Public Policy Analysis - Sarbane Oxley - Essay Example

? Public Policy Analysis - SARBANE OXLEY Introduction The Sarbanes-Oxley Act was a legislation that was brought into force on July 30, 2002. It was legitimately named Public Company Accounting Reform and Investor Protection Act of 2002. This law that was very vital in streamlining the environment for doing business. This is to underline that all foreign and domestic companies that have registered debt or equity securities under the Securities Exchange Act of 1934 are bounded by the Sarbanes-Oxley Act. The law achieved its name from its main architects Senator Paul Sarbanes (D-MD) together with the brains of Representative Michael G. Oxley. Over the years, the act has managed to establish a myriad of deadlines for its compliance. This act was adopted mainly to uplift the standards in corporate governance, analysis of securities and performance of audit work. According to Cohen, Dey & Lys (2007), before the introduction of this policy there were numerous Securities and Exchange Commission violations, gross lack of corporate quality control and ethical behavior in companies resulting in many corporate scandals and filing of criminal actions against corporations, shareholders, company directors, and finally company officers. The Sarbanes-Oxley Act came into effect in the wake of some of the nations enormous financial scandals. The Act is believed to initiate most of the dramatic changes to the federal laws since 1930s. It further prescribes punishment for violators of the Act ranging from prison sentences to multimillion-dollar penalties. The main idea that the editors of this act had in mind was to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws. Over the years, the government of the United States of America has adopted this policy and many security policies have been drafted in reference to this act. SOX applies to all public companies in the United States not excluding international companies that have registered equity or debt securities with the Securities and Exchange Commission and the accounting firms that provide auditing services to them. According to Bartlett and Richard the Sarbanes-Oxley Act has created new standards for corporate accountability and also new penalties for acts of incompliance. It has changed how corporate boards, executives and corporate auditors interact with each other. In addition, it also removes the common excuse of claiming that one was not aware of a mistake when he or she made it on matters pertaining to finances. This mainly involves the CEOs and CFOs, as it holds them accountable for the accuracy and errors of financial statements (DMPL). The Act specifies new financial reporting responsibilities and these include adhering to new internal controls and procedures formulated to ensure that financial records are valid. The Act makes it a federal crime to for a company to force or manipulate an auditor into signing off incorrect financial statements thus preventing company directors and officers from obtaining personal benefits from dubious financial statements. Moreover, the Act stipulates that the board of directors in almost all public companies should have an audit committee. The committee is tasked to appoint, regulate, inspect and exercise control over the company’s auditing firm. As result the auditors are to directly report to the audit committee. Rationale for public policy-Market failure This highlights how the concept of market failure applies to ethical corporate governance to give an insight in corporate ethics’ authenticity in the modern corporation and the probability of the Sarbanes-Oxley achieving its desired results. When large companies like Enron, WorldCom and Tyco just to name a few were struck with enormous cases of corporate fraud, the necessity to find for an amicable solution was very vital. This is because millions of dollars were embezzled by the CEOs and CFOs through customized balance sheets. Companies incurred considerable loss of profits prompting the government to intervene. It prescribed the use of Sarbanes-Oxley Act to stem this corporate vice. This was top prevent such cases to be replicated in other companies. Therefore the application of Sarbanes-Oxley was relevant in this situation. According to Jasso (2008), a market is a capitalistic economy which puts forward ownership of factors of production which include land, labor, capital, resources, knowledge and entrepreneurship. The ownership is absolutely personal and the capitalist is pushed to maintain particular freedoms linked to his independence and wealth maximization. In contrast the social system diminishes and later removes personal ownership and surrenders them to the government. The self-interest theory is the backbone of Modern Corporation personifying the American culture. Though it leads to great achievements and wealth accumulation, it results to fraudulent and greed infested corporation society’s greatest misfortunes in an unchecked market. Therefore, market failure is pursuing of private