Sarbanes-Oxley Act Improves Investor Confidence, But at a Cost

E-mail Story
Print Story
OCTOBER 2005 - A survey by Financial Executives International (FEI) found that public companies have incurred greater than expected costs to comply with section 404 of the Sarbanes-Oxley Act (SOA).

The average total cost for the first year of SOA section 404 compliance was $4.36 million, up 39% from the $3.14 million companies had expected to pay, based upon a July 2004 FEI cost survey. The increase stems largely from a 66% leap in external costs for consulting, software, and other vendors, and a 58% increase in the fees charged by external auditors.

The survey asked 217 public companies with average annual revenues of $5 billion to gauge their SOA section 404 compliance costs. Their total costs of compliance averaged $1.34 million for internal costs, $1.72 million for external costs, and $1.30 million for auditor fees. (See the Exhibit for a comparison of actual costs to previously estimated costs, and for more details.)

Companies Say Costs Exceed Benefits

Just over half (55%) of the companies surveyed believe section 404 gives investors and other external users more confidence in a company’s financial reports, and 83% of large companies (over $25 billion in annual revenues) agree. Significantly, however, nearly all respondents (94%) said the costs of compliance exceed the benefits.

In general, companies applaud the added focus on internal controls, but many respondents believe that the level of detail required is impractical and bureaucratic. “The spirit was right on,” wrote one respondent. “However, the execution to the level of detail that was required was much more than necessary.”

“Now that we’ve gone through the first run of this mammoth compliance effort, it’s time to review what we have learned and identify ways to improve the annual assessment process going forward,” said FEI President and CFO Colleen Cunningham. “Essentially, section 404 is well intentioned, but the implementation effort is guilty of overkill. Going forward, we recommend that regulators allow auditors to rely on the cumulative knowledge gained from earlier 404 work, and not simply start from scratch when it is time to re-assess companies. Furthermore, we suggest a true risk-based audit approach that defines key controls, allowing for auditors to obtain a reasonable assurance of the integrity of a company’s systems.”

Back to the Future

When asked about year 2 costs, 85% of respondents said they expect nonauditor expenditures to decrease (by an average of 39%), and 68% said they believe the costs of their primary auditor will also decrease (by an average of 25%).

In order to improve the effectiveness and efficiency of the section 404 process, companies reported whether they agreed with the following top recommendations:

  • Allow for a more risk-based audit approach (71% agreed with this recommendation)
  • Reduce the degree of documentation (66% agreed)
  • Provide flexibility for remediating control problems (60% agreed)
  • Increase the judgment allowed in aggregating deficiencies (55% agreed)
  • Permit roll-forward procedures (54% agreed).

About Section 404

SOA section 404 requires each company’s annual report to contain 1) a statement of management’s responsibility for establishing and maintaining an adequate internal-control structure and procedures for financial reporting; and 2) management’s assessment, as of the end of the company’s most recent fiscal year, of the effectiveness of the company’s internal-control structure and procedures for financial reporting. Section 404 also requires the company’s auditor to attest to and report on management’s assessment of the effectiveness of the company’s internal controls and procedures for financial reporting.




















The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.

©2009 The New York State Society of CPAs. Legal Notices