While thinking about possible topics for this month’s column, an inspiration came to me out of the blue—or rather, from cyberspace. The following email appeared on my screen commenting on my July column (published June 20 electronically). By the way, I include the writer’s first two sentences only for the sake of completeness and full disclosure!
“Once again you have written an excellent column this week on SOX. I nearly wrote thanking you for the prior one on enterprise risk management but did not get to it. My question is: How come no one wishes to address the fundamental issue that SOX, despite its effort and costs and some residual good it may do, is unlikely to stop the frauds exhibited in Enron, WorldCom, etc.? No one that I have spoken to or nothing I have read over the last four years indicates that anyone actually believes it will stop a dominant CEO influencing a CFO to make the numbers at any cost. SOX will not stop nor reveal such wrongdoing—only good, solid external auditing of the financial statements. Has this aspect ever been fully researched or written about? Or does no one wish to discuss the fact that the emperor has no clothes on! Thanks for listening.”
The writer is a well-regarded chief risk officer of a large company. I communicated my thoughts in a reply email, and would like to share them here with you, the broader readership.
Stopping Fraudulent Financial Reporting
Let’s make one thing clear. Neither SOX nor any other legislation on the books or being considered—or, for that matter, perhaps any that can be conceived—will stop all fraud. My forecast is that someday there will be more instances of major fraudulent financial reporting. The issue is not whether it will be stopped, but whether the likelihood has been reduced. To this I say, “Absolutely yes.”
When we look at SOX, along with stock exchange listing requirements and other rulemaking, we see a number of requirements and related actions that make financial reporting fraud less likely:
Whistleblower Channels. The reality is that a fraud designed at the top requires (or results in) others in the organization knowing about it. With well-accepted and trusted whistleblower communication channels, such activities can be reported to general counsels or audit committees committed to taking proper action.
Audit Committees. With fully independent and better-qualified audit committees, armed with good knowledge of the business, carrying out their expanded oversight responsibilities with due care and focusing on the financial reporting process, there is less likelihood that improprieties in financial reporting will occur in the first place and greater likelihood that if they do occur that they will be noticed. Again, no guarantee exists, but by taking their role seriously and working diligently, the deterrent factor is greater and there is a better chance that indicators of wrongdoing will be identified.
Code of Conduct. Required codes of conduct for financial reporting personnel, normally extended to the board and all personnel, put into writing what’s right and wrong, what’s allowed and what’s not, and what to do when something is amiss. Of course a code by itself isn’t enough, and an increasing number of companies have established full ethics programs to bring the code to life within the organization and ensure it works as intended.
Going Beyond Compliance. A number of companies have realized that high levels of integrity and ethical values are good for business. They’ve learned that companies demonstrating such integrity and values attract the best people, directors, joint venture and alliance partners, suppliers, bankers and others. Indeed, in many industries the customer base considers a company’s integrity and ethical values when deciding whether they want to do business with the company.
Section 404. Despite opinions otherwise, I have no doubt that effective systems of internal control over financial reporting do reduce the chance of fraudulent financial reporting. Skeptics focus largely (if not exclusively) on one component of internal control—the control activities—forgetting to consider the powerful impact of an effective control environment, which deals with such matters as management’s philosophy and operating style, integrity and ethical values, incentives and temptations, and an effective board and audit committee, among other things. Internal audit, which is a part of the monitoring component of internal control, also is a powerful factor that reduces the likelihood of fraud.
Readers seeking more information on these matters can look to my March 2006 column, which can be found in the box at above, right.
Many CFOs Have The Courage
Let’s look at the writer’s statement that from his experience, nobody actually believes that SOX will stop a dominant CEO influencing a CFO to make the numbers at any cost. This gets to the matter of a CFO’s courage to stand up to a dominant CEO.
