Since the passage of Sarbanes-Oxley, the outcry from small filers on the unfairness of "one size fits all" reputation with regard to Section 404 compliance reminded me of an old TV spot for Midas where a greasy mechanic is holding an absurdly sized muffler and a rubber mallet while assuring the owner that he would "make it fit."

Filers both small and large had, literally, from the moment George W. Bush put his pen to sign SOX into law, bemoaned the costs in both money and human capital to implement the internal controls certification of the sweeping corporate reform act.

The highly criticized rule, as most know or at least should know, requires that publicly traded companies assess the controls they have in place as a preventive measure against accounting fraud, and have their external auditor attest to said controls. For investors, that auditor assessment must be featured in the annual report. Included, of course, must be a clear explanation of any material weakness that was uncovered during that attestation process.

But like an irate customer who receives a car repair bill that nearly requires a second mortgage to pay it, the most vocal opponents of 404 were the small businesses, who squeaked that 404 costs detracted from other vital areas such as hiring and new product development, and prompted more than one concern to outsource work to foreign venues.

And on that they have a point.

A recent survey compiled by Financial Executives International found that smaller companies expect to spend an average of $824,000 to be in compliance. That's a fair amount of revenues being siphoned off.

After an SEC-appointed advisory committee issued a recommendation to allow small businesses -- defined as those with a market cap under $75 million -- an extra year before required compliance, the commission shortly afterward voted unanimously to give those filers until July 2007 to review their internal controls.

SEC Chairman Christopher Cox and his committee stressed that the ruling was not an indicator that their stance on SOX compliance was softening.

But let me play devil's advocate for a second, a position which for some odd reason, I find myself in with alarming frequency lately.

Because of their size, common sense would dictate that for small filers there would be less critical points for internal controls to fail as opposed to say, General Electric. And in a sobering dose of reality, we all know that there can be fraud at an Acme Elevator as easily as at a Xerox.

After all, as stringent as Sarbanes-Oxley is, it cannot legislate ethics or moral judgment.


The vote to extend the compliance deadline was unanimous among the commissioners.

I'm sure new Chairman Cox wishes all future commission meetings would be that easy.

Unfortunately for him, the only thing for certain -- especially when it comes to Sarbanes-Oxley -- is that they won't.

Register or login for access to this item and much more

All Accounting Today content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access