interests that does not aim at effective utilization of society’s resources. Profit maximization is the major causality when managers of a company through greed brings the corporation down along with the numerous stakeholders who depend on the remedy the firm is meant to offer implementation SOX is paramount. It was designed to cushion investors, shareholders as well as the general public against corporate abuse and fraud. In order to accomplish that task, because SOX has its regulation regarding obligations on public companies and certain key executives and holds them accountable if they fail to adhere (Sun, 2010). Investors fix their eyes on the price losing sight of the bigger picture contemplated by compliance. In general particularly the Sarbanes-Oxley, the regulators, being aware of the economic burdens of compliance, and protecting investors while nurturing public entities (Thomas & Hill, 2012).The consequences of market failure is that employees loose their jobs, top executives being paid undocumented bonuses, cases of fraud in courts just to name a few. It is evident that a prosperous economy relies on another. The maximization of profit is an attribute of commerce that is highly criticized but in actual sense it is a very vital an attribute that should not be taken for granted. Profit maximization is a key principle of a firm not and should not be considered immoral due to the fact that profitability is a measurement of sustainability and growth potential. This is because growth expands demand. It also requires more factors of productions such as labor and often brings wealth opportunities to developing communities. In addition profit maximization a pillar of discussion on Sarbanes-Oxley, agreed that owners and managing elite brings the corporation tumbling down along with the many stakeholders who rely on the solutions the firm is meant to offer. These interrelated characteristics of business and society are also the leading criticisms of the business (Morgan, 2005). Manager can utilize Section 404 of SOX stipulates that gives the management avenues for to exercise efficiency in their operations to achieve success at lowest possible cost including external auditors fees. This is attained by limiting the number of key controls that are to be tested, utilizing top down approach to establish direct entity-levels controls, maximizing dependence by the external auditor on management, executing control without hitches through remediation and retesting, documenting the process and controls comprehensively and also be updated. Finally, is completing a substantial portion of management’s task incorporating all key control by mid-year. SOX requires the SEC to establish rules that oblige a public company’s annual report to include an internal control report which shall stipulate the responsibility of management for forming and maintaining an adequate internal control structure and procedure for financial reporting. Moreover, Section 404 also requires the auditors who sort out the issuer’s annual report to prove and report on the management’s assessment of these internal controls (Owens, 2009). Efficacy of SOX According to Rolf (2005) Criticism of the Sarbanes-Oxley Act will result in minimal change in corporate behavior. Before Sarbanes-Oxley, the public trusted the auditors for the publicly traded companies to accurately complete audits that could be relied upon in making investment decisions. Company managers had little accountability when accounting and auditing problems often surfaced. The accounting and auditing industry was watching itself through peer review. This is to say before Sarbanes-Oxley, no one paid much attention to the industry that was auditing; approving accounting methods and providing the financial information that had become a substantial factor in credit ratings and investment decisions. Such reliance continued even although in the long run, mergers and consolidations led to the death of major accounting firms that were determining the procedures for reporting company profits and losses. As with the 1929 stock market crash and fraudulent securities trading practices that abounded, it was just a matter of time before things went wrong. While the primary intention of the Sarbanes-Oxley Act (SOX) is to raise the overall standards for corporate governance, financial reporting and auditing in particular, a broad interpretation by the SEC of affected business practices can include much of the enterprise’s operational processes under the scope of SOX legislation (Rolf, 2005). As a result, SOX regulations likely reaches beyond financial processes to include planning of resources, transaction of businesses and their relevant data extracted from the supply chain, and customer transaction processes. Since much of this information is dependent on systems of IT, improved IT controls will be a necessity for compliance with Section 404 to meet the prescribed standards for information integrity (Owens, 2009). Many of the Sarbanes-Oxley requirements directly affect the accounting and