Over the years I’ve worked with many CEOs and CFOs—mostly of large companies, but some smaller ones as well. A significant number of them would be viewed as dominant, if not domineering, by anyone’s measure. Certainly we’ve seen instances where the company’s CEO orchestrated major and devastating financial reporting fraud. In some instances the CEO was the driver with the CFO going along for the ride; in others the CFO played a critical role in initiating and devising schemes to make it happen.
What might not be readily visible from the outside are the many CEOs who never have and never would suggest financial reporting fraud, and more to the writer’s point, the many CFOs who would stand up to such a suggestion or direct order, refuse, and take the consequences. Yes, in past years there might have been somewhat more shading at the edges, even what some would call “earnings management,” which in recent years has taken on an entirely nefarious connotation and for which regulators’ and the investing public’s appetite has been all but eliminated.
In any event, I believe the great majority of CFOs even in past years have had the backbone to say “no” to any CEO suggestion amounting to financial reporting fraud. Yes, they might have entered into discussions, out of courtesy and respect for the reporting relationship, about going to the edge of acceptable behavior—but at the end of the day most CFOs would not be browbeaten into submission, despite the threat of being fired and the potentially devastating effect on the CFO’s life in terms of career, financial resources and income stream, and personal life.
Rather, what we’ve seen are CFOs under such pressure convincing overreaching CEOs that stretching financial reporting to the breaking point is neither in the interest of the company nor the CEO himself, for several reasons. One is that, quite simply, the facts ultimately come out, pointing to those senior executives who fudged the books by borrowing from the future on the basis that the current “problems” would turn around in the next period, only to face the reality that this seldom happens. Another argument is that not only is fraud fundamentally and unequivocally wrong, but on a purely pragmatic basis the risks are too great—for the company, its shareholders and the executives. They may get away with a temporary, short-term advantage, but in all likelihood the end result will be reality crashing down around their professional and personal lives.
I believe the great majority of CFOs have long operated in this vein. Certainly, in today’s SOX environment, those few that might have succumbed to the pressure or short-term financial gain will now think more than twice before agreeing to such illegal activities. And as noted, the marketplace now tends to reward companies whose financial reporting provides more reliable and understandable information and stays far away from the fringes of legality.
Beyond The CFO
We’ve been focusing on the CFO, but my experience shows that other senior personnel—including general counsels, controllers, chief accounting officers and chief audit executives—would, and do, act similarly. Here, too, most of these individuals have high levels of integrity and ethical values, with the emotional wherewithal to push back at the thought of breaking the law.
Prime examples of not accepting wrongdoing—and indeed taking action to do the right thing—are the three chief internal auditors who graced the cover of Time magazine several years ago. They found themselves in the limelight, but they really are representative of the many honest and committed executives in American business.
The email writer, if I correctly interpret his message, points to the value of good solid external financial statement audits. Certainly such audits, particularly with the increased attention in recent years directed to the potential for fraud, now are more likely to uncover fraud, and will serve as a deterrent to those whose ethical compass is failing them.
The Emperor’s Clothes
So, the writer asks, “Does no one wish to discuss the fact that the emperor has no clothes on?” Well, I believe the emperor indeed is clothed. SOX is real, with positive impact. Is it costly? Yes. Are companies and the investing public benefiting from the law and related regulations? Here, too, I say yes.
The reality is that bad people are out there, and no system is foolproof. If not sooner, certainly when the hoopla dies down and memories fade, there will be more major financial reporting frauds. But that doesn’t mean the protective and detective systems in place should be scrapped. Rather, where possible, they should be strengthened on a targeted basis, in a cost-effective manner, to be sure business is able to continue to provide its tremendous benefits to society.
Yes, the emperor is fully dressed—but we don’t want the attire to be an unwieldy suit of armor that unnecessarily restricts action. Rather, we look to the integrity, ethical values and capabilities of our business leaders, and to the necessary systems of oversight, checks and balances, to have a reasonable likelihood of preventing or quickly identifying those outliers whenever they might surface.
No comments yet