Finally, some documentation that auditors and fiscal officers might actually want to do: write their opinions of Section 404.

MORE 404 COMMENTS

Below is a sampling of comment letters submitted to the SEC regarding the implementation of the internal control provisions of Sarbanes-Oxley:

Comments By David Hauser, CFO, Duke Energy

Comments By Tom Fanning, CFO, Southern Co.

Russell Stevenson, General Counsel, Ciena Corp.

Moray Dewhurst, VP And CFO, FPL Group

Richard Henriques, VP And Controller, Merck

Neri Bukspan, Chief Ac-countant, Standard & Poor's

Andrew Brown, CFO, palmOne

Rona Fairhead, CFO, Pearson Publishing

Leon Level, VP And CFO, Computer Sciences

Jane Windmeier, SVP Finance, Target

Raymond Seabrook, SVP And CFO, Ball Corp.

James Campbell, VP, Controller, Intel

Randall Mays, EVP And CFO, Clear Channel

Scott Di Valerio, Corporate VP, Controller, Microsoft

More Comments

View The Complete List Of SOX 404 Comments To Date

For two months, the Securities and Exchange Commission has been posting on its Web site comments from corporate executives, accountants, and others who are heaping praise and criticism on The Sarbanes-Oxley Act’s most notorious provision. Now numbering in the hundreds, the letters read like an abridged version of the debate surrounding Section 404 for the last two years.

“My experience … is the utter confusion, frustration and at times hysteria by the management team at public companies,” wrote one person, a consultant identified only as R. Kelly, who posted his thoughts on April 9. He worried that executives obsess over accuracy of controls data while ignoring ethical workplaces and healthy ties with external auditors, “which was the root cause of the debacles of public companies gone wrong in the first place.”

Kelly’s words reflected the grand themes of the correspondence about Section 404: praise for the concept, scorn for its execution, and a dash of “who are we kidding?” skepticism that it will help investors.

Microsoft Corp., for example, noted in a March 9 letter that it had already spent $15 million on 404 compliance, when the SEC had originally expected an average compliance cost of $91,000. “While Microsoft has realized benefits from the process, it is not clear that the benefits outweigh the cost,” Corporate Controller Scott DiValerio wrote.

Matthew Fitzgerald, chief fiscal officer of Grant Prideco in Houston, was equally gloomy. His company’s audit fees skyrocketed from $350,000 to $4 million last year (plus another $2 million in outside consultants), he said, and “I believe the cost-benefit tradeoff of Section 404 is way out of line.”

Fitzgerald advocated more attention to executive officers’ attestations and other Sarbanes requirements such as fraud hotlines, since they do bolster the reliability of a company’s financial statements, which is what investors really want to know.

Questioning The Benefits

Fitzgerald was not alone in questioning what benefit shareholders ultimately receive from Section 404. Mark Lettes, CFO of Apex Silver Mines in Denver, wrote that Apex spent more than $2 million on 404 compliance and found only two weaknesses. One of those, reporting interest payments as an expense rather than capitalizing them, was actually praised by analysts as a conservative move.

“One has to wonder what benefit the company’s shareholders received from the expenditure … of more than $2 million of their investment and the distraction to their management’s productivity for the fiscal-year 2004,” Lettes wrote to the SEC.

Other letters complained of poor top-level leadership on Section 404 projects, the conflicting interpretations of compliance from external auditors, and the overwhelming manpower burdens Section 404 imposes on small businesses. One writer said his company had more key controls than it did employees.

Some criticisms even contradicted each other. On March 6, an anonymous public accountant in Silicon Valley praised Section 404 for prodding chief fiscal officers to mind corporate finances rather than outward-facing events like investor relations and conference calls; one day later, the Institute of Internal Auditors wrote a letter worrying that Section 404 will distract financial officers from other business operations.

And not all letters faulted Section 404. Many independent consultants, shareholder activists or unaffiliated writers praised the rule for holding management’s feet to the fires of fiscal responsibility. Managers of the Ohio Retirement System, for example, claimed that most of Section 404’s costs will happen in a company’s first year of compliance, delivering long-term benefits well worth the expense.

Jack Ciesielski, founder of R.G. Associates, an investment advisory group in Baltimore, bluntly said that “if future compliance efforts require the same cost level incurred thus far, Section 404 might not be the problem. Instead, the problem might be that attention to internal control fundamentals is long past due.”

SEC officials are well aware of the complaints about Section 404. Earlier this month the agency held a round-table discussion financial professionals on how to improve the rule’s implementation; topics ranged from documentation and testing procedures to the latitude auditors have in defining controls compliance.

Some of the actual comment letters can be found in the box above, right.

Topics