Executives Weigh Options
Mercury Interactives Chief Marketing Officer Christopher Lochhead considers Sarbanes-Oxley another corporate tax. "We know theres a lot of I, but in reality there may be no R." The perceived lack of a return for Sarbanes-Oxley hasnt prevented a few executives from considering their options. Here are the three most common:
When it comes to monitoring Sarbanes-Oxley compliance, the SEC is primarily relying on a companys auditors, which have to attest to the results. The SEC doesnt have any electronic means to probe processes lying behind the financial certifications by top executives and the usual regulatory filings. Regulators did get $98 million in fiscal 2003 to hire 200 more foot soldiers to scrutinize auditors and companies.
In any event, companies are shelling out big money on compliance. AMR Research analyst John Hagerty has a "million per billion" rule of thumb. If a company has $5 billion in revenue, it is spending roughly $5 million on Sarbanes-Oxley. That estimate, however, appears to be conservative. Mercury Interactive, a company on pace for $500 million in revenue this year is spending "well north of $1 million," says Lochhead. Blue Rhino, which has annual revenue of about $258 million, plans to spend $500,000 to comply.
Those tallies contrast with an SEC estimate predicting Sarbanes-Oxley compliance will cost companies an average of about $91,000.
AMRs Hagerty reckons that the Fortune 1000 will collectively spend $2.5 billion on Sarbanes-Oxley compliance, roughly 0.3% of revenue.
Companies trying to comply are doing everything from standardizing enterprise planning software packages to consolidating applications. Meanwhile, processes for tracking the flow of money inside a company are being documented. The end result may be additional auditing and consulting fees.
Although the investment side of the ROI equation is relatively clear, calculating returns is more difficult.
For starters, companies may not have funds allocated specifically for complying with Sarbanes-Oxley. Compliance is a "mandate" project that gets the go-ahead regardless and diverts money from other plans. Wireless service provider Cingular Wireless, a private company that has to comply with Sarbanes-Oxley because it has publicly traded bonds, lumps its compliance budget in with its internal auditing budget.
Irving Tyler, CIO at Quaker Chemical, says his Sarbanes-Oxley budget is largely tied to auditing and consulting costs and documentation.
For Quaker, much of the heavy lifting for Sarbanes-Oxley was accomplished when the company rolled out J.D. Edwards enterprise planning software globally and SAS software for business intelligence.
That installation, which has ROI targets separate from Sarbanes-Oxley, unified global plants and gave the company more streamlined business processes. Any ROI calculation for Sarbanes-Oxley compliance would exclude Quakers enterprise software investment.
Currently, Tyler says the company is documenting processes and cutting redundant steps as needed to comply with the law and hopefully save money.
"Why document and leave processes alone?" says Tyler. "The company that just complies is missing an opportunity."
Next page: Soft benefits and risks of not complying.
- Assume there are no returns and see compliance as a cost of doing business;
- Use the act as an excuse to consolidate and make processes more efficient, or,
- Dont comply and take your chances with the Securities and Exchange Commission.