Survey: Cos. Must Make Improvements to Meet 404 Deadline

New York (July 20, 2004) -- The majority of senior executives say that their company must make improvements in order to comply with Section 404 of the Sarbanes-Oxley Act, with financial processes and computer controls topping the list of areas in need of remediation, according to a survey by PricewaterhouseCoopers.

Of 152 chief financial officers and managing directors at U.S. companies surveyed, 79 percent say that their company must make improvements in order to comply with Section 404, which requires companies to file a management assertion and auditor attestation on the effectiveness of internal controls over financial reporting.

Among the areas needing remediation: financial processes, cited by 55 percent; computer controls, cited by 48 percent; and internal audit effectiveness, cited by 37 percent. Thirty-five percent cited security controls, 26 percent cited audit committee oversight, and 24 percent cited fraud programs.

Nearly two-thirds of those surveyed (64 percent) say that their company's senior management and board of directors see Sarbanes-Oxley as one of many steps in a larger corporate governance initiative, PwC reported. Thirty percent say that it is simply a goal to be achieved, and 6 percent are uncertain.

Almost the same number -- 62 percent -- say that SOX is integrated with their other corporate regulatory compliance processes, while 34 percent say that it isn't and 4 percent are uncertain.

The survey also revealed that, despite complaints by some companies about the increased costs and regulatory burden imposed by Sarbanes-Oxley, most respondents, 56 percent, say that their company doesn't track and report internally on the costs of SOX and other compliance programs.

“Given the early outcry about Sarbanes-Oxley’s added costs, it’s surprising that most companies do not document and track this expense,” said Dan DiFilippo, PwC partner and U.S. practice leader for governance, risk and compliance. “However, many companies have only recently begun to understand the types of costs and value associated with compliance efforts. We expect more aggressive monitoring as companies examine the effectiveness of their compliance approach.”

Looking ahead, 93 percent of executives expect their company to launch process improvement initiatives to streamline future SOX compliance. Areas cited include: financial reporting (63 percent); risk identification and assessment (61 percent); risk mitigation, IT security strategy and implementation, and internal audit, all cited by 55 percent; compliance management (54 percent); and IT oversight and operations (45 percent).

-- WebCPA staff

For reprint and licensing requests for this article, click here.
MORE FROM ACCOUNTING TODAY