Will RFID add required visibility for corporations struggling with Sarbanes-Oxley?
By David Wyld, Contributing Editor
If we put together a “Business Hall of Shame”, some of the first inductees would have to include the likes of Chairmen and CEOs behaving badly, such as the late Kenneth Lay of Enron, Bernie Ebbers of WorldCom, and Dennis Kozlowski of Tyco International. In reaction to the “fast and loose” accounting and oversight environment early in this decade that made possible the worst corporate scandals perhaps in American business history, Congress took action to restore investor confidence in the public securities market. It rather quickly enacted the Public Company Accounting Reform and Investor Protection Act of 2002. The law is commonly referred to as the Sarbanes-Oxley Act, named for the chief, bipartisan sponsors of the bill, Maryland Senator Paul Sarbanes and Ohio Representative Michael G. Oxley. In fact, in an era of divisive politics, Congress was amazingly unified, approving the final law by a vote of 423-3 in the House of Representatives and by a unanimous vote in the Senate. When President George W. Bush signed the bill into law on July 30, 2002, he proclaimed: “The era of low standards and false profits is over. No boardroom in America is above or beyond the law.”
Sarbanes-Oxley, or SOX, has been described by analysts as the most comprehensive accounting and reporting reform enacted in the United States since The Great Depression. It impacts a wide range of corporate functions, most notably in the area of accounting and in the outside auditing of firms’ accounting operations. However, in practice, it will touch on every area of corporate operations, as it seeks accuracy in the reporting of both the results of operations and the true financial health of the company.
Sarbanes-Oxley created the Public Company Accounting Oversight Board to provide overall federal-level regulation of accounting firms. SOX also sought to create a firewall between publicly traded companies and their auditors. The law prohibited accounting firms from consulting with the firms they were auditing, and it required corporations to rotate their auditing firms at least every five years. SOX also mandated that publicly traded companies must create audit committees. These committees, comprised of independent members of the board of directors monitor not only the firm’s relationship with its auditors, but also firm managers’ performance on financial reporting and ethics.
SOX also enacts punishment for the corporate sins of commission and omission, a very real prospect for all top executives of publicly traded companies in the United States. SOX requires that CEOs and CFOs personally sign-off on the financial statements of their companies. The law provides for stiff penalties (up to 20 years imprisonment and/or a $15 million fine) for executives who knowingly falsify these reports. Further, SOX makes it more likely that executive improprieties come to light. It provides whistleblower protection for employees who report financial and reporting wrongdoings. Attorneys are now subject to SOX’s requirements that both in-house and outside counsel must report all “material violations” of securities laws and fiduciary duties. It also increased penalties for securities fraud and insider trading. Finally, SOX prohibited corporate officers and members of the board of directors from receiving personal loans from the company, a practice that had been a part of several of the noteworthy corporate scandals of the past decade.
The Sarbanes-Oxley Act has been seen as a mixed blessing in Corporate America. In a recent interview, John Thain, the CEO of the New York Stock Exchange stated unequivocally: “There is no question that, broadly speaking, Sarbanes-Oxley was necessary.” While the law has been credited by some as playing a big role in restoring investor confidence in corporations, many other have criticized its effectiveness and necessity.
The confidence has indeed come at a cost, as costs directly attributable to SOX compliance efforts are substantial for most firms. SOX compliance was initially approached like a discrete event for many firms, but now, nearly five years after its enactment, compliance is viewed as a continuing concern – and expense. Still, while such compliance costs can be small change for a Fortune 500 company, they can be crushing for smaller companies. SOX has been called an inhibiting factor keeping some small companies from going public and a motivating factor encouraging some moderate to large firms to be taken private. In both cases, the issue is to avoid the compliance costs (and managerial attention) that must be devoted to adhering to SOX regulations.
RFID and Sarbanes-Oxley Compliance
How does RFID fit into what appears to be an accounting story? The truth of the matter is that over time, RFID may become an almost indispensable component of an effective Sarbanes-Oxley compliance strategy. That’s because two key provisions of the law – Sections 302 and 404 – require management to have effective internal controls in place to ensure the accuracy of material information that is included in the firm’s financial disclosures and to document and report on the efficacy of these controls. Thus, ensuring accurate inventory and asset management with RFID can be seen as an essential component of such internal control systems.
While those in any facet of the auto-ID industry can enumerate the myriad ways that It is commonly recognized that RFID can benefit companies operationally – supply chain coordination, reducing out-of-stocks, etc., – but the visibility it provides from a financial accounting standpoint is an often overlooked benefit.
These benefits simply cannot be gained with a “slap and ship” strategy. In past corporate scandals that helped fuel the call for Sarbanes-Oxley (Enron, WorldCom, etc.), there was phantom inventory, phantom trades, and even phantom offices and workers involved. Yet, with RFID-enabled warehouses, distribution centers, equipment, yards, offices, etc., one can gain real-time, complete visibility within a company’s supply chain operations. Visibility in inventory and asset management thus becomes a foundational element for accuracy in a firm’s financial reporting. In February 2007, P.J. Jakovljevic commented that: “If the supply chain is to be truly controlled to the level required by SOX, then there must be a well-structured process that runs across multiple functions, and not merely a series of transactions pretending to be a process.”
Gartner’s Roy Schulte recently wrote that, “We’re in the midst of a basic shift from after-the-fact, reactive analysis to proactive, real-time use of event-based information.” Transparency, visibility, and accuracy all add up to a prescription for corporate executives to look at RFID in a new light. One of its principal benefits – which indeed may be very hard to quantify – is to add accuracy to corporate inventory and asset management to assure that financial reports comply not only with the edicts of Sarbanes-Oxley, but other U.S. laws, most notably the Patriot Act.
It is also interesting to note that other countries are following the U.S. tightening-up financial reporting laws. As of the start of 2007, Canada now requires similar reporting requirements for public companies and for CEOs and CFOs to sign-off on their corporate reports. The European Union has likewise instituted new, more encompassing disclosure requirements, and the Basel II agreement extends this to international finance and banking.
Thus, investments in RFID may pay-off for not just national, but global compliance with new auditing and legal standards. And, they just may keep your company off the front page of The Wall Street Journal (in a bad way) and keep your 401k safe, too.