Part of the Sarbanes-Oxley legislation is the mandatory documentation and testing of internal controls. This is known as “Section 404“ compliance.  These controls not only must be put in place, but they must be documented, then tested by your auditors as part of the annual audit. 

Final Section 404 Rules

These requirements can be very burdensome for small companies. Recognizing this, the SEC has postponed small company Section 404 compliance a total of three times, most recently in June 2008 when the audit requirement was postponed by another year, to fiscal years ending after December 15, 2009. 

In the current regularly environment, we do not believe the SEC will offer a further postponement of these regulations.  This will likely mean that if Section 404 requirements are not met, a company’s Form 10-K will not be considered timely filed.  We strongly urge you to check with your auditors and attorneys regarding this requirement.

We feel that we understand the small public company market very well, and we have spent a considerable amount of time developing a practical, cost-effective system for helping our clients achieve Section 404 compliance. This program consists of the following steps:

 I.    Plan
              A.  Understand client’s business
              B.  Organize team and establish roles
              C.  Create working calendar        

 II.  Document control environment and processes
              A.  Assess control environment
              B.  Document processes
              C.  Identify risks
              D.  Identify control activities
              E.  Develop new controls where appropriate

 III. Test controls
             A.  Perform walkthroughs of identified controls
             B.  Develop and implement new controls
             C.  Work with management to put in place policies that improve the five components of COSO

 IV. Complete documentation
 A.  Flowcharts, questionnaires, narratives
 B.  Put controls in Controls Matrix chart
 C.  Design tests of the operating effectiveness of controls

 V.  Tests and Results
A.  Perform tests of controls
B.  Analyze results and discuss with management
C.  Finalize documentation to support management conclusions

The system we have developed is flexible, allowing the client to do as little or as much of the work in-house as they prefer. We take full advantage of the SEC’s direction to use a top-down, risk-based approach.  At one extreme, we can visit the client’s location and do most of the work for them. At the other extreme, we can usually achieve compliance without visiting the client’s office and by guiding the process via conference calls, emails, and by utilizing our DOCCESS document sharing system. Most clients choose a combination of the two, whereby we guide the process and do some of the work, and the client minimizes the cost by doing what they choose to do in-house.

Give us a call at 512-450-5010 to see how we can help you comply with Section 404 in a timely, cost-effective manner.

Financial reporting for small public companies.

Home | Audit Preparation | SEC Reporting | 404 Compliance | XBRL Consulting | Links | Contact Us

Copyright © IncFin, LLC 2009