After 5 successive years of delays, fiscal year 2009 will mostly likely be the year of reckoning for non-accelerated filers. Those companies with market caps at or below $75M are the last group of publicly traded companies that will need their controls attested to for the Sarbanes-Oxley Act. Many publications have waxed philosophically about the woes and the benefits of SOX, all of which can daunt the most confident executives of a small cap company.

Due to the projected costs,and the associated burdens of compliance, some companies retain the hope and belief that another delay or even more optimistic, a repeal of the Act will occur. Though we at MFA cannot profess to be an Oracle of the foibles of the legislative process, at the current time with the current market conditions, the likelihood of such a reprieve is not great. That being said, management’s attestation of the design and effectiveness of their internal control environments will be evaluated by the external auditors.

It may appear that our prognosis is self-serving, so in the interest of transparency, here are two points that outline why we think the deadline will stay.

1.  We hypothesize that after the recent collapse of the credit market, it is reasonable to conclude that politicians will not be receptive to lessening business regulations in the near future.

2.  Accounting Standard 5 (AS5), released by the PCAOB in June 2007, has scoped the compliance effort and added substantial clarity on being compliant. Specifically, the Standard provides details on how all public companies can insist their external auditors place more reliance on a top-down risk assessment, which is to identify what truly is a risk to the enterprise in question. In place of a blanket and all encompassing risk-averse assessment as dictated in AS2, greater credibility can be placed on the work a public company and its internal auditors have completed identifying and demonstrating operating controls. In fact, the PCAOB has further extended clarification that external SOX audits are not to be started from scratch, and are not to be “one-sized” for all.

(more…)