auditing industry. SOX establish an accounting and auditing standards through oversight of the Public Company Accounting Oversight Board (PCAOB). The SEC and PCAOB standards require that the management to carry out a formal assessment of its controls over financial reporting, management to include in its yearly reports on form 10-K an assessment of ICFR. Finally the external auditors are to table two opinions as part of a single integrated audit of the company; an independent opinion on the success of the ICFR system and the original opinion on the financial statements. In addition, the role of PCAOB is to oversee and provide direction to auditors as they assess a company’s compliance to Sarbanes-Oxley Act. This is attained through creation of Proposed Auditing Standards that outline more comprehensive guidance for assessing compliance with the intent of SOX. Furthermore, PCAOB conducts reviews at least every three years on firms audit reports (The Institute of Internal Auditors, 2008). Firms must adopt quality control standards through SEC. The SEC decides whether private auditing firms are subject to Sarbanes-Oxley. Prior to Sarbanes-Oxley, it was not uncommon for a public company’s outside auditor to develop longstanding relationships with company management because certain discrepancies might be overlooked. As a result, accounting and auditing firms provided multiple services for public companies, albeit not always in compliance with the SEC’s auditor independence rules. Sarbanes-Oxley and then their independence rules require every company that publicly trades its securities to establish an independent audit committee responsible for appointing, compensation of any claims, and oversight of the company’s external auditors (Rolf, 2005) The researchers studied investor activity in foreign firms on the day that they announced listing on a New York exchange. The prices of the stocks increased on aggregate by two percent in the years after Sarbanes-Oxley Act than they did before the SOX. Siegel brings into our attention that this indicates that investors believed SOX would also benefit the bottom line (Radke, 2006). Although Congress considered mandatory rotation of not just audit personnel but also accounting firms that conduct public company audits such provision was not included in Sarbanes-Oxley. Instead the congress required the GAO to conduct a study on the potential effects of requiring the mandatory rotation of accounting firms. It considered whether the benefits of a periodic change in public auditing firms maintains auditor independence and improves audit quality would be outweighed by the costs of changing firms including the need for new firms to become knowledgeable concerning company-specific information. To conduct the study, the GAO surveyed the largest public accounting firms and Fortune 1000 companies or more. These companies time and again responded that the rotation of audit personnel was sufficient to bring about the required improvements when compared to the costs associated with periodic firm rotation. Considering foreign firms that were listed on either New York or London exchanges researchers were able to unravel that those firms were six percent less likely to choose New York over London after Sarbanes-Oxley Act came into play (Michael, 2009). The overall impact of Sarbanes-Oxley on accounting and auditing firms and their internal operations and practices appears to be positive especially in fulfilling the purpose of reducing and preventing occurrence of fraud, maintaining independence of the auditor, improving the accuracy and quality of audits done independently and the reputation of the accounting and auditing industry. In fact, a 2004 Gallup poll indicates that the accounting profession had a positive rating of 31% in 2002 having an improved positive rating of 45% by 2004. Moreover, the Sarbanes-Oxley limitation on multiple engagements has clearly created new roles for small and mid-size auditing and accounting firms. These includes monitoring SOX, regulations of Security Exchange Commissions, standards from the PCAOB, and requirements of comparable state laws and documenting and testing the internal controls adopted by a public company under section 404. However, one must question if the cost of Sarbanes-Oxley compliance outweighs the gains in reducing fraudulent behavior (Rolf, 2005). Moreover, According to Rolf( p.69) there is real concern that Sarbanes-Oxley will not only scale up prices of consumer goods and services but also will also result in the collapse and bankruptcy of small to medium-sized publicly traded companies that cannot come up with the money for to pay for the new requirements. Other laws amended by Sarbanes-Oxley include mail fraud statutes, ERISA, and the SEC Act of 1934. Majorly most of the adjustments concern was to enhance penalties, but Congress added new offenses to the mail fraud statutes. To begin with, one offense is for the knowing or an attempted execution of a scheme for the purpose of defrauding any person in connection