Categories
Business

Mystery payments at Canadian construction company

This is interesting: An internal review at Canadian construction company SNC-Lavalin of certain payments approved by the CEO has resulted in that executive’s departure from the company.

The payments in question were approved directly by the CEO after the CFO rejected them. Documentation was apparently sketchy, as the review revealed that the projects they were attributed to were incorrect.

[The review] reveals payments to contracts that didn’t exist, mysterious agents whose identity “is without substance,” and staffers using emails and password-protected devices that the company couldn’t access.

They can’t be sure that the payments in question weren’t related to their controversial involvement with the former Gaddafi regime in Libya, since the recipients appear to be fictitious. They believe they weren’t, but there’s really no basis for that belief since the report is inconclusive.

SNC-Lavalin has operations in over 100 countries and earned over $7-billion in revenue last year.

The company said improper payments are a result of “management override, flawed design or ineffective enforcement of controls” in relation to hiring agents for two of its projects.

Design is one aspect of internal control, and operating effectiveness is the other. Add to that management’s ability override them, and they’ve pretty much covered all their bases!

Some former employees have conducted company affairs using non-corporate email addresses or had password protected devices to which the company does not have access.

This is incredibly suspicious, as what good reason could there be for using non-corporate email to conduct company business? Always a red flag, but tough to uncover. The article doesn’t discuss how it was in this case, unfortunately.

The original investigation, which was reported at the end of February, was over $35-million in payments which were undocumented. The reporting of this information resulted in a 20% decline in the company’s stock, which has since recovered only about ⅓ of the drop. Clearly, controls at the company are not strong enough and the market believes the environment may be such that more of these types of situations exist.

Now, with these recent developments, it seems that the “tone at the top,” a critical component of a strong control environment (see COSO Internal Control Framework), was not one of uncompromising integrity.

Depending on the nature of the payments, if it is ever determined satisfactorily, this could have implications related to the Corruption of Foreign Public Officials Act, Canada’s version of the Foreign Corrupt Practices Act in the US.

Categories
Governance

SEC delays Sarbanes-Oxley requirements for small businesses

The Securities and Exchange Commission (SEC) has provided small businesses another 1-year delay to comply with Sarbanes-Oxley Section 404 requirements. Section 404 is the part of Sarbox that requires management to attest to the effectiveness of internal controls over financial reporting.

“This will help ease the burden on small firms and help encourage more small businesses to become public companies – while still ensuring transparency and honest accounting,” said Senator John Kerry (D-MA), chairman of the Senate Committee on Small Business and Entrepreneurship.

I see how this eases the regulatory burden on small entities, thereby indirectly encouraging small businesses to go public where they might otherwise not, but it remains to be seen how this “still ensures transparency and honest accounting”. How does not requiring companies to fully examine their systems of internal control and have management sign off on their effectiveness ensure anything?

It has been nearly five and a half years since Sarbanes-Oxley was implemented in the wake of the Enron meltdown and the delay applies to companies worth $75-million or less. When will smaller public companies be held to the same standard as larger ones?

Since the law was passed in 2002, the SEC has delayed compliance four times for small businesses. Currently, small companies … are expected to comply with the management guidance part of the law this year and the auditing section by 2009.

Legislators worked quickly to draft and pass Sarbanes-Oxley to protect investors in the aftermath of accounting scandals. Is it reasonable that it will be 7 years before it is in place for the smaller public companies in the US?