Sarbanes Oxley unavoidable for Banks 

Many community banks were exempt from the first round of compliance with the 2002 Sarbanes-Oxley Act (SOX). The vast majority were hopeful that successful lobbying efforts made on their behalf would exempt them from compliance, especially since they were already highly regulated. However, on May 23rd, 2007 the SEC approved guidelines for management to evaluate their internal controls over financial reporting (ICOFR). This significantly reduced the possibility for banks or other businesses to gain exemptions or further extensions.

Large banks have been complying with Sarbanes-Oxley for many years. Beginning with their first fiscal year end after December 15, 2007 the executive management of smaller banks must comment on their internal controls on their financial statements. A significant number of these will begin their their first reporting in just a few months. External auditor comments on the effectiveness of the internal controls will be required in 2008. Based upon these requirements, the period for beginning compliance starts now.

Even banks with the best controls must prove their effectiveness:

· Controls are reviewed frequently by a diverse number of different federal, state auditors and internal auditors.

· Challenge will be “proving” the effectiveness in a format that the external auditor can endorse since the auditors are required to follow the Auditing Standard No. 5 (AS5)

· If banks do not format their internal control information clearly and concisely, the external auditor will have to spend extra time and effort (translating directly into additional costs) to determine the effectiveness of the bank’s controls.

· If this method does not result in the auditors’ ability to comment favorably on the effectiveness of internal controls, they may elect to give a qualified opinion which will have a negative impact on the bank.

Over the years, many companies approached compliance with the “what it takes to pass” approach, which on the surface seems reasonable. However, banks must be cautious not to simply overlay another level of complexity on their compliance initiatives. This approach in the long term will result in duplication of effort and increased costs.

The recommended “minimalist approach” is to conduct an entity level assessment and map out your current compliance initiatives to determine how and where they relate to SOX. Once this is done, most discover a large number of current compliance activities are related to SOX requirements.

Banks needing to report in a few months should use this entity level assessment  to prioritize an approach:

1.) Identify your organizations highest risk and internally audited entity level controls for your first report.

2.) Identify the level of additional effort and documentation needed for 2008

3.) Streamline processes to meet ALL compliance requirements (consistently and leverage other compliance initiatives such as the Patriot Act, state and federal bank audits, the bank secrecy act, etc.) This approach requires more analysis up front, however, long term it will provide for a better, less complex, more efficient compliance approach. The challenge is to find the resources with the experience to integrate compliance initiatives. The benefits to this approach far outweigh approaching SOX as “yet another compliance requirement”.

Visage Solutions has been providing SOX compliance services to organizations since shortly after the passage of the bill. Our proprietary methodology is designed to be flexible in order to meet the varying needs of disparate organizations, and as a result you receive a program that not only meets the requirements of SOX, but ensures that compliance enhances your currently existing processes. We will be happy to meet with you and your staff to outline a program tailored to your organization. 

Our Team
Our team is comprised of experienced executives, managers and consultants who will assist your banking organization in the development, implementation and execution of comprehensive risk management and compliance strategies.  From the initial passage of  Sarbanes-Oxley in 2002, Visage has provided solutions to a client base ranging from private, entrepreneurial companies to large multinationals. 

Our Value 

    • Utilizing our proprietary SingleVue™ compliance methodology, we tailor comprehensive, cost-effective and flexible solutions to our clients.
    • Our solutions enhance your current business processes, rather than adding unnecessary overhead, thus creating measurable long-term value.
    • We involve your executive team, including your internal and external advisors, to guarantee solutions are absolutely consistent with your requirements.
    • We allow you to concentrate on managing your business.

 
 


To subscribe to our newsletter. Enter your Email ID in the box below.

Newsletter conceived and designed by webdesignstudio.com
You received this email because you opted to receive this Visage Solutions Mailer through one of our valued partners or by subscribing through www.visagesolutions.com. If you believe you received this message in error or would no longer like to receive uniform periodic updates, please follow the unsubscription instructions at the bottom of this email.
Copyright © 2007 Visage Solutions, LLC.