with securities of a publicly traded company, including the fraudulent purchase and sale of securities. Penalties for this offense are a fine, a maximum sentence of 25 years imprisonment or both. This offense was already criminal under the antifraud provisions of the existing securities laws and may have little, if any, practical significance (Rolf, 2005). Another offense covered by the mail fraud statute concerns failure of CEOs and CFOs to provide the financial certifications on periodic reports mandated by section 906 of Sarbanes-Oxley. This provision appears to duplicate section 302 of Sarbanes-Oxley in some respects. In addition, no criminal penalty is provided in the mail fraud statute for failure to make the certification. However, the penalties for making certifications that violate section 906 of Sarbanes-Oxley are severe. Any certification that knowingly violates the requirements of the section carries with it maximum penalties of a $1 million dollar fine, 10 years in prison, or both. If the false certification is both knowing and willful, the maximum penalties are enhanced to a fine of $5 million dollars, an increase in the currently existing 5 year maximum sentence to 20 years, or both. Enhanced penalties for violating the reporting and disclosure provisions of ERISA include an increase from a fine of $5,000 dollars and a maximum of 1 year in imprisonment, or both, to a fine of $100,000 dollar, 10 years in prison, or both. Maximum penalties for violating the 1934 Securities Exchange Act have increased from a fine of $1 million, a maximum 10 year imprisonment, or both to a $5 million dollar fine, maximum 20 year prison sentence, or both. Besides, the maximum fine imposed on an entity for violating the 1934 Act elevated it from the $2.5 million dollars to $25 million dollars. The statute of limitations for private investors to bring civil actions for fraudulent activities under the securities laws also increased. Courts seldom impose maximum penalties to offenders, despite the fact that penalties were established in the Sarbanes-Oxley Act. This derails the process of curbing fraud in public companies generally slowing down economic growth (Carol, 2005). In 2007, the SEC provided guidance on how accelerated filers should comply with the rules. Its guidance purports to entail two principles. First, the management evaluates whether it has implemented controls that adequately address the risk that a material misstatement of the financial statements would not be prevented or detected in a timely manner. Second, management’s evaluation of evidence about the operation of its controls should be based on its assessment of risk. In short, the SEC’s guidance emphasizes that management should have flexibility in designing evaluation processes in accordance with the risks of financial misstatements – where there are greater risks, extensive testing and the evaluation is expected. The SEC’s interpretive guidance describes the characteristics of companies that purportedly give rise to a higher likelihood of financial reporting misstatements. It stated how these characteristics which include among others, the size, and complexity, organizational structure of the company and its processes and financial reporting environment affected financial reporting. The SEC provides additional guidance on factors it believes affects the likelihood of financial misstatements which includes among others, the susceptibility of the related asset or liability to loss or fraud, the subjectivity, complexity, or the extent of judgment required to determine the amount involved. In summary, the SEC’s guidance and identification of firm characteristics associated with a higher probability of financial misstatements indicates that greater evaluation and testing of internal controls will be required for firms with activities involving specialized knowledge (Owens, 2009) According to Zhang (2007) she argues that findings of the cumulative raw returns on a U.S. market index around SOX related events are highly negative (-15.35%) using value-weighted returns and (-12.53%) using equal-weighted returns and are significant statistically. After controlling for the corresponding stock returns in international markets, she establishes statistically significant cumulative stock returns ranging from -3.76% to -8.21% around key SOX-related events. Findings show that foreign companies that were required to comply with SOX suffered statistically significant declines in their stock prices around the key events. The evidence is consistent with the view that SOX was expected to have a negative net effect on the value of affected firms (Bierstaker & Hunton, 2007). According to Bartlett and Richard (2008) they argue that previous studies fail to recognize that companies do not necessarily escape the provisions of SOX by going private. Specifically, he notes that companies that go private may still be required to comply with SOX if they use high yield notes to finance the going private transactions which many of them do. They found out that