Changing Internal Audit Practices in the New Paradigm: The Sarbanes-Oxley Environment

Product Description
This research report explores how the Sarbanes-Oxley Act of 2002 is impacting internal auditors, public accounting firms, and public companies – all of which play a vital role in shaping the internal audit environment. Sarbanes-Oxley is probably the most significant law affecting public companies and public accounting firms since the passage of the Securities Exchange Act of 1934. It is truly a paradigm shift for those companies and accounting firms that have had to implement major changes in their organizations and how they do business.

This research report will:
- Provide an overview of the Sarbanes-Oxley Act, the research objectives, research methodology, and its impact on the profession.
- Include individual case studies that summarize the impact of the Sarbanes-Oxley act on parties affected, as well as the interactions that occur.
- Illustrate how unprecedented opportunities have arisen for internal auditors to increase their visibility, status, and value in their companies.
- Encourage you to take a proactive role in Sarbanes-Oxley activities, making internal audit a valuable part of the company’s movement toward Sarbanes-Oxley compliance.
- Show how internal auditors changed their image from that of the company police officers to that of company partners.

Order from Amazon TODAY —> Changing Internal Audit Practices in the New Paradigm: The Sarbanes-Oxley Environment

Foreign Corrupt Practices Act

Foreign Corrupt Practices Act
The Foreign Corrupt Practices Act prohibits U.S. companies from bribing foreign government officials to obtain business. Ironically; bribery, intimidation and coercion, prohibited by FCPA, are tools of the trade for politicians. Recent activities associated with the Health Care Bill are examples.

Read more on The Capital

49 Steps to Implement Sarbanes-Oxley Best Practices In Private and Nonprofit Health Care Entities

Product Description
49 Steps to Implement Sarbanes-Oxley Best Practices in Private and Nonprofit Health Care Entities identifies and describes steps you can take to adopt what have become consensus best practice standards.

This book and companion CD – with customizable templates – provides how-to assistance on:
-Ensuring adequate oversight,
-Eliminating potential auditor conflicts,
-Achieving better accountability and accuracy of financial documentation,
-Establishing procedures for complaints,
-And more.

Table of Contents
Overview of Sarbanes-Oxley
Relevance to Private & Nonprofit Entities
Getting Started
#1 Conduct a gap analysis
#2 Gain written agreement on policy development & implementation
Corporate Governance
#3 Establish a committee to oversee implementation
#4 Establish a compliance or governance officer function
#5 Define the compliance officer position
Board of Directors – Structure
#6 Develop job description for Board members
#7 Develop an orientation & education policy
#8 Create a Governance Committee
Board of Directors – Independence
#9 Define independence
#10 Prohibit credit arrangements
Board Audit Committee
#11 Establish & charter an Audit Committee
#12 Develop operating policies & procedures
#13 Consider melding Act oversight with general compliance oversight
#14 Establish composition & meetings
#15 Establish & define relationship between Audit Committee & management
#16 Mandate & define that a member of the Audit Committee is a financial expert
#17 Establish the oversight and qualifications process
#18 Define how to provide oversight
#19 Require preapproval of all audit firm services
Auditor Independence
#20 Prohibit firm performing audit services from non-audit services
#21 Prohibit auditor from providing audit services for more than 5 consecutive fiscal years
#22 Require auditors to report several items
Conflicts of Interest
#23 Prohibit any coercion, manipulation, or misleading of auditor
#24 Establish conflicts-of-interest policy
#25 Ensure no additional compensation related to the engagement
#26 Prohibit a financial audit organization from performing audit services if key officers participated in the audit during the prior year
Code of Business Ethics & Conduct
#27 Establish an approval policy for workplace conduct guidelines
#28 Develop a Code of Business Ethics
#29 Include a commitment to compliance
#30 Establish a training program
Ethical Conduct: Reporting & Investigations
#31 Establish a Hotline
#32 Create an affirmative duty to report potential violations
#33 Permit employees & agents to seek guidance
#34 Prohibit retaliation
#35 Develop & implement written guidelines for whistleblower investigations
#36 Establish a records management, retention & destruction policy
Financial Reporting & Disclosures
#37 Mandate certifications for annual reports
#38 Develop financial report certification forms
#39 Establish a disclosure committee
#40 Define disclosure policy
#41 Develop a financial records management program
#42 Ensure accurate retention of records
#43 Establish an internal control testing process
#44 Establish a process for annual internal control reports
#45 Define affirmative duties for reporting potential violations
Auditing & Monitoring
#46 Establish a risk assessment process & work plan
#47 Establish an ongoing auditing & monitoring program
#48 Develop a fraud & abuse policy
#49 Establish an audit follow-up & resolution process
Appendices

Includes 50 templates.

