed changes in SOX, several of which aim to loosen requirements of the regulation considered by some critics to be too harsh on public companies.
Among the changes to SOX that will be considered by the SEC will be whether or not to shift rules that require companies to internally review their anti-fraud controls, one of the most controversial elements of the regulation based on the amount of time and effort needed to perform such tests on a frequent basis.
At its public meeting in mid-December 2006, the PCAOB promised to review several aspects of SOX to help companies control expenses related to the regulation, which has spurred the development of a substantial software market focused specifically on helping businesses meet the strict compliance audits imposed by the act.
While the tough auditing rules have led to improvements in companies' accounting habits, the laws have also significantly increased operating costs at many firms, the PCAOB said.
"Over the last two years, the board has heard a consistent message that compliance with the internal control provisions of the [SOX] act has required greater effort and resulted in higher costs than expected," PCAOB officials said in a report. "The board agrees that auditors should perform internal control audits as efficiently as possible for companies that are required by the SEC's rules to obtain an audit report on internal control."
As part of its considerations, the group said it is reviewing whether the existing standard encourages auditors to perform procedures that are not necessary merely in order to meet the requirements of SOX.
The PCAOB said it will ultimately seek to eliminate unnecessary procedures, simplify and shorten audits by reducing their detail and specificity, and make the audits more reasonable for smaller and "less complex" companies.
New rules that are being proposed would instead focus on requiring auditors to focus on "the most important" SOX controls and emphasize the importance of risk assessment.
Other proposed changes seek to clarify the role of materiality in relations to financial reporting, remove requirements to evaluate management processes, permit consideration of information obtained during previous audits and direct auditors to tailor tests to reflect the attributes of smaller companies, among other provisions.
If the PCAOB issues the proposals, it will suggest a 70-day period during which outsiders can make recommendations about the rules. Following the close of the comment period, the board will determine whether to adopt the suggestions and make any additional amendments.
Any final rules will be submitted to the SEC for approval.
While the cost of complying with SOX remains high, research indicates that public companies spent 23 per cent less to keep up with the legislation in 2006 than they spent in 2005, according to a report from Financial Executives International.
Based in the group's tests, SOX compliance cost businesses an average of US$2.92 million in 2006, compared with $3.8 million in 2005.
FEI said that 78 per cent of the 200 companies participating in its survey indicated that, even with savings garnered from their increased experience dealing with SOX, the regulation's costs still outweigh its benefits.
"This drop is largely attributed to increased efficiencies, a positive learning curve, and use of technical systems and computer software," Michael Cangemi, president of FEI said in a statement. "While there is still work to be done, we have come a long way."
Find your next job with computerworld UK jobs