Читать книгу Internal Control Audit and Compliance - Graham Lynford - Страница 16

Companies and regulators continue to debate the cost–benefit of the requirements to assess and report on internal controls. Detractors have been somewhat successful in resisting auditor attestation in smaller public companies in the Dodd-Frank Act of 2010 and the JOBS Act of 2012. However, history has shown that inattention to internal controls is at the root of many business failures and frauds, which weaken investor confidence in the capital and stock markets. In addition, in the period before the imposition of the SOX Act of 2002, an alarming increase in the number of restatements of previously issued financial statements was observed. A lack of ICFR was a likely root cause of many of these restatements. A spike of fraud and restatement in smaller public companies may indeed bring reconsideration of the need for auditor verification of managements' assertions regarding controls.

It has been observed that certain categories of losses due to fraud and the incidence of restatements have come down in the post-SOX period. Whether this is due to greater management awareness of and attention to internal controls or strengthened auditor requirements regarding fraud and internal controls effectiveness is not known. What is clear is that there have been some notable improvements and reversals of downward trends, and thus the “medicine” seems to be working. The revised COSO Framework is intended to keep the ball rolling and help us to take the updates that have been issued since the original 1992 report and codify them into basic principles we can carry into the future.

Some executives have spoken out in favor of the value that the current regulatory requirements bring to the business environment. A recent survey of the Financial Executives Institute relates a more positive shift in management opinion when compared to the early days of the imposed regulations.