The Sarbanes-Oxley Debacle

As an update to my April 6, 2006 post, Sarbanes-Oxley Needs to Go, two additional readings you might find interesting.

First, Brad Beckstead, managing partner of the audit firm of Beckstead and Watts LLP, in Henderson, Nevada, wrote an article in the August 21, 2006 issue of Accounting Today, “Commentary: Sarbanes-Oxley: The impact on smaller firms.”

Beckstead’s firm is the one that has brought the constitutional challenge against the PCAOB’s authority, arguing that it violates the constitution’s appointments clause. One of the lawyers on the case is Kenneth Starr. You can read the full complaint here.

Beckstead’s article discusses the impact of SOX on smaller firms, and his assessments are compelling.

Second, a new book is out, The Sarbanes-Oxley Debacle: What We’ve Learned; How to Fix It, by Henry N. Butler and Larry E. Ribstein, published by the [American Enterprise Institute] AEI-Brookings Joint Center for Regulatory Studies.

The major argument the authors have against SOX is its cost and ineffectiveness, which they detail with impeccable economic logic. Not only will companies have to spend approximately $6 billion complying with SOX, the net loss to shareholders as a result of this over-reaching piece of legislation is a staggering $1.4 trillion, according to a study conducted by Ivy Xiying Zhang. This hurts the very people—i.e., shareholders—SOX is designed to protect.

Another unintended consequence of SOX is the effect on auditing firms, as Joseph Nocera of the New York Times wrote:

One of the unintended consequences—that Sarbanes-Oxley has been a financial boon to the profession, since all the big accounting firms have to audit a company’s financial controls as well as its books. “In effect, the law is giving the auditors business,” Senator Sarbanes said with a chuckle. But so what? Better that they make money doing actual auditing work than by selling themselves as consultants (Butler and Ribstein, 2006: 13).

Even though there is no evidence that consulting creates a lack of independence for auditors, SOX outlawed accounting firms from performing this type of work. The arrogance of Senator Sarbanes is outrageous, thinking he knows what the marketplace values. Isn’t it ironic that auditing firms are getting rich from a law designed in part to address their own failures?

The authors further point out shareholders can more inexpensively hedge the risk of fraud and weak corporate governance by having a diversified stock portfolio. Individual companies, however, cannot diversify the costs and waste of complying with SOX. The optimal amount of fraud is, counter intuitively, not zero, and most shareholders can more effectively diversify the risk of fraud cheaper than companies can comply with SOX.

The authors list all of the costs of SOX, both direct and indirect, some of which include:

  • Direct compliance costs, Section 404 internal controls disclosures and attestations—estimated to cost companies $6 billion in 2006, approximately $4.36 million per company;
  • Diversion of scarce managerial talent and intellectual capital to compliance and creating paper trails rather than risk-taking and entreprenuerialism;
  • Reducing smaller firms access to public capital markets;
  • Chasing away foreign firms—the New York Stock Exchange’s share of new foreign companies offerings dropped from 90% in 2000 to 10% in 2005, mostly attributed to SOX;
  • The litigation time bomb which will materialize at the next inevitable market downturn.

The authors lay out several reforms that an enlightened Congress should make to SOX:

  • Defuse the Litigation Time Bomb—Amend the act to provide that violations of SOX cannot be redressed by private lawsuits;
  • Allow Opt-Outs or Opt-Ins—If a state imposes a regulation that costs more than it provides in benefits, corporations can leave the state. If the federal government does it, where can it go? Firms should be given the freedom to opt-out of SOX. If the regulation is as good as its proponents claim, than those firms that opt-in should see a lower cost of capital. This is the ultimate test, not whether regulators “think” that SOX will be beneficial;
  • Exempt Foreign Firms from SOX;
  • Exempt Small Corporations—Small firms comprise only 7% of the market capitalization of USA stock markets. Exempting them does not in anyway impose an intolerable risk on shareholders;
  • Remove Criminal Penalties—The severe punishment of SOX makes the corporate suite a very risky place for law-abiding executives, who may engage in far more conservative behavior than shareholders would prefer;
  • Limit Internal Control Reporting—Let management base decisions on risk management techniques, rather than the regulator’s unrealistic 20/20 hindsight;
  • Leave Internal Governance to State Law—Historically, states have done a better job than Congress in this important area of corporate law. Congress not only didn’t add value with SOX, it has destroyed $1.4 trillion of shareholder wealth.

