Sarbanes-Oxley celebrated its fifth anniversary last week - July 30th, to be precise. No business law blog would be complete without a comment on this momentous legislation. On the other hand, I have been struggling all week with how to give the law proper treatment (without treading on the WSJ's phenomenal report, "Critics See Some Good in Sarbanes-Oxley," http://online.wsj.com/article/SB118575565116581776.html?mod=politics_primary_hs).
So, I'll begin by rehashing the article. Sarbanes-Oxley, which was passed overwhelmingly by Congress, demands rigorous internal controls, requires executives to certify the accuracy of financial reports, requires companies to investigate whistleblower complaints, and created a watchdog for auditing firms. In the boardroom, it expands the role of audit committees and requires regular private sessions of independent directors.
AMR Research estimates that, by the end of 2007, public companies in the US will have spent more than $26 billion to comply with SOX. This is certainly more than executives would like to spend, but it has not all been in vain. Many companies are reporting that SOX has prompted changes that are ultimately making them better-run businesses. Some examples from California company Invitrogen: "Directors meet more often without executives present. Multiple ombudsmen field employee complaints. Ethics training is more rigorous. And Chief Executive Greg Lucier requires his lieutenants to take more responsibility for their results." There is also more accountability in the boardroom. "More boards resolve potential problems 'before they fester and explode.'"
SEC Chairman Christopher Cox believes that SOX has helped restore confidence in the financial markets and helps to ensure that financial reports are reliable. He also points out that compliance costs are falling (which makes sense because many of these costs were incurred when companies designed and instituted the necessary review processes).
In the first few years after SOX, hundreds of companies disclosed "material weaknesses" in their accounting and were forced to restate previous financial results. As companies fix problems and avoid new issues, less and less of them are doing this.
So there you have it - opinions from those in the know. But the policy question is, will the costs saved from preventing fraud and the increased confidence in the financial markets outweigh the expenses of instituting SOX reforms? This is a difficult question, because confidence in the financial markets cannot be quantified. And costs saved from potential securities litigation can only be estimated - after all, while Enron et al. were abominations, they were indeed incredibly rare. It also worth bearing in mind that the least costs were incurred by companies who already had excellent accountability practices in place. Further, many companies are reporting better business practices arising from SOX changes, which can ultimately help them perform better.
To best answer the question, I suggest looking at SOX another way. Let's compare the expenses companies incurred as a result of SOX to the expenses society incurs in maintaining a police force. Both are intended to stop problems before they start. After all, if the police were only supposed to catch criminals and investigate after a crime occurred, then they are grossly overstaffed. Both are also intended to give a certain peace of mind that cannot be valued or quantified. And in both cases, the costs are borne by those seeking the benefits – local citizens pay for police, and companies seeking funding from investors pay for SOX safeguards. Looking at SOX in this light, I hope you would agree that it’s worth the expense.