Order from Amazon TODAY —> 49 Steps to Implement Sarbanes-Oxley Best Practices In Private and Nonprofit Health Care Entities

Justice and SEC Clamping Down on Corrupt Practices: Beware of the Conduct of Strategic Partners

Today’s state of affairs for private equity sponsors in the arenas of public relations and politics is challenging at best, and a private equity sponsor who is exposing itself to corruption or corrupt partners are inviting criticism and worse. Private equity firms should be aware of actions the U.S. Department of Justice (”DOJ”) and the U.S. Securities and Exchange Commission (”SEC”) have taken recently under the 1977 U.S. Foreign Corrupt Practices Act (”FCPA”). They should also consider their potential of becoming a target of this Act early in any dealings. Of special note is the settlement in General Electric’s recent purchase of the oil and gas services company Vetco International. Alberto Gonzales, U.S. Attorney General, made obvious that enforcement of FCPA is a top priority and will remain so.

FCPA risk assessment is challenging in M&A deals due to the extensive FCPA reach. Identification and of FCPA-related exposures and evaluation of the risk should be an requirement of any due diligence in a multinational M&A deal–there will be severe consequences of exposures that arise from receiving or selling assets that will cause a benefit from corrupt practices, and a private equity sponsor should make evaluation of this risk paramount.

Statute History

In the 1970s, many U.S. companies (which included many Fortune 500 companies), disclosed the practice of making large and substantial “questionable payments” to foreign officials. These officials included politicians, parties, and more. Amendments to the U.S. securities laws that prohibited bribing non-U.S. officials, required U.S. issuer’s records show accurate details of of the company’s asset disposition, and required accounting methods with controls built in to thwart bribery and other corrupt practices was enacted by the U.S. Congress.

FCPA Anti-Bribery Provisions

To offer payment or benefits to a non-U.S. government official in exchange for business advantages or other favors is a crime under the FCPA. The standard is “knowing,” and avoiding information that would alert a responsible person to think that there is bribery indicates liability. This applies to the activity of employees and subsidiaries, as well as brokers, agents, distributors, partners, and intermediaries like travel agents and law firms.

A person covered under FCPA who avoids the knowledge that an intermediary such as a distributor ahs paid or will pay a bribe to a non-U.S. official is subject to the same kind of prosecution as a company that avoids knowledge of employees who make those payments and promises.

A foreign official, according to the statute, is anyone who is employed by a non-U.S. government entity full time or part time. This includes employees of corporations owned by a state, civil servants, municipal governments, provincial governments, and educational entities owned by a government. The term also includes any candidates for public office, employees of some international organizations (including the EU, UN, and OAS), political parties and their officials, African development banks, Asian development banks, the International Committee of the Red Cross, and the WHO.

Any benefit conferred may be viewed as a trigger for the statute’s provisions by U.S. regulators, according the FCPA. Payments to relatives are included in these triggers, including travel benefits for an official’s family members, contributions to officials’ charities, etc.

The requirements and provisions for the statute apply to anyone who ussues a registered security, including ADRs on a stock exchange. They also apply to corporations that reside in the U.S. or have a principal office and place of business in the U.S., a U.S. citizen or resident including holders of green cards serving anyplace in the world, and any others performing acts that will touch U.S. concerns. Almost anything that is concerned with the U.S. can set off jurisdiction by the U.S.

Provisions for Internal Controls

FCPA’s record keeping provisions and accounting guidelines were written to deal with the SEC-registered corporations’ ways of disguising and hiding payments and bribes, such as listing those bribes as consulting expenses or travel costs of non-U.S. officials.

There are two regulations the FCPA rules impose on books and record keeping.

1. Any company with registered U.S. securities must make and maintain records, books, and accounts that accurately and reasonably reflect the details of all transactions and disposition of the property and assets of the company.

2. The company must also create and maintain internal accounting systems that have sufficient controls to assure officials that all transactions are within the authorization of management, and that recording is done within “generally accepted accounting principles.” Although there are no penalties for violations that are technical, inadvertent, or insignificant, willful concealment of any form of misconduct by altering the books and records is a violation of FCPA.

An interesting feature of these provisions is that in the case of a civil liability, the parent company does not need to have any knowledge or suspicion specifically that the books or records contain misleading information. The appearance of the innocence of the bribery alone is enough to bring FCPA regulations to bear even if the parent company has no knowledge of the actions. The parent company is also liable for any failures of its subsidiaries for internal control.

