Enron, WorldCom, Tyco – these very high profile US corporate failures led directly to the introduction of the Sarbanes Oxley (SOX) regulatory framework in 2002.
BHS, Carillion, Patisserie Valerie – these very high profile UK corporate failures are set to lead to the creation of much more muscular audit, reporting and governance regulator in the UK – and potentially a UK version of Sarbanes Oxley.
Shortly after Carillion’s collapse in 2018, the parliamentary work and pension committee described the current regulator, the Financial Reporting Council (FRC) as ‘feeble, timid and chronically passive’ and called for a complete overhaul of the UK’s corporate governance regime.
Subsequently, a damning review of the FRC by former civil servant Sir John Kingman recommended scrapping the FRC and replacing it with a tougher, more independent body with a much wider range of powers.
While the new regulator has interesting plans for the auditing industry, it is company directors that arguably have the most to fear from these changes.
The new regulator will have the power to: –
- Investigate all company directors – currently the FRC can only investigate company directors if they are also registered with an accounting body
- Use a much wider range of sanctions in cases of public failures
- Publish reports into company’s conduct and management
- Make direct changes to company accounts rather than having to apply to the court to do so
- Potentially intervene in auditor appointments
Most strikingly however, a separate consultation will be opened on whether to adopt a ‘strengthened framework around internal controls’ that reflects the US Sarbanes-Oxley regime. This requires the CEO and CFO to certify on the material accuracy of the financial statements and the effectiveness of internal controls. There are harsh penalties – big fines or even prison terms – for non-compliance.
Taken overall, this will represent a substantial shakeup of the corporate governance landscape in the UK and one in which company boards should start planning for now.
But the good news is that not all companies will find themselves playing catch-up. Here at ICE we have increasingly been seeing UK based corporates implementing ‘SOX lite’ or ‘SOX like’ frameworks. Not because they are required for regulatory reasons, but because they are recognised as best practice.
These organisations will find themselves ahead of the regulatory curve when the inevitable regulatory catch-up occurs.
The government still needs to legislate for the creation of the ARGA, something that was put on hold due to a Brexit overload on parliamentary time. However, we should expect to finally see movement this year after confirmation in the recent Queen’s speech that this would be a priority for 2020.
ICE is an internal control & compliance solution that operates across all three lines of defence.
It helps to both ensure and demonstrate the design and operational effectiveness of the internal control & compliance environment
- Integrates activity from all 3 Lines of Defence into one platform
- Enables cost effective compliance with SOX, FCA & other regulatory requirements
- Significantly reduces the cost of documentation, monitoring, evidence capture, issue management, review and audit
- Delivers a transparent and standardised approach to internal control, compliance & monitoring across the organisation
- Scope for reduction in internal & external audit costs
- Drives positive changes in behaviour and helps embed best practice
- Achieves synergies across all control and compliance requirements
Find out more at www.ice-control.co.uk