News Stay informed about the latest enterprise technology news and product updates.

Sarbanes-Oxley 404 deadline extended for the smallest public companies

The U.S. Securities and Exchange Commission gave small public companies a little breathing room on SOX compliance, extending a key deadline on requirements mandated by Section 404.

The smallest public companies got a small reprieve from the U.S. Securities and Exchange Commission (SEC) on deadlines for meeting the much-maligned requirements mandated by Section 404 of the Sarbanes-Oxley Act of 2002.

Last week the SEC said that companies with a market value of less than $75 million now must prove their internal financial controls are reliable and accurate for fiscal years ending on Dec. 15, 2007, or later. Previously the SEC was requiring the so-called management's assessment for fiscal years ending on or after July 15, 2007.

"It's a minor postponement, from July to December. The impact should be minimal because the number of companies with fiscal years ending in July is relatively small. But it shows some level of compassion for the smaller companies," said John Hagerty, an analyst at Boston-based AMR Research Inc. who covers compliance issues.

More from the SEC
SEC to small companies on SOX: Not off the hook

Opinions split on new SOX proposal
The SEC also extended the date by which companies must have an auditor sign off on management's assessment of the aforesaid annual reports. The so-called auditor attestation requirement will be required for annual reports filed for fiscal years ending on or after Dec. 15, 2008. The commission also granted relief to newly minted public companies, exempting them from meeting SOX requirements in the first annual report they file after going public.

Widely criticized for putting undue financial burden on public companies, Sarbanes-Oxley was enacted in the wake of accounting fraud at Enron and other corporations that robbed shareholders and shook public confidence in corporate accounting practices. Large public companies have been required to comply with the law since about 2004.

Business has complained bitterly about compliance with Section 404 in particular, largely because the SEC failed to provide practical guidance on what constituted compliance. Many companies chose to err expensively on the side of caution, treating all internal controls equally and testing everything. Smaller public companies, which have less revenue and staff than big companies, but "are inherently not less complex," Hagerty said, suffered disproportionately. "Smaller companies always have to make due with less."

The SEC rebuked the accounting industry for its "robotic" approach to SOX compliance, urging management to exert common sense, but not before big companies had collectively spent billions of dollars on SOX and the accounting industry had been greatly enriched.

Last week's extension on the management and auditor's assessment requirements for SOX compliance gives smaller companies more time to make those common sense judgments. The extensions also allow smaller companies and their auditors more time to digest SOX guidance promised from the Public Company Accounting Oversight Board (PCAOB), the private nonprofit created by the Sarbanes-Oxley Act to oversee auditors of public companies. Granting new public companies more time to comply with SOX comes in the wake of criticism that the rules are one of the factors discouraging investors to take companies public. In addition, the SEC is promising to provide better guidance.

The SEC postponements are the latest in a series of concessions to small businesses, beginning with the appointment in 2005 of a small-business advisory panel. That panel recommended last spring that small public companies be exempt from Section 404 rules altogether. SEC Chairman Christopher Cox rejected that but promised the SEC would work with the PCAOB in "getting it right" when it comes to Section 404 compliance.

Frederick Lipman, a partner at Blank Rome LLP, a law firm in Philadelphia, has written extensively on corporate governance. He said the SEC exercised "very good judgment" in extending the deadlines for small businesses. "Until the PCAOB comes out with a '404-Lite' for small businesses, they properly extended the 404 compliance dates," Lipman said. The current standards are "extremely detailed and granular," as opposed to what small businesses really need, which is a "top-down, risk-based rule," he said.

The PCAOB's version of "404-Lite" may not be the same as the public's version, "but at least they're trying," Lipman said.

Hagerty also expects that the political pressure from a Republican-controlled Congress to ease SOX requirements will continue. The Democrat-controlled Congress will be "bending over backwards" to show it is acting "in the best interest of the financial markets," in his view.

Lipman agreed. "I don't think the Democrats want to hurt small business anymore than the Republicans do. And they certainly don't want to outsource the financing market to the British stock market, which is what's happening now. I think they will take a realistic view of what is a good balance in what is necessary to protect investors and not interfere with the competitiveness of the U.S. IPO markets," Lipman said.

Let us know what you think about the story; email: Linda Tucci, Senior News Writer

Dig Deeper on Small-business IT strategy

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.