The FCPA does not have a threshold of “materiality” for record keeping, books, and internal controls. Even though the records and books only need to be “reasonable,” Section 404 of the Sarbanes-Oxley Act doesn’t apply so the resulting inaccuracies from less diligent control can bring the regulations to bear, especially if there is bribery involved.

FCPA Enforcement

Many U.S. and foreign companies are becoming aware of the results of not complying with the FCPA. These are serious and have a huge impact on these companies, thereby raising the alert systems of businesses that may be affected by FCPA actions. The DOJ imposes fines and orders of disgoregement that sometimes exceed tens of millions of U.S. dollars, and can also include fines for criminal activity. Recently the Titan Corporation paid more than $28 million as a punishment for corrupt payments that surfaced during its merger with Lockheed. Three of Vetco’s subsidiaries plead guilty to and a fourth entered a deferred prosecution agreement; the fines were $26 million and was the largest in the history of the FCPA.

The investing public will view criminal convictions of a U.S. registered corporation negatively, and there could be a host of side effects of the convictions as well, such as loss of U.S. government contract eligibility, benefit programs, and licenses. They may also suffer increased liability for taxes and face other lawsuits related to the conviction, such as those arising from provisions of the Racketeer-Influenced and Corrupt Organizations Act. There may also be proceedings to void any agreements procured during the period of the corrupt activities.

Companies that are suppliers for the U.S. government or are regulated by or closely related to it (such as defense, pharmaceuticals, financial services, etc.) will feel huge ripples of a criminal FCPA conviction. It could affect their participation in U.S. funded medical insurance programs (Medicare, Medicaid, etc.), and could lose the opportunity to bid on defense contracts and other government contracts. Financial firms can also lose the opportunity to serve as pension fund advisors or broker-dealers, and may be required to forfeit licenses to sell insurance in this country.

Consequences limited to U.S. soil may be only the tip of the iceberg as well. Businesses in the countries that signed the OECD anti-bribery convention may find they are subject to criminal proceedings as well as civil proceedings in the U.S. as well as their own country of origin, not to mention the other jurisdictions where they may be guilty of corrupt acts. PE buyers will also find that the impact of these proceedings will affect management teams, and individuals involved in the acts or conspiracies can suffer many years of imprisonment and fines on both the civil and criminal levels. There may also be numerous collateral results that will affect the business negatively for many years.

M&A Deals and Risk Allocation Considerations

The wide scope and breadth of FCPA when coupled with lack of testing judicially, has created quite a few unusual challenges for sellers and buyers who could end up exposed to corrupt practices of their own or another’s business. For one, these sellers and buyers must identify potential risks and exposures, and evaluate those risks–however, this may be difficult to do for many reasons. Sellers and buyers have to negotiate these risks like they would any other business liability, and where there is a stock and merger agreement in progress these risks will determine much of the shape the distribution of risk will take.

However, even where the buyer can negotiate a good position with regard to FCPA exposure, there is still the collateral legal and financial risk associated with being part of any recorded business deal where fault may lie with a seller. Even if all the risk of FCPA liability is assumed by a seller, U.S. regulators may still charge both the seller and buyer of the corrupt business practice, especially if the buyer has a history of FCPA violations. Once a scheme for bribery or corrupt business is exposed, all benefits and commercial goods may be lost or at least significantly deteriorate. Truly, the best protection for a buyer may simply be to pay a lower price for the business.

Due Diligence and FCPA Regulations

PE, as other buyers, are interested in identifying and eliminating FCPA problems and other anti-corruption issues before the finalization of any purchase price or financial terms. The parties must create a due diligence plan and review it carefully to determine potential risks, as with any other potentially problematic deal.

Here are some things an effective FCPA plan for due diligences must account for:

1. The definitions of non-U.S. officials and benefits covered.

2. How FCPA applies to these officials and agents.

3. How the FCPA affecst acquisitions and mergers.

4. The liability and want of standards applicable to a parent company’s violation of bookkeeping and records requirements.

5. The increased exposure of the Internet and the resulting limits of protection by anti-bribery provisions.

Steps a PE sponsor should take as part of any due diligence program include:

1. Assessing the risk of FPCA violations in countries where the target business or subsidiaries reside or operate.

2. Analyzing the particular industry for possible disproportionate violations of FCPA regulations, such as defense contractors, natural resources, or pharmaceuticals.

3. Evaluating the risk of any people who are associated with the target company, such as unethical managers.

4. Carefully reviewing the internal audit reports and other investinations conducted, including by security, legal departments, and any other documents by other legal counsel of the target.