the rate of going private activity has increased since Sarbanes Oxley Act came into play, but that the number of companies that choose to remain SEC-reporting companies because of their use of publicly traded bonds, has remained relatively constant after Sarbanes-Oxley legislation. There is some variation in the use of publicly traded debt by large versus small companies since Sarbanes-Oxley Act, with bigger companies elevating their utilization of publicly traded debt and smaller companies reducing their use of this debt. Hence the analysis suggests that the costs of SOX have little to do with going private decisions in the post- SOX period, except, perhaps for smaller firms. Examination of the stock returns of foreign firms that are cross-listed in the U.S and their home countries around 14 events related to the adoption of SOX in 2002 were done. The events identified were similar to those used in the papers reviewed above. The first event identified is the announcement by the SEC chairman on January 17 2002 that he favors an overhaul of accounting regulation including the creation of a public oversight board. The last event occurs on October 22, 2002 when responding to Sarbanes-Oxley. The SEC releases a proposal concerning new disclosures including disclosures related to companies’ internal controls. Basing on the findings of the information released around the 14 events, it is concluded that only eight of the 14 events are expected to affect the returns of cross-listed firms. Furthermore, it is identified one event consisting of two announcements by the SEC chairman on 8th to 10th October, 2002 that foreign issuers might receive exemptions from the SEC rules adopted under SOX. As information that points at SOX related rules are less likely to apply to cross-listed foreign companies. Summarily it is identified about 11, 016 of the non-US firms that are listed in the U.S and their home countries (Morgan, 2005). Implementation of SOX The Sarbanes-Oxley Act came into action in the wake of the Stock Market Crush of 1929-1933. The Act formed PCAOB to be supervised by Stock Exchange Commission (SEC). The duties of PCAOB is to register by documenting all public accounting firms that prepare audit reports, and thereafter conduct their inspection, conducting investigations and disciplinary measures administered to where justified upon registered public accounting firms and their accomplices, the employees of the board are to exhibit high professional standards to improve the quality of audit services being given, and finally to set and manage the budget the functioning of the board and the Board. The Sarbanes-Oxley Act made provisions for a threshold for accounting firms to perform a number of other services for the companies which they audited. Also, SOX needed new disclosures for public companies, consultants, lawyers, officers and director of the company. To avoid the incidences of replication of work during audits, EEI’s members are of the opinion that the Public Company Accounting Oversight Board should amend its requirement that independent auditors perform more than 50% of the total procedures upon which they base their opinion. The 50% threshold is absolutely artificial, and also needs the independent auditor to duplicate work that already has been done by in-house auditors, hence increasing the cost of doing the audit. Therefore for the management to reduce these costs it must ensure that the external auditors provide two opinions as part of a single integrated audit of the company report (Owens, 2009). Institutional pressures play a very vital role in implementation of Section 404. Particularly the organizations are pushed by the faced with the coercive pressure to attain compliance of Section 404. Also many organizations tend to mimic one another in the methods they use so that they can be graded as in tandem with their competitive environment. Firms are faced with normative pressures to behave in a way that is socially acceptable when striving to attain compliance to Section 404 of SOX. If they are achieve the firm is presumed not to be taking controls seriously (The Institute of Internal Auditors, 2008). Among the other issues that were affected by the new law comprise of fraud of securities, criminal and civil penalties for disregarding the securities laws and other laws, blackouts related to insider trades of pension fund shares, and lastly, for corporate whistleblowers in case of fraud in a company are subsequently protected. To date, few companies are divulging the costs of Sarbanes-Oxley Section 404. This is surprising particularly given the vocal negative statements against the cost and or benefits associated with Section 404 compliance. We are of the belief that there is a question to be answered as to the lack of detail disclosed around the costs incurred by companies during 2004 whether they know the cost of the work undertaken for Sarbanes-Oxley Section 404. We were able to decipher an initial overview of average costs associated with Section 404 compliance for companies