How short our memories are! It has been a little over ten years since the Enron scandal and the fall of Arthur Andersen, the audit firm that was “minding the store.” More recently, MF Global seems to be the new “poster child” for what organizations can get away with. It may be just one of many large and small organizations that are “audited” and yet continue to have undetected significant issues that will eventually lead to failure.[1]
Regulations like Sarbanes-Oxley have the intent to protect the public, but are not achieving the results. They simply can’t. You can’t regulate “ethics” when the chance of detection is remote. Furthermore, the reality is that when the relationships and financial interests of companies, boards, audit firms, and regulators are closely related, independence and fiduciary roles are often compromised. Things go wrong and undetected because too many people are willing to say “I know them; they are good guys … my friends…” I do not know who did what at MF Global, but with a company that size, someone certainly did know (or should have known) and others chose not to see.
Companies of all sizes, both with public and private funding are at best non-compliant due to the number and complexity of regulations. At worst, entities are willfully going outside the lines, gambling on the odds that they will go undetected. At best, many entities are unwittingly non-compliant. The lack management oversight, internal controls, and experience less than stellar monitoring from government and private mechanisms (i.e., auditors). There are litany of reasons company managers give as excuses for noncompliance:
– “We can’t afford it.”
– “It isn’t a priority.”
– “We don’t know what to do.”
– “We don’t have time to deal with it.”
– “It isn’t ‘really’ a requirement.”
– “No one does it.”
– “It isn’t that big of a deal. ”
– “No one is doing anything ‘wrong’”
– “If we can, we’ll push the limit and avoid the rules. ”
In the past year organizations with requirements ranging from very specific loan covenants to more general regulations, terms and conditions imposed by funding agreements have experienced a wide range of failures of oversight, internal controls, and fiduciary responsibility. Many of these failures went far beyond failing to report debts and forecasts accurately. How would you feel about having your money invested in companies that failed to detect six-figure embezzlement by the CFO, or breaches in conflict of interests for awarding contracts, subcontracts and bonuses (even those self-awarded by executives)? What about a company that had over 100 transactions with forged authorizations, or inaccurately (deliberately or otherwise) reported timecards?
Compliance is costly; lack of adequate oversight is often fatal. From the financial losses, business disruption and damaged integrity, everything you have to built can quickly be transformed into everything you have lost. Too many executives, boards, and managers do not have the skill set necessary to monitor, detect, and prevent “minor” breaches of control, let alone the major ones. They also do not place sufficient value on the accounting/financial and control processes.
Being proactive, involved, and informed are the three keystones to fulfilling the fiduciary role of being in business and running organizations. Take these five steps to ensure you are in compliance and above board for long-term success.
- Develop your skill set and overall understanding of financial and regulatory matter related to your organization/business—industry, tax, etc. —know the basics and keep your finger on the pulse of what goes on.
- Monitor key executives and roles to ensure that no one employee has too much authority and access.
- Keep your compliance and audit function (internal and external) truly independent. Rotate roles and responsibilities, change audit firms periodically to maintain independence, and make sure that while professional relationships are cordial and well “professional” they do not result in personal relationships that impair independence and objectivity.
- Monitor for real and perceived conflicts of interests.
- Create a culture or ethics and doing the right thing—don’t just talk about it—live it and reward it! Expect it and take action, decisive action, when unethical behavior is discovered.
Author: Lea A. Strickland, MBA CMA CFM CBM GMC
Copyright ©2012 F.O.C.U.S. Resource, Inc.
All Rights Reserved
[1] Note: I am not saying that MF Global is what is wrong with capitalism. I am an avid believer in capitalism. All capitalists are not dishonest or greedy. Some are, just as some “non-profit” groups serve their salaries and benefits more than their causes. Ethics cannot be imposed by regulations.
