We won’t lie, helping an accounting team make the leap from a non-SOX environment to a SOX-compliant one gives us a lot of satisfaction. It’s one of those journeys that many on the FloQast team have made, so we appreciate the time and effort it requires. If you’re reading this you might be familiar with the process or you may be facing it in the very near future. Either way, we’re here to help companies navigate the process, to call out pitfalls and get them through it with as little pain as possible.
The History of Sarbanes-Oxley
Before we get to good stuff, it’s worth looking at the history of SOX. Yeah, we hear you groaning, but some of us are history buffs and we’ll wager a few of you could use a refresher anyway.
The Sarbanes-Oxley Act was signed into law on July 30, 2002 in the wake of many corporate accounting scandals, most notably Enron, the most infamous of scary accounting bedtime stories.
SOX brought the accounting profession into a new era of regulation. Prior to it becoming law, the accounting profession was largely self-regulated. SOX created the Public Company Auditor Oversight Board (“PCAOB”) to oversee public company auditors and it also required new independence standards for auditors to help prevent conflicts of interest.
For in-house accounting teams, the assessment of internal controls on financial reporting (“ICFR”) was the biggest challenge. Most people refer to these rules as “Section 404” or simply “404.” It required companies to determine how well their control environments were designed and how well the controls worked across a variety of areas including IT, company-level (e.g. management review), fraud and more.
Large companies that have always tasked with following SOX have found efficiencies through automation and other methods to reduce to the cost of compliance. For smaller companies, however, the cost to establish and maintain an adequate control environment has always been a concern. In 2013, the Jumpstart Our Business Startups (“JOBS”) Act relaxed some of the rules with regards to how quickly new public companies must comply with the 404 rules. But the fact remains, any company who wishes to access capital from the public, must comply with SOX and for growing companies, it can be a bumpy ride.
SOX challenges growing companies and their accounting teams
The biggest challenge facing companies transitioning to a SOX environment is the documentation of processes across the company and the subsequent review of those processes. The rules require things like “a proper segregation of duties” and “competent staff” to carry those duties out. Oh, and did we mention it all has to be documented? As many of you have probably heard, “If it isn’t documented, you didn’t do it.”
Smaller companies are accustomed to GSD, however they can. That means people wearing lots of different hats, sharing responsibilities and documentation consists of nothing more than a long list of scribbled items with about two of them crossed off. In other words, adjustments are often needed. And if an auditor comes around to look things over, she’s not too worried because either the owners of the business are involved or the risks of anything untoward going on are low.
As companies grow however, improvements are implemented here and there to make the process smoother and more rigorous. For example, if a change occurs in a significant balance like accrued expenses, does all of the necessary communication take place and is it reviewed by someone? This means preparing for the possibility that the controls, their documentation and their review won’t be nice to have, they’ll be must haves.
FloQast helps prepare for the switch to SOX
There’s a lot to consider when getting ready for complying with SOX. That’s why we built FloQast the way we did to address many of the aspects within the platform. For example, documentation of each process can be outlined right in the platform so not only can teams look at whenever necessary, but it’s also available to auditors for review.
FloQast also makes it easy to delegate and document which team members are responsible for which tasks. It also features an ability to document policies for each account in the closing checklist. For example, if the company’s policy is to capitalize each fixed asset purchase over $1,000, this can be seen in the platform and prevents confusion between team members.
One of the most beneficial features of FloQast is that it serves as a workflow tool to guide teams through the completeness and accuracy of the balance sheet. This gives teams confidence that their processes are adequate and functioning as they should.
Finally, when it comes to review, your team’s leaders can document their progress right in FloQast along with any questions or follow-up action items. This keeps everything centralized and easy to find, as well as the history for each step taken.
FloQast will knock your SOX off
Tackling SOX is a tall order, but partnering with FloQast can make the adjustment easier and get you ready for the ongoing requirements. If SOX compliance is in your company’s future, we’d love to hear from you about your unique challenges and how we can help.