with less than US$ 2 billion in annual sales. The data is available in sufficient detail and by a broad enough cross sector of companies to provide any real conclusion about what initial Section404 compliance is costing SEC registrants, particularly larger companies (Barlett III, 2008). Nevertheless it is concluded that Section 404 has cost many companies significantly more than it is widely anticipated. Moreover many companies’ costs are incurred in the second half of the year, causing a shortage in resources got externally, which may give some comprehension of why costs were higher. The majority of costs disclosed relate to costs for external consultants and professional advisers. We suspect that this was because the companies found these costs easier to measure than internal resource costs. Few companies have disclosed the increased external audit fees for the Audit of Internal Control over Financial Reporting conducted in conjunction with an Audit of Financial Statements at this time (Morgan, 2005). Evaluation of SOX The testing work paper should include a detailed listing of each item selected for testing and the results of the test. The auditors will require evaluation of this documentation, and will re?perform a percentage of management’s work. The number of selections and the methodology for selecting them is not specified by the SEC. Our SOX 404 Compliance products use a formula that determines sample size based on the size of the population, likelihood and significance score and an overall company?wide control assessment. Selections are then made based on fixed intervals throughout the population (School, 2008). Companies should strive to achieve a consistent methodology and to develop a sample selection that does not allow the tester discretion to pick selections. The outside auditors, in addition to re?testing management’s work will make selections that were not part of sampling done by management. Testing exceptions established in their work but not reflected in management’s work could cast doubt on the integrity of the compliance effort. It is shown that the COSO Framework indicates that we are seeking reasonable assurance and not absolute assurance that the control is working as designed (Radke, 2006). Given the potential cost of failure to identify missing controls an experiment was designed. It is aimed at examining the possibility of a part-list cognitive interference effect arising from a client-prepared matrix and studying the extent to which a business process flowchart might alleviate such an effect. Therefore, the between-participants experiment comprises of a 2 (internal control matrix: blank or management-provided) by 2 (business process flowchart: absent or present) between-participants design. Through a sample of 395 auditors who are experienced, the research findings do not indicate a cognitive interference effect due to a client-prepared internal control matrix. Also, when a client-prepared matrix is used in conjunction with a business process flowchart, there is no significant improvement in the number of identified missing controls (Hunton, Thibodeau, & Bierstaker, 2007). At present, most large publicly traded companies are about to embark on their fourth year of complying with Section 404 of SARBOX. Given the substantial cost of SARBOX compliance, there is an immense effort being done to try and reduce the compliance costs. An important way to reduce such compliance costs is for auditors to try and help their clients to decrease the number of key controls that need to be tested for operating effectiveness. Such a focus only heightens the possibility of the missing control phenomenon. An auditor is required to reach his/her own independent evaluation about a client’s internal control design. However, when audit teams are receiving information about clients, the concern of such information might cause cognitive interference, which could create an obstacle in the complete identification of missing controls. Given that the potential negative impact to auditors is substantial missing control is not established that quick. It is thereby vital to be abreast with the underlying cognitive processes that are at work and how this potential problem can be mitigated (Meiners, Ringleb, & Edwards, 2008). Conclusion In conclusion the SOX requires that all companies both domestic and international that have registered equity or debt securities under the Securities Act of 1934 are subject to the Sarbanes-Oxley Act. Consequently it raises the levels of corporate governance, security analysis and the performance of audit jobs in companies. The SOX strives to improve the objectivity and independence of securities by differentiating the investment banking from securities analysis functions of most financial companies. However SOX has its limitations. They include; legal, managerial and technological expenses of compliance can amount to million of dollars even for smaller companies. Consequently, companies delist their shares from major exchanges to go private or in some