The Sarbanes Oxley Act of 2002

00:00

in this video we're going to discuss the

00:02

sarbanes-oxley Act which was sometimes

00:04

referred to as Sox so Sox was passed by

00:07

US Congress in 2002 and it was passed in

00:10

response to a wave of accounting frauds

00:13

from companies like worldcom Enron

00:15

Global Crossing Tyco there was this wave

00:18

of accounting frauds and we even had one

00:21

of the five largest accounting firms

00:23

Arthur Andersen was caught up in all

00:25

this they were destroying documents they

00:27

were charged criminally they ended up

00:29

going out of business as a result of all

00:31

of this and so sarbanes actually did a

00:35

number of things first of all I've had

00:37

new rules for publicly traded companies

00:40

and their executives they also created a

00:42

lot of new rules for audit firms and it

00:45

also resulted in the creation of the

00:48

PCAOB so I want to talk about each of

00:50

these in turn because there's a lot

00:52

going on here so first of all in terms

00:54

of the rules for companies the CEO and

00:57

CFO of a company or their principal

01:00

officers which is usually the CEO and

01:02

the CFO must sign off and certify the

01:06

veracity of the financial statements now

01:08

you might think that this is obvious and

01:10

then of course what didn't this happen

01:12

to happen before shouldn't the CEO stand

01:15

by the financial statements of their

01:17

firm but the thing was when there was

01:18

that wave of accounting frauds

01:21

the Siad CEO saying hey look I'm not an

01:24

accountant I don't know what's going on

01:26

here I didn't actually put together the

01:27

financial statements I'm just kind of

01:29

managing the company and so

01:31

sarbanes-oxley made it very clear that

01:34

the CEO the CFO they have to sign off on

01:37

the financial statements and if there's

01:39

some kind of problem they're subject to

01:41

criminal penalties particularly if later

01:45

they're found to be destroying documents

01:47

or and this even applies to the audit

01:49

firm in particularly the audit firm if

01:50

they're destroying documents or

01:52

something like that they can be subject

01:53

to stiff criminal penalties so also the

01:57

company now has to assess the

01:59

effectiveness of its internal controls

02:02

so internal controls I'll make in our

02:04

video we'll talk a lot about internal

02:06

controls and auditing but internal

02:08

controls are basically things they're in

02:10

place in the firm to prevent fraud from

02:12

happening

02:13

to prevent different things to kind of

02:15

mess up the financial reporting process

02:17

and so a company has to set up these

02:19

controls to make sure that we don't have

02:21

an accounting fraud to begin with right

02:23

so they have to not only have these

02:26

internal controls in place but companies

02:29

have to go and actually assess the

02:31

effectiveness and then they have to

02:33

issue a report on the effectiveness so

02:35

if they do the assessment they find out

02:37

there's some kind of problem a material

02:39

weakness some kind of issue they have to

02:41

actually report on that now the audit

02:45

firms they have just as many changes if

02:47

not more as a result of sarbanes-oxley

02:50

first off they have to implement quality

02:52

control but if they have a publicly

02:55

treated client they're going to be

02:57

subject to a lot more oversight we're

02:59

going to talk about that but first

03:01

things first they have to have a second

03:03

partner on any audit of a publicly

03:06

traded client they have to have a second

03:08

partner review and approve all of the

03:11

audit reports right so you've got one

03:13

partner who's like the lead partner on

03:15

an audit right so let's say there's an

03:17

audit of Walmart or something like that

03:19

there's an accounting firm that's

03:20

auditing them there's a lead partner on

03:23

that audit engagement but there's a

03:25

second partner a reviewing partner where

03:27

they come in and kind of sign off and

03:29

did check on everything that has been

03:31

done now the lead partner in the

03:34

reviewing partner they have to rotate

03:36

out every five years what it means by

03:39

rotating out is let's say that Paul is

03:41

it Paul's a lead partner on the Walmart

03:44

audit and Paul can do that for five

03:47

years but after five years Paul cannot

03:50

be the lead partner on the Walmart audit

03:52

anymore Paul has obviously stay with his

03:55

accounting firm and so forth he could do

03:57

all that he doesn't have to leave his

03:58

company or something ridiculous he could

04:00

stay with a CPA firm he just can't audit

04:02

that particular client any any longer

04:05

but he can only do it for five years and

04:07

the idea behind this is we don't want

04:10

Paul to get too cozy with the management

04:13

of Walmart because if Paul has been

04:15

handling this audit for 20 years or 10

04:18

years then Paul he becomes maybe friends

04:21

with the people and so forth the client

04:24

or there's pressure that he doesn't want

04:26

do something that would somehow cost his

04:28

firm that client so every five years

04:31

Paul Paul or whoever is a lead partner

04:34

we're going to switch to somebody else

04:36

the firm has to put somebody else right

04:37

so it's the same accounting firm

04:39

it's just they switch out to a different

04:41

lead partner different reviewing

04:43

partners that's basically what's

04:45

happening okay

04:46

now in addition where we had talked

04:48

about how management of the firm so

04:50

let's say Walmart has to assess the

04:52

effectiveness of their internal controls

04:54

and issue a report the audit firm also

04:57

has to do that not of itself but of the

05:00

client okay so you've got the client

05:01

let's say Walmart they're assessing

05:04

their internal controls and issuing a

05:06

report but then the audit firm is going

05:09

to assess Walmart's internal controls

05:11

and issue a report on Walmart's internal

05:14

controls there's actually there's two

05:15