5. Identifying all senior officials elected in the country of the target company, and comparing those names with a list of people the company has paid money to.

6. Interviewing all managers and employees of the seller or target company that may have had any contact with influential officials.

7. Reviewing all reports, records, and analyses of audits prepared eternally, such as by accounting firms.

8. Hiring an investigation firm to review all risks and ways that the target company may have paid bribes.

Although these steps are designed to reveal any potential FCPA-related risks, the most important thing a buyer can do is inspect the target’s own FCPA compliance program. Even though a thorough and tough-minded program of compliance is the best way to fend off liability, they can reduce significantly the risk of financial liability arising from the activities of individuals within a normally-compliant company that may be paying corrupt monies to officials in other countries. In other words, the most effective and important thing for a buyer in assessing the target company is to review how seriously the target took its own FCPA-related risks and exposures before the M&A transaction talks by inspecting the target’s FCPA compliance program.

Accounts Payable Invoice Processing Best Practices

Accounts Payable (AP) departments are under increased pressure to strengthen controls, drive out costs, and increase efficiencies of manual and time-consuming processes. This can be difficult to accomplish when considering the distributed nature of AP processes. For instance, invoice approval typically takes place on several levels and generates large volumes of documentation that are hard to manage effectively. In addition, departments face increased pressure from compliance issues such as the Sarbanes-Oxley Act to better manage paper-based processes.

As these issues continue to progress, the case for accounts payable automation becomes stronger. By automating paper-intensive processing, AP departments are able to optimize the invoice approval and payment process. One of the innovative ways organizations are achieving this automation is by utilizing imaging and workflow solutions.

With a typical imaging and workflow solution, AP staffs are able to view invoices images as part of an automatic routing system. Everything from the receipt of an invoice and approval to vendor payment is documented in the system. The process begins when a vendor invoice is received. The paper-based invoices and related documentation are converted into images which can then be accessed by authorized users. The invoices are automatically routed using defined notifications and conditions to support the business process. This automated, step-by-step processing of AP invoices is the most effective way to keep the flow of documents steadily moving.

By eliminating the physical movement of paper-based documents, the time spent trying to find files is dramatically reduced, leading to increased employee productivity. The system enables customized internal controls to be created for each business process, resulting in immediate access to documents, faster approval time and reduced cycle time.

There are numerous benefits associated with the use of imaging and workflow in terms of helping AP departments increase efficiencies. The workflow management solution offers a significant reduction of costs, stronger internal controls, and the overall streamlining of the AP invoice review and approval process. In addition, the automated internal controls and instant access to documents eliminates the chance of misplacing or losing paper, duplicating or overpaying invoices, or making late payments.

Another important benefit of a comprehensive workflow management solution is that it allows numerous members of a company to securely collaborate in real time. Since the documents are stored in a centralized repository, other personnel can be given instant access as well, cutting copying, shipping, and faxing costs. The improved electronic audit trails can also be extremely valuable, especially during audit reviews.

AP invoice processing can actually be transformed into a “zero touch” environment with the right imaging and workflow automation solution. This means that AP is able to enter the paperless world everyone dreams about – no one in the department has to touch paper.

In order to create a “zero touch” process, vendors are directed by the AP department to remit all invoices to a central Post Office Box location, which is received by the service provider. The provider’s staff then prep, scan and index all invoices each day, capturing important data elements such as point of contact, vendor name, invoice number and more.

As soon as the invoice enters the system, the internal controls set up by the AP department go into action. An automated e-mail notification is sent to each approver informing the person that an invoice is awaiting review. The point of contact then has several options such as approving the invoice, routing it to another approver, declining, or pending invoices for later approval.

Once an invoice is approved, it is routed to a higher approval level or to accounts payable for a final review. Invoice data is then transferred through EDI into the organization’s accounting system and payments are scheduled.

An imaging and workflow solution provided in a Software-as-a-Service model can be configured to provide notification of duplicate invoices, route invoices above a certain amount to particular staff, create and maintain approval timers, and perform workload balancing. Invoice coding is tracked in Web-based workflow forms and cross-checked and validated against accounting system tables.

There’s no software to install, no hardware to manage, and no infrastructure for IT to support with a Software-as-a-Service solution. Overall, the Software-as-a-Service solution allows AP professionals to maintain tighter controls over the entire payable process and reduce costs. Productivity also increases with the workflow automation process, enabling AP departments to handle growing invoice volumes without adding people or reassigning resources.

Next Page »