Shortcomings/disadvantages of SOX 2230



  • I’m new to this forum so sorry if this has been asked previously. I am trying to research many of the shortcomings and disadvantages of SOX and am asking for quick highlights as to what those might be. So far I have the extreme cost of compliance, especially on small businesses, and the myths of section 806 about protection of whistleblowers ( I have found many instances where whistleblowers are indeed not protected as they should be). Can someone give me a rundown of other shortcomings/disadvantags of SOX? thanks so much



  • Hi and welcome to the forums 🙂
    Below are some links found using the search facility and keyword ‘benefits’ as the pros/cons have been debated several times.
    On the plus side, I think SOX has improved corporate financial controls and shareholder confidence some. On the minus side, SOX has in some cases doubled external audit costs and created extra work to ensure sound financial controls.
    One key point is that it is all about how SOX is implemented . The forums are full of cases where SOX has been misapplied or someone promotes special controls in the name of SOX that aren’t truly required. If SOX requirements are not well researched and planned, even more costs can be incurred – which is another negative point related to SOX (as the requirements, esp. SOX 404 are somewhat vague and subject to interpretation).
    Has SOX had its intended effect?
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=2179
    Software Consultants = lots of money
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1901
    How effective will SOX be in preventing future scandals?
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1899
    Cost Of SOX
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1147



  • Hey Harry, i just wanted to find out what exactly causes public corporations to have such high costs with regards to SOX. Is it because of high auditing fees, implementing new internal control protocols, software purchases and system maintenance, consulting services, etc. If you have any info regarding this or articles which would help me I would really appreciate it, thank you.
    Scott
    Hi and welcome to the forums 🙂
    Below are some links found using the search facility and keyword ‘benefits’ as the pros/cons have been debated several times.
    On the plus side, I think SOX has improved corporate financial controls and shareholder confidence some. On the minus side, SOX has in some cases doubled external audit costs and created extra work to ensure sound financial controls.
    One key point is that it is all about how SOX is implemented . The forums are full of cases where SOX has been misapplied or someone promotes special controls in the name of SOX that aren’t truly required. If SOX requirements are not well researched and planned, even more costs can be incurred – which is another negative point related to SOX (as the requirements, esp. SOX 404 are somewhat vague and subject to interpretation).
    Has SOX had its intended effect?
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=2179
    Software Consultants = lots of money
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1901
    How effective will SOX be in preventing future scandals?
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1899
    Cost Of SOX
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1147



  • The ‘Cost of Sox’ link above has a lot of key considerations in it. A quick summary of increased cost factors include:
    – Audit firms have to devote more resources to conduct these SOX related audits which provide external non-biased checks on ensuring management is staying in compliance. Many firms have seen their external audit costs DOUBLE as a result of SOX
    – Finanical Information, email, and other information must be retained for 7 years … That costs considerably in backup media, storage, handling costs, etc
    – Existing workflows employees have felt comfortable with for years sometimes gets adjusted, adding more steps and bureaucracy to the process
    – A core SOX compliancy team is often formed to devote resources to the process. The salary/benefit
    – If folks misinterpret SOX requirements (which are sometime ambiguous), there are hidden costs in efficiencies or doing something over
    – Some companies purchase software to augment processes like change management, change control, documentation, testing, etc
    – There’s a cost of ‘resistance’ as well, as some folks don’t want to follow procedures and take shortcuts to get the job done
    – Sometimes doing business with vendors or customers may require adding some SOX related steps which can add to the process.
    With all that said, SOX might fit well in a company that has great controls, standards, procedures, plans, trains, and meets SOX efficiently. There are still added real costs related to SOX. It’s an added cost of doing business that you can’t esapce from.
    However, the cost factors will certainly increase in other companies that don’t research, plan, train, or have tight financial controls in an even more pronounced manner.



  • Harry’s post was very well written and comprehensive.
    As a SOX manager for a non-accelerated filer (i.e., a company whose market cap is below USD75M and thus has not yet been required to submit to a formal SOX audit), I have been astonished at how expensive the process has been.
    To date, we have documented all of our control activities and completed Year One testing for all cycles. Between the purchase of SOX software, hiring two separate consulting firms, spending countless hours debating issues, interviewing process owners, and paying me a full-time salary as SOX manager for the company, we have spent in excess of USD100K on the project… and we still have not been audited.
    I can only imagine how expensive and all-consuming the project must have been for the big accelerated filers who operated under AS-2 standard.


Log in to reply