SOX COMPLAINCE JOURNEY YEAR ONE In October 2003, KPMG partner Jarrod Bassman and Don Collum, VP and Chief Audit Executive at Trinity Industries, began its SOX compliance journey. Collum was aware of the challenge Trinity faced but was ready to tackle the project. FIRST YEAR OF COMPLAINCE – SUCCESS During the time SOX was making its way through congress, Trinity was already making significant changes to its financial reporting process. It reengineered the financial reporting and standardized on one financial system. What this meant was 22 -one per BU- financial processes were replaced with one centralized process. Replacing 4 general ledger packages with Oracle Financials. Trinity also developed Accounting Service Center (ASC), which provided …show more content…
Without such controls it would be difficult for most business organizations like Trinity Industries with numerous locations, operations, and processes to prepare timely and accurate financial reports. Since no control system can guarantee that financial statements will not contain material errors or misstatements, an effective internal control system can reduce the risk of misstatements. Internal Controls should therefore be designed and implemented with the risk of fraud in mind and tailored to the circumstances of the company. In the case of Trinity part of the SOX project was to identify key process, by interviewing organizational members to understand how the processes and controls worked within the company, and who was responsible. With guidance from PCAOB AS No.5 they identified the gaps of controls and took steps to close them. Examples, of controls are, segregation of duties, assigning parts of the process to different people; preventative controls, separating approvals and payments; detective controls, performing reconciliations – improvement was needed for timely financial reconciliations, corrective controls, around inventory adjustments made to system after physical stock count. Not following procedures when performing reconciliations. While gaps in controls were found the project, team took …show more content…
The requirements of SOX from inception consist of 11 sections, SOX legislated, among others enhanced financial reporting, officer’s individual responsibilities for the accuracy of corporate financial reports, the oversight body, PCAOB, to regulate public accounting companies in their capacity as external auditors. Public companies were given until December 2004 to
Trinity Industries passed their SOX compliance in 2004 by applying the bottom-up approach in identifying the gaps and the lack documentation controls. Bottom-up approach looks at individual base elements of a system first and then those elements are linked together to form a larger subsystems. Trinity used this method to figure out where the material weakness for SOX compliance were and to organize a system to fix the problems. This process involved Trinity going into the BUs work environment, collecting information form the employees, observing the flow process, collecting data on the system gaps and documentation, correcting the weakness, and educating the employees in the correct process. Some of the weakness in this approach were, over
The specific obligations in this case would include monitor corporate governance activities and compliance with organization policies, and assess audit committee effectiveness and compliance with regulations
In order to develop a successful organizational and control system for CP, we, MIC, had to
The SOX act section 404 requires that the auditor assess the company’s management of internal controls and report on it. The act requires that a company include a copy of the internal controls in the year end annual report. All financial statements must be certified by a company’s management. (Coustan, 2004)
In conclusion, internal controls include separation of duties, assignment of responsibilities, third-party verification and the use of mechanical and physical controls. In and of themselves, these tactics stop and prevent much abuse of the bookkeeping and accounting systems. The addition of Sarbanes-Oxley requirements in 2002 require that a company enact internal controls and assign responsibility of the control system to executives and directors, further providing insurance that financial reporting is accurate. Without this insurance that reports are accurate, company stock will fall and investors will be lost. Even with intrinsic limitations, the positive aspects of good internal controls far outweigh the negative implications. Good internal controls equal accurate financial records and future company success.
The report on internal controls, according to ExxonMobil’s CEO, Treasurer and Controller, states they are solely “responsible for establishing and maintaining adequate internal control over (ExxonMobil’s) financial reporting.” They evaluated the effectiveness of internal controls over financial reporting based on COSO’s framework and concluded that controls were effective (MD&A, F-22). The report in internal controls acknowledged us—ExxonMobil’s independent public accounting firm PricewaterhouseCoopers LLP (PwC)—stating that the Corporation maintained effective internal control over financial reporting for 2009 and 2010 as it is the responsibility of management to maintain and assess its effectiveness. We, PwC, are responsible only to express an opinion on internal controls, which we opined in 2009 as unqualified (MD&A, F-22).
Sarbanes-Oxley (SOX) was enacted in 2002 as an anti-fraud measure in the wake of large accounting scandals such as Enron and WorldCom. Until recently, the Securities and Exchange Commission (SEC) applied the same SOX auditing practices to all companies, regardless of their size, infrastructure, level of risk, or available resources. As long as it was publicly traded, whether the market cap was less than $75 million or more than $100 billion, the same auditing rules and standards applied for all companies.
PROBLEM : What effective management control system or systems should the Company adopt to attain maximum profitability not only of its divisions’ respective operations but that of the Company as a whole?
What makes the Sarbanes-Oxley Act effective is that it is “Administered by the U.S. Securities and Exchange Commission (SEC), SOX sets deadlines for compliance and publishes rules on requirements, covering a wide range of rules. The consequences for failing to comply with certain provisions range from fines to imprisonment” (Cunningham). The SOX also creates, “accountability of company executives and members of the board of directors” (Jahmani). The act essentially created several provisions to regulate and protect shareholders along with the general public from accounting errors and fraudulent practices in the enterprise. The accounting industry, financial reporting, and the auditing of public companies in particular must follow these provisions.
The Consumer and Industrial Products, Inc a company where their headquarters is based in the United States , also doing business internationally with facilities in Europe, Asia and South America. They are a manufacturing company what produced well known products to individuals and industries. This company is experiencing a great deal of trouble with their internal Payable Audit System (PAS) and how it would purchase goods; receive goods and pays for them. They are challenged with the redundancy and the lack of productivity to their system. They were finding ways to lower costs and eliminating steps in how these processes are getting accomplished. They decided that they needed to change their system and the way they did things at their business. There are some people, their roles and departments that will be closely involved with the process of this project. Some of these important roles will come from Ted Anderson director of disbursements, Peter Shaw the user project manager and Linda Watkins project director for the Payable Audit System (PAS). In addition, the Steering Group and the IS management department will have some important roles to the project too. Finally, there will be several major problems with the development of the project and how the one person would deal with these issues.
GM uses this system by containment, disposition, separation, and classification. Such a system guarantees that any outcome that does not comply with specified requirements is restricted from unintended use, restrained, and dispositioned by the administrators. Accompanied by this quality control is the verifying position where first-time quality and process capacity is advanced (Drew, 2011). Every team member is informed about any modifications in the production process and who and when to summon for assistance in the event of any quandary. Every team is also included in the problem solving to reach any improvement in goals.
In order for Trinity to improve internal control compliance, Trinity must prepare for potential risks. Companies will also need to evaluate the impact these differences may have on their accounting policies, as well as the underlying information technology systems that support the company’s financial reporting structure, (Arnold, 2009). Trinity must undergo changes to internal control in order to meet IFRS changes. ERP and consolidation systems will need to be assessed to determine if they can handle the requirements of dual ledgers and reporting, (Arnold, 2009). First, Trinity must establish an internal control team that can identify the differences between GAAP and IFRS.
The PCAOB has the authorization to provide rules governing the following areas; ethics, independence, and quality control for any registered accounting firm...
Overall, the company is having ineffective controls regarding different departments and in the whole organization. An effective internal audit department should be established within the organization which should test the effectiveness of these controls on regular basis and make it sure that all controls are working effectively and efficiently with the different departments of the organization. Also the Internal auditor should implement the most effective processes and measures to prevent and detect the fraud, corruption and non compliance with the laws and regulations in the organization. Establishment of internal audit committee would be helpful in this regard which comprises of executive and non executive directors.
The purpose of this report is showing how to apply the control process in the