Final financial rules extend time to comply
Companies have nine more months than originally proposed
Follow @infoworldFinancial-reporting rules adopted by the U.S. Securities and Exchange Commission (SEC) in late May should mean less hassle than expected for CIOs. The final rules for implementing Section 404 of the Sarbanes-Oxley Act, which governs corporate financial systems, give companies nine more months to comply with the law than the SEC originally proposed and appear to offer CIOs more flexibility in how they manage financial data.
Section 404 mandates that CEOs and CFOs provide assessments of the internal controls and financial reporting structures at their companies. By delaying the date that many large companies must begin the new practices until June 15, 2004, the SEC has given most executives until their 2004 annual reports to comply.
CIOs now have extra time to think about technology needed to comply with the reporting requirements, says Lynn Edelson, leader of a Sarbanes-Oxley task force at consultancy PricewaterhouseCoopers LLP.
In addition to the timing, a criticism of the SEC proposal was the lack of specifics, such as what accounting standards the financial reporting should follow. As expected, the final rules lean toward the most widely recognized standard, called COSO, for the Committee of Sponsoring Organizations of the Treadway Commission. But Tom Wardell, a partner specializing in corporate finance with McKenna Long and Aldridge in Atlanta, says some of the final language appears to allow companies to use any framework of controls adopted by any recognized body.
The final rule also appears to back away from forcing companies to create new, large-scale systems for monitoring risks, such as those required by COSO. CIOs won't be stuck with this responsibility as long as the company has a financial reporting process.