instances remain private. It is argued that cost savings linked to avoiding compliance increase shareholder value. Recommendations The first recommendation is that organizations involved evaluate the SOX 404 standards for best practices associated with IT control improvements. A plan should be set up to implement and consequently improve standards in auditing process. Evaluate the COBIT 4.0 standards for IT controls over financial applications. It is important therefore to note that COBIT 3.0 is the minimal acceptance level. Should make sure you obtain the support of the senior management for the process as it is an important aspect for implementing change. The management is also obliged to support the additional work, human resources, and costs that will need to gain compliancy. Performing an inventory of all your IT applications is also recommended. Identifying of all the financial systems and look for any indirect relationships. In conjunction with the inventory, the workflow should be examined and human factors that are surrounding financial processing. Another recommendation is that you evaluate random sampling controls and requirements for your financial applications to setup a testing/sampling program on controls each month depending on the requirements needed. Working closely with both internal and external auditors and gain their approvals for the work that will be done is also recommended. Evaluate random sampling controls and requirements for your financial applications to setup a testing/sampling program on controls each month depending on the needs. Thirdly getting training improves on gaining new knowledge and skills. The core team and especially the leader of the process should invest a week or so in training. Considering attending a formal seminar away from work where you can focus and interact with other participants is better. This will create a good foundation for what's required. Finally look for ways of strengthening the financial process and implement new controls. References Barlett III, R. P. (2008, May 15). Going Private by Staying Public: Reexamining the Effect of Sarbanes-Oxley Firms' Going Private Decisions. UGA Legal Studies Research Paper No.08-003, University of Chicago Law Review, pp. 7-54. Bierstaker, J. L., & Hunton, J. E. (2007, August 14). Internal Control Evaluation in the Post- Sarbenes-0xley Audit Environment: Identifying Missing Controls. Retrieved November 13, 2012, from http://aaahq.org/audit/midyear/08midyear/papers/22_Bierstaker_MissingControls.pdf Cohen, D. A., Dey, A., & Lys, T. Z. (2007, November 12). The Sarbenes Oxley Act of 2002: Implications for Compensation Contracts and Managerial Risk-Taking. Retrieved November 10, 2012, from SSRN Chicago Booth ARC: Regulations and Institutions: http://www.archive.nyu.edu/bitstream/2451/27546/2/SSRN-id1027448.pdf Hunton, J. E., Thibodeau, J. C., & Bierstaker, J. L. (2007, August 15). Internal Control Evaluation in the Post-Sarbenes-Oxley Audit Environment: Identifying Missing Controls. Retrieved November 10, 2012, from Current Issues in Auditing: aahq.org/audit/midyear/.../22_Bierstaker_MissingControls.pdf Institute of Internal Auditors. (2008, January). Sarbanes-Oxley Section 404: A Guide to Management. Retrieved December 10, 2012, from http//www. theiia. org/download. cfm file=31866 Jasso, Sean. (2008, June 5). A Public Analysis of the Sarbanes Oxley Act: Market Failure, Information Asymmetry, and the Case of Regulation. Retrieved December 9, 2012, from http://www.citation.allcademis//meta/p_mla_research_citation/1/7/6/4/8 pages 176481. Michael, F. G. (2009, October 5). Sarbanes-Oxley regulation effective without harming investor Value. Retrieved 11 11, 2012, from http://www.foster.washington.edu/centres/facultyresearch/Pages/sarbenes-oxley effective.aspx. Morgan, A. (2005, February 5). Sarbanes-Oxley Implementation Costs; what companies are Reporting in their SEC Filings. Retrieved November 09, 2012, from http://www.auditnet.org/articles/Sarbanes-Oxley_Implementation_Costs.pdf Owens, D. K. (2009, April 12). Implementing Sarbanes-Oxley Act Section 404. Retrieved 11 12, 2012, from Online the CPA Journal: http://www.nysscpa.org/cpajournal/2006/406/perspectives/p6.htm Radke, L. (2006, July 13). Sarbanes-Oxley Section 404 Testing and Evaluation: Applying the COSO Framework: Using a Top-down Risk-based Approach. Retrieved November 09 2012, from www.procognis.com/publications/whitepaper-404testing-evaluation.pdfrit Roger E Meiners, P., Ringleb, A. H., & Edwards, F. L. (2008). The Legal Environment of Business. Mason: South Western Cengage Learning. Rolf, C. A. (2005). Efficacy of the Sarbenes-Oxley Act in Curbing Corporate Fraud. Riviera College Online Academic Journal, 1 (1), 3-11. School, U., O. (2008). Symposium articles. Pennsylvania: University of Pennsylvania Law School. Sun, B. (2010). Executive Compensation and Earnings Management under Moral Hazard. New York: DIANE Publishing. Thomas, R. S., & Hill, J. G. (2012). Research Handbook on Executive Pay. Massachusetts: Edward Elgar Publishing. Read More