An article in CFO magazine today announced the opinion that the US ‘Jumpstart Our Business Startups’ (JOBS) Act, whilst easing the Sarbanes-Oxley (SOX, Sarbox) standards, might pave the way for fraud. You can read the article here . . .
From my viewpoint, the SOX benchmark has done little to address the causes or even the identification of fraud. You just have to look at the news headlines of the recent months with Madoff, MF Global, Olympus etc. and countless FCPA violations (which admittedly are outside SOX scope). I remain unconvinced that SOX-style focus on ‘Internal Control Systems’ actually addresses the issue. The major accounting scandals, even post-SOX, all boasted an independently validated system of internal control and a clean audit by one of the Big 4.
Readers of this blog will know by now my fascination with the myopic focus of some Finance, Audit and IS teams on ‘controls’ (the car park barrier) rather than the genuine risk (the tyre tracks). If this makes no sense to you, I explain my metaphor more visually here.
I am a big believer in focusssing effort on identifying and managing risk and on identifying and managing performance gaps. I just worry about the ‘compliance’ mindset . . .
There was a great letter sent to the SEC by Ken Lever, then CFO of Tomkins which was quoted verbatim in the excellent book ‘Reiventing the CFO’ by Jeremy Hope (my synopsis can be found here). I quote it here as it is the clearest expression that I have seen in print . . .