The acquittal of HealthSouth founder Richard Scrushy Tuesday represents a high-profile failure for the Sarbanes-Oxley Act, the comprehensive set of rules established by Congress three years ago in response to a wave of corporate scandals.
Even before the verdict was announced in Birmingham, Ala., the law was getting mixed reviews from companies, lawyers and shareholders. While most agree Sarbanes-Oxley has helped restore investor confidence in corporate accounting, companies have complained that the benefits of the new regulations are not worth the cost of complying with them.
And now a key provision — holding top executives personally accountable — has failed to pass its first major test.
After more than a month of deliberations, a federal jury found Scrushy not guilty on all 36 counts the government brought against him. Scrushy — the first chief executive accused of violating the Sarbanes-Oxley law — was accused of orchestrating a $2.7 billion earnings overstatement at the rehabilitation and medical services chain over seven years beginning in 1996. He also was accused of conspiracy, fraud, false reporting and money laundering.
The “certification” provision of Sarbanes-Oxley — requiring corporate CEOs to sign off personally on accounting statements — was supposed to make it tougher for top executives to claim they didn’t know that underlings were cooking the books by requiring CEOs of more than 12,000 public companies to personally verify financial statements.
“The prosecutor can wave that personal certification in front the jury to show that the defense claim — that their head was stuck in the sand — doesn’t hold water,” said Michael Zuppone, former head of Northeast regional office of the Securities and Exchange Commission.
But that’s exactly what Scrushy claimed: that he was duped by a succession of financial managers who cooked the books without his knowledge. The failure of the jury to convict him under Sarbanes-Oxley means that “the utility of the criminal certification statute will be very much undermined,” said Zuppone.
To be sure, the certification process is still a potent weapon for prosecutors. And the complexities of accounting fraud cases will always be difficult to try in front of juries, say securities lawyers. They also note that chief executives Bernie Ebbers of WorldCom and Dennis Kozlowski of Tyco were convicted for their corporate misdeeds without the benefit of the Sarbanes-Oxley law.
Cost of compliance
CEO certification was just a piece of the new law, which also requires companies to review their bookkeeping procedures to ensure they are tough enough to prevent fraud or catch it when it happens. That part of the law has apparently produced results.
When all of their reviews are completed, more than 14 percent of large public companies will have found their accounting procedures are not strong enough to catch problems, according to a review of SEC filings by the research firm AuditAnalytics.com.
The biggest problems identified by these reviews are in tax accounting and the way revenues are booked, according to AuditAnalytics.com.
Despite the problems uncovered, critics say the anti-fraud pendulum has swung too far, creating regulations that are too burdensome. Corporate executives are spending too much time worrying about accounting and not enough time running their businesses, according to Jacob Frankel, a former prosecutor and SEC lawyer who now advises companies working to comply with the law.
“I think there's a significant brain drain,” he said. “You have people that don't want to become officers and directors of a public company. You have attorneys advising young startup companies, saying don't go public. And I think there needs to be some new equilibrium created.”
Most corporate executives agree. Some 94 percent of companies working to comply with the new rules say the benefits just are not worth the added cost, according to a recent survey by Financial Executives International.
There is no question the law has added to companies' costs — everything from filling out new forms and hiring outside auditors to buying new computer systems. Estimates vary on just how expensive the regulations have become. The cost of reviewing internal controls averaged $4.36 million per company, including a 66 percent increase in spending on consulting, software and other vendors and a 58 percent increase in the fees charged by external auditors, according to the FEI survey.
And the “paperwork” involved in complying with new tighter controls involves more than just paper. One consulting firm recently estimated that businesses will spend more than $4.4 billion on e-mail archiving alone by 2009 — up from $465 million this year.
Public companies are also required to kick in fees to underwrite the operations of the Public Company Accounting Oversight Board, an agency set up by Sarbanes-Oxley to oversee the audit process. The independence provided by that funding mechanism could make the PCOAB one of the most potent pieces of the new law, according to Broc Romanek, a former SEC attorney who is now editor of TheCorporateCounsel.net.
“They’re not at the mercy of the Congress,” he said. “They’ll do all the investigations and wrap them up and turn them over to the SEC.”
With nine regional offices, the PCOAB’s budget is $137 million this year — up 33 percent from a year ago. It employs 326 people, up 75 percent from a year ago, with a planned headcount of 452 by the end of 2005, according to Romanek.
Not far enough?
Eventually, of course, the added cost of the new rules will come out of a company’s profits — which could hurt shareholders in the long run. But professional money managers argue that the added cost of the new rules is money well spent if it prevents much bigger investor losses due to corporate fraud.
“It rings hollow when people say, ‘Well look, you're making us spend all this money for all these internal compliance audit features,’ that I, as an investor, already thought you had,” North Carolina State Treasurer Richard Moore told CNBC recently. “So when in doubt, I come down on the side that Sarbanes-Oxley was a good piece of legislation.”
And some think the law hasn’t gone far enough — especially in the area of executive compensation, including lavish pay packages for corporate leaders who are booted from failing companies.
“That’s an area that Sarbanes-Oxley did not touch on at all — that is wildly broken and that goes to the heart of corporate governance issues,” said Romanek.
As corporate America works to comply with the new accounting rules, a new chapter in enforcement of anti-fraud regulations begins with the nomination this month of California Rep. Christopher Cox to replace William Donaldson as SEC chairman. Securities lawyers say that, if confirmed, Cox may well have a more sympathetic ear to complaints that the accounting regulations have gone too far.
But now that companies have completed audit reviews and identified weakness, the law may already have had the desired effect.
“It’s really the first time folks have had to deal with (audit reviews) in terms of actual compliance this past year,” said Zuppone.