Three years ago Sarbanes-Oxley was put into play to enforce those transparent financial controls over a company's activities. Credit Enron and Worldcom with unearthing all those lack of controls that served as the springboard for such a regulation.
Of course, this does not belong solely to the United States as the Third EU Anti-Money Laundering Directive and the EU 8th Directive soon followed after the Greek Parmalat matter that drove compliance issues to the top of the heap in Europe.
But, after three years, one began to wonder exactly how effective the financial industry was in implementing controls and compliance programs. That's why this past summer, a poll was conducted by gtnews and sponsored by SunGard that looked at bank account risk to determine what kind of control there was over certain bank accounts. In that poll, some 400 respondents, including treasurers and CFOs from corporate and financial institutions, had their say and some of the results were a bit troubling.
For example, even though some three-quarters of the respondents said they had moderate to high levels of concern over bank account risk, one in five treasury professionals said that they had inadequate information about their own company's bank accounts. In fact, only one third of corporate officers felt their central control of bank accounts was even satisfactory while one in five believed the information they had about their account authority and activity was rather poor.
So, the bottom line becomes this: Do CFOs know where all their bank accounts are? Who has signatory authority to open and close accounts? What is the value of transactions moving through all bank accounts plus the frequency of activity? If the CFOS don't have answers here, then there is a question of bank account risk for without proper control over non-domestic and subsidiary bank accounts, companies are up against all kinds of risk that can wind up in fraud and operational losses.
If only one in five treasury professionals claim that they have inadequate information about their own company's account activities, then how can a CFO sign off on corporate controls under SOX? What this means is that better financial controls are required.
One food for thought is a centralized management scheme for assessing bank account risk. Such an idea would give a company a birds-eye view of all its bank accounts, create opportunities to simplify over-complicated bank structures, improve management of liquidity risk by concentrating banking activity in areas where they are more secure, and maintain top-level control over the authorization of any bank account to avoid the risk of fraud.
It is clear that risk assessment of bank accounts is not just a case of simply being compliant with SOX. Companies should consider the wider implications of risk assessment on their business to avoid operational losses, prevent fraud, and use cash flows more effectively to generate revenues.
