Sarbanes-Oxley defeat blow for SMBs

US Senate snubs effort to loosen Sarbanes-Oxley compliance rules for SMBs.

The US Senate's thumping defeat of an amendment to exempt certain small and medium-sized businesses (SMBs) from compliance with Section 404 of the Sarbanes-Oxley Act is bad for business US poiticians have declared.

SMBs fell foul of political battles by those decrying the amendment as an attack on shareholder protections and others countering that SOX is crippling American businesses and preventing them from competing in a global economy.

The SEC and PCAOB are working to more tightly define the scope of SOX. That is where companies will find the relief.
Michael Rasmussen
analystForrester Research Inc.
The amendment, would have made compliance with Section 404 optional for companies with total market value of less than $700 million.

The political posturing doesn't mean much for small and medium-sized businesses (SMBs), analyst Michael Rasmussen said. For less heat and more light on the requirements of the law, publicly traded SMBs will have to wait another month or so for the U.S. Securities and Exchange Commission and its partner in compliance, the Public Company Accounting Oversight Board (PCAOB), to approve their long-promised revised guidelines and new accounting rules.

"I think it's par for the course now that SOX is here to stay," said Rasmussen, who covers compliance at Forrester Research Inc. in Cambridge, Mass. "The SEC and PCAOB are working to more tightly define the scope of SOX. That is where companies will find the relief."

DeMint, who tried to attach his amendment to another bill focused mainly on improving science and math education, argued that approval of his measure by the Senate would "shake up the SEC" and spur revisions.

Congress passed the Sarbanes-Oxley Act of 2002 in the wake of the financial wrongdoing at Enron Corp. and other corporate crimes, as a way to protect investors and fix the accounting practices that allowed for such abuses. The act was criticized almost immediately after it was signed into law in 2003 -- as costing far more to comply with than originally estimated, as too complex and for posing a tremendous burden on smaller companies in particular.

Section 404, considered the most onerous requirement, says that publicly traded companies must show their internal financial controls are accurate and must have an auditor sign off on management's assessment. The meager guidance on 404 from the SEC made matters worse, prompting many companies to err on the expensive side of caution. The political slings and arrows -- and filing extensions granted by the SEC -- have been coming ever since.

No date set, but reassurance from Cox

PCAOB spokesperson Michael Shokouhi said the board, which proposed new auditing rules in December, aims to get final board approval by early summer, but no date has been set.

More on SOX for SMBs
Sarbanes-Oxley advice for smaller public companies

SEC to small companies on SOX: Not off the hook
The latest from the SEC on the application of Section 404 to small business came from Chairman Christopher Cox, when he testified before the Senate Committee on Small Business and Entrepreneurship. He said the SEC already "has been very sensitive to the special concerns" of the smallest public companies, by exempting businesses with less than $75 million in public equity, or some 6,000 public companies, from providing the audited internal control reports required by Section 404.

But Cox also acknowledged "the way 404 was being implemented was too expensive for everyone," and laid out the steps the SEC has taken to "rationalize" 404 for small businesses, including the extended deadlines for filing announced in December. He stated: "The reforms we're making to the SOX 404 process are intended to be of direct benefit to America's small businesses -- and the millions of Americans who work for them, invest in them and benefit from all that they provide to our economy."

Let us know what you think about the story; email: Linda Tucci, Senior News Writer

Read more on IT for small and medium-sized enterprises (SME)