project bussiness or no- please help 2960
my friend has an issue and asked me a hint
within my friend’s org, they have one process control stating that in case of their unit has the intent to take additional business project within other partner, what ever their role are subcontractor, vendor, tender…will be subject to implement the control process and limit the authority for such control.
his issue is that he’s the only one who seems to think that when they send their workers as labours in others area, they are acting in a business project and need to fall under the control process
all the others reply that such relationship aren’t called as bussiness and therefore the control not applicable.
can someone to advice on that. i’m almost sure that the process control need to be established and i’ve told him but in the same time, it is critical for him to face others , higher level than him
what do you think
Can you provide an example for us? What type of business is your friend in and what type of services might his business provide to others?
SOX is primarily concerned with financial reporting and safeguarding of assets. I am having difficulty imagining how your friend’s business dealings for another company where he or his teammates are performing work in a manner that it would impact the financial reporting of your friend’s business.
Thanks for feedback
Have look, their main activity is manufacturing, but since some years, they had decided to provide to outside ( org others than their one) a service as provide labour where their employees offer their experience, help on activity similar to their in their organisation…kind of stuff.
such service is actualy sub-contracting, isn’t it? and as that, may have incidence in financial reports since a kind of their customer can be fraudulent or acting as this, or having kind of reputation. it isn’t just to have an active role in fraud or corruption but also it can damage the reputation of their org if such fact occur and discloded , isn’t. this is why the control in their org as limit of authority is established, to prevent such risk, and control risk project
hope i’m more clear
thank you in advance for feedback
If company ‘A’ subcontracts out its employees, the only SOX impact that I can see to that company is that it is properly reporting subcontracting income and its employee expenses on its financials. The type of work that the employees do for the outside company is of no concern to company ‘A’ for SOX purposes. I do agree that company ‘A’ would want to ensure that other companies it is contracting with are reputable companies, but SOX would not care about that.
thanks for the answer
but tell me, let’s consider it from the result scope, what would be the incidence in case the host company is involved within a fraud issue in the period of the subcontracting with the company, won’t be his any impact in terme of materiability??
thank you in advance
The company who was subject to the fraud would certainly be impacted and should understand what controls failed that allowed the fraud to occur (though, controls are not designed to necessarily detect fraud, but to deter fraud).
If the fraud was committed by company A’s employees while they were working for an outside company and the fraud was against company B, there are no SOX implications to company A in my opinion as the financial reports of company A were not impacted. However, if company A is aware that the employees which it is subcontracting to company B are committing fraud, then company A’s ethics are called into account as questionable if they do not discipline their employees who were acting in a fraudulent manner.
Of course, there are implications beyond SOX that could impact company A. First and foremost is their reputation. The impact to their reputation will likely be determined by how they respond to the fraud committed by their employees while working for another company.
thank you kymike