The ultimate test of the efficaciousness of SOX regulations is embedded in the price of shares. This is the “wisdom of crowd” arguments, since markets have far more incentive to base decisions on accurate information than do regulators. This is because individuals shareholders suffer the consequences of their errors, where government simply imposes the costs of its errors on others.

If firms with weak governance stood to benefit the most from SOX, as its proponents claim, than the share prices of those firms would have increased after the passage of SOX. They didn’t. Instead, they declined, meaning the market judged the cost of SOX exceeded its benefits.

With the publication of The Sarbanes-Oxley Debacle, we now have empirical evidence that supports the market’s judgment. If you are at all interested in the future of the accounting profession, this book is a must read, along with After Enron, reviewed here. And my article “Authentic Audit Reform: Relinquish the Audit Monopoly.”


  1. James J. Finn says:

    I am a specialist in SOX compliance and have been trying to reverse the inappropriate direction it has taken for over 4 years.

    The facts of life are that the spending and waste of money must be placed 100% in the CEO’s hands. The CEO has been, and still is responsible for compliance costs and due deliberation.

    The reality is that the CEO gave the job to the CFO who Contracted CPA’s to achieve compliance with a law intended (primarily) to regulate them. Go figure ?????

    Don’t waste your time preaching to the dedicated. Ask the CEO’s why they have not been directly involved by using the authority SOX gives them to control cost and mitigate the run away low level misdirecting authorities running the SOX programs.

    The CEO and BOD still listen only to their local audit firms.

    Jim Finn

  2. Hi Jim,

    Thanks for the comment.

    I’m not sure I agree that this is CEO’s fault. They certainly didn’t pass the SOX law. Even many CFOs quit after SOX became law because it turned them into compliance monkeys rather than risk-taking entrepreneurs.

    A company can fire their CEO, but it’s much harder to get rid of a crappy law Congress has passed. And SOX is bad law.

  3. Hi Jim,

    I have the read the law. Are you actually saying that all of these companies that spent hundreds of millions of dollars in compliance did so unnecessarily? That 404 didn’t impose an undue burden on these companies? That these companies simply wrote a blank check to their CPAs and let them make decisions for them?

    I’m incredulous, to say the least. The law contains draconian penalties, including prison, for noncompliance. If companies reacted by going overboard on compliance, can you really blame them?

    But even if you’re right, the law is still bad. Trying to fit a one-size-all regulation across all companies is bad economics. Far easier to let individual shareholders diversify risk–they can do it easier, and at less cost. This is the economists argument against SOX, and it’s compelling and convincing.

    I suggest you read the book I mentioned (The SOX debacle), written by scholars from both AEI and Brookings, a right and left think tank. They both agree SOX is bad law, and that is amazing.


  4. James J Finn says:

    Hi Ron,

    I will take your advise on the book, however I will be on the lookout for listings of massive costs that actually relate to the method of compliance (AS-2) rather than what the law (SOX 404)actually requires.

    Quickly running through the sequence of disasters, the mess started with AS-2 from the PCAOB – intended for auditors – not companies. This was a financial disaster as companies tried to comply by applying this auditing standard rather than SOX 404. In many cases it also resulted in an unintended transfer of informal authority to the auditors – since no one else understood AS-2 as well as an auditor.

    If I were to blame any thing for the present disasters, it would be the delayed and late response by the SEC with its interpretative guidance. Better late than never. This reversed the authority of AS-2, and provided guidelines for corporate CEO’s for compliance. Unfortunatly the damage was already done, millions were spent, and many companies may be further away from compliance now than when they started. Many companies still may not be in compliance with the simple requirement for assessment.

    Jim Finn

  5. Hi Jim,

    Fair enough, and great points.

    I’m of the opinion that even if SOX imposed zero compliance costs, it’s still bad law, for all the reasons the book above points out. And a law where most companies aren’t in compliance seems pretty ineffective to me.

    And I agree that the SEC is the watch dog that didn’t bark. I believe it should be abolished. So did Nobel-prize winning economist George Stigler, who wrote extensively on the SEC’s effectiveness and concluded it wasn’t very.

    Great conversation, look forward to more comments from you.


Speak Your Mind