reports that are happening here now this

05:19

is in terms of the complaints about

05:21

sarbanes-oxley by firms this is the the

05:24

part of settings actually it's been

05:25

criticized probably the most it's called

05:28

section 404 and and the reason is that a

05:31

lot of people complain that it's very

05:32

costly for the firm to have to go and

05:35

assess its internal controls it's your

05:37

report on that and then now they're

05:39

paying the audit firm more because their

05:41

audit firm now is to do more work right

05:43

they're not just going to do that for

05:44

free they're going to want more money

05:45

so they're having the audit firm is

05:48

actually getting more business if you

05:49

think about it and so there's actually a

05:51

lot of accountants got hired because

05:53

this section 404 compliance that creates

05:56

a lot more work for the accountants but

05:59

it's and so it's been a boon for them

06:01

but for the companies they have to

06:02

comply with these internal control of

06:05

disclosure requirements but all of this

06:08

was done again to try and prevent it

06:11

from happening again where we have a

06:12

wave of accounting frauds and people say

06:15

hey can we even trust the financial

06:17

statements of firms and so forth so that

06:19

so that's the intention and then also

06:21

another really key component to sarbanes

06:23

actually is that an audit firm is now

06:26

prohibited or prevented from providing a

06:29

lot of non-audit services to the audit

06:32

clients and what do I mean by not off

06:34

non-audit services so if you don't know

06:36

a lot about audit firms other firms

06:38

don't just audit financials to

06:40

that's not the only thing they do they

06:42

also provide advisory services and if

06:44

you think about it if an auditor they're

06:47

going to look at the internal books of a

06:49

company right so as they do that we can

06:51

learn a lot about how to better do

06:54

business and they might have suggestions

06:56

about how the company can prove its

06:57

business operations and so forth so it

07:00

stands to reason that you might have the

07:01

auditor say hey client you know we could

07:05

really help you optimize your business

07:07

processes we can help you do this and so

07:09

forth in that they actually happen and

07:12

so what you had though was it turned

07:14

into a problem and the reason was that

07:16

in some cases you had a firm auditing a

07:19

client and actually the amount of money

07:22

that the audit firm was getting for

07:24

these non-audit services was actually

07:27

higher than the audit fees they were

07:29

getting right so if a company just to

07:31

think about it if you're getting if

07:32

you're an audit firm and you're getting

07:34

ten million dollars for consulting

07:36

you're getting these consulting fees

07:38

from the client and then you're maybe

07:40

getting 1 million dollars for the audit

07:43

fee and you say hey I don't know if

07:46

their financial statements are

07:48

completely legit there could be some

07:49

problems here you don't want to say hey

07:52

I don't want to sign off on this audit

07:54

because I don't know about this firms

07:55

financial accounting practices because

07:58

you're going to lose not just the 1

08:00

million dollars you're going to lose the

08:01

10 million dollars for consulting so

08:03

there's a lot of pressure on these

08:04

auditors to say to come look the other

08:07

way or say you know why hey we're

08:09

getting a lot of business from this

08:11

client we don't lose them by creating

08:13

problems with the audit and so now

08:15

they're prevented from doing non-audit

08:18

services not just in general I mean if

08:20

we so you've got your client and then

08:23

you've got some other company that does

08:24

not your audit client

08:26

so we'll say non client so you could you

08:30

could provide so you do your audit for a

08:31

client

08:32

you're just prohibited from doing the

08:34

non auditing or non-audit services for

08:37

the client okay so let's say Walmart but

08:39

then let's say there's another company

08:40

called Monsanto that you are not doing

08:43

their audits so there are non client

08:45

then you can provide whatever services

08:47

to the non client it's just when you're

08:50

actually providing you're doing the

08:52

audit of this audit client

08:54

right so you're doing an audit you can't

08:56

turn around and do non-audit services

08:58

such as investment banking consulting

09:01

valuation services you can't be their

09:04

internal auditor you can't be designing

09:06

their financial information systems

09:08

there's a bunch of not audit services

09:10

you can't provide to an audit client now

09:14

what is that one of the really lasting

09:16

effects of sarbanes-oxley it's

09:18

tremendously as important is aside from

09:21

all the rules for the companies and CEOs

09:23

and the audit firms it created something

09:26

called the Public Company Accounting

09:28

Oversight Board which is commonly causes

09:31

the PCAOB so the PCAOB does a number of

09:34

things right so but first off before I

09:37

even get into it before that we had the

09:40

PCAOB basically the the audit the

09:44

industry when I think about audit firms

09:46

they were self regulated to a large

09:48

extent they were self regulated and so

09:52

with the PCAOB that ended basically now

09:56

the PCAOB

09:57

you could think of them as the watchdog

09:59

for auditors so now if an auditor if

10:02

they have at least one publicly traded

10:04

client they have to register with the

10:06

PCAOB and then the PCAOB will monitor

10:09

them and every now and then the PCAOB

10:12

will actually go and look at a sample of

10:14

their audits and kind of evaluate and

10:16

see are they're doing a good job the

10:18

PCAOB also handers handle standard

10:20

setting for the auditing industry and

10:22

they also handle enforcement when

10:25

there's some kind of a problem the audit

10:26

firm isn't doing things right and we'll

10:28

talk more about the PCAOB in a video to

10:31

come