In the event of the management not responding to their complaints
appropriately, they should report the matter to a committee constituted of
independent directors or board of directors (Section 307 of SOX).
SOX requires that material changes in the financial condition or operation
of the company should be disclosed as per the rules specified by the SEC;
As discussed above, there has to be disclosure of any off balance sheet
transaction which is material and also the relationship with unconsoli-
dated entities having a significant effect on the financial status of the
company has to be disclosed; and
Pro forma financial information has to be presented in a manner that is not
misleading and should be reconcilable with the financial status of the com-
pany under GAAP (Section 409 of SOX).
Chapter 22 â€“ Legal risk management in the US â€“ the United Statesâ€™ response to the Enron collapse 567
Internal control system:
The report has to be made as per the requirements of the SOX:
Containing a statement as to the responsibility of the management for
setting up and maintaining procedures for internal control and proced-
ures for financial reporting; and
Providing an evaluation of how effective the internal control structure
and procedures for financial reporting are.
Such assessment of the internal control has to be attested by the auditors of
the company (Section 404 of SOX); and
There has been some criticism regarding the impact of internal control
structure requirements on small-sized and medium-sized companies and
the benefit of auditors attesting the reports (since they were one of the main
parties accused in the collapse of Enron) (see below).
Code of ethics:
The company is required to disclose if a code of ethics is in existence for
compliance by its executives and, if not, then why not (Section 406 of SOX);
Waivers also have to be disclosed; and
This provision has in fact proved to be counterproductive given that it
leaves a lot of scope for manipulation by the draftsman of the company
code to suit their requirements.
Non-destruction of the audit record:
The auditors have to be careful that they retain the audit records for five years
(Section 802(a)(1) of SOX) and do not let them be altered, destroyed or falsi-
fied in any manner that could cause an obstruction in investigations.
Otherwise there is a likelihood that they will suffer the same fate which
Arthur Andersen suffered for destroying the records related to the audit of
Enron. The imprisonment prescribed is up to 20 years (Section 802(a) of SOX).
SOX provides protection to employees who report the wrongdoing and
fraudulent conduct of the company from any retaliation by the company
There is criminal liability for those retaliating against employees who blow
the whistle; making discrimination against a whistleblower illegal (Sections
806 and 1117 of SOX); and
It should be noted that the same protection is not granted to the overseas
employees of the companies listed in the US (see also comments on
whistleblowing in Chapter 7 and further below).
Food for thought
It should be appreciated that had these steps been taken earlier perhaps
Enron would not have happened. However, this is, of course, with the bene-
fit of hindsight after witnessing the extent of corporate greed in cases such
as Enron. It is at least better to take lessons from the previous mistakes
than sit back and let other debacles happen without taking any action to
prevent further failures (Kroger 2005).
Part E â€“ Case Studies of Business Risks
Overview of the reforms in the US
It is intriguing how â€“ apparently â€“ the corporate law in the US suddenly
became inadequate to deal with the greed of executives and auditors of corpor-
ations in the new millennium. The last regulation affecting company law to a
great extent in the US was in 1934. There have been divergent views on this
issue. According to some commentators there were already existing laws and
SEC was entrusted with sufficient powers that could have prevented such col-
lapses, whereas other scholars and commentators of company law believe that
the reforms in law were needed to prevent other Enron-like collapses to occur.
The enactment of SOX is welcomed for reinstating faith of investors in cor-
porate America by majority of corporate experts. However, some have reserva-
tions about its worthiness. Various experts are of the view that SOX was passed
in haste and therefore it has created unnecessary difficulties (Perino 2002). For
example, SOX does not have the effect it was expected to have in protecting
shareholders from corporate abuse because compliance with its provisions cost
public companies too much money and time. As a result, instead of achieving
the desired effect of protecting investors from corporate misbehaviour, it has
ended up being too burdensome for the public market, especially for small and
medium-sized companies (Bernstein 2006). Some of the key points are con-
The major criticism of the reforms relates to Section 404 of SOX as large
expenses are incurred in its compliance;
The other problematic area is the effectiveness of the audit committee.
Several experts consider it to be lacking sufficient financial expertise and
information independent of management to be effective;
The independence of external auditors is being questioned in the absence of
any prohibition on the supply of tax services to the company for which the
audit is being done;
There are no specific regulations to improve governance, but, rather, rules to
prevent bad governance; and
The position of corporate attorneys is the same as it was before the reforms.
The abetting of fraud was a crime even then and it is so after the reforms. No
right has been conferred to lawyers under the reforms to raise objections
to corporate decisions and to persuade clients to change them.
These criticisms of the reforms are discussed below in more detail.
Side effects of Section 404
Going public has many advantages for small and medium-sized corporations,
Access to more capital;
Improved exposure; and
The potential to attract more suitable and qualified employees.
Chapter 22 â€“ Legal risk management in the US â€“ the United Statesâ€™ response to the Enron collapse 569
Despite these advantages, going public for these small and medium-sized firms
will now involve the extra cost of compliance with the strict regulations of
SOX. This is in addition to the expenses required for maintaining the public
status of the company, the loss of control and flexibility and the time consumed
in going public. All of these factors will neutralise any advantage that the small
and medium-sized companies would gain by going public.
Foley & Lardner, a Chicago law firm, state that an average medium-sized
company will be required to spend 90% more in the post-Enron era than
it did in the pre-SOX period on account of compliance with stringent
Whereas larger companies can absorb the extra cost of compliance with SOX,
small and mid-sized companies generally cannot as the law costs them so much
monetarily and in terms of human capital. Though the intention of SOX in
checking and controlling companies defrauding the investors is noble, its broad
regulation restricts companies. As a result they have fewer routes to raise cap-
ital for investment. At the same time investors are left with fewer choices to
invest in. Criticism has emerged on the issue as to whether on account of a few
defrauding companies the whole class of companies should be punished. The
argument or debate is that in the end it is always the market that decides
the price and brings forth the irregularities. For instance, it should be recalled
that even in the case of Enron it was not the regulators who exposed the cor-
porate abuse but the market itself (Wilkins 2005).
It is believed by many experts that SOX was enacted in haste because of
political pressure, without proper research and analysis of its provisions.
Section 404 of SOX imposes too stringent compliance. It burdens the corpor-
ations with high costs because of high audit fees and in developing and maintain-
ing an internal cost system. This is opposed to the objective of the maximisation
of the shareholdersâ€™ wealth. It is ironic that the external auditors are the winners
because of Section 404 (Huffman, T. Brandeis Law Journal 2004â€“05).
Effectiveness of the audit committee
SOX requires external auditors to report to the audit committee of the company
instead of reporting to management. There is no doubt that this new provision
of giving oversight powers to the audit committee prevents collusion of exter-
nal auditors and management. However, it also gives management the opportun-
ity to take a factual defence before any jury that the audit committee was the
one who was responsible for carrying out supervisory function over audits and
not them. They could argue that the directors have been burdened with more
responsibilities without making it effective for them to shoulder new extra
Part E â€“ Case Studies of Business Risks
responsibilities as they have neither the competence nor the inclination to
understand the intricacies of accounts (Kroger 2005).
SOX requires audit committees to have at least one financial expert and,
with regard to this, disclosure is to be made. If the requirement is not complied
with then the reason for non-compliance must be given. It is similar to the UKâ€™s
comply and explain approach. However, this requirement does not serve the
purpose as the audit committee members need to be expert in finance to under-
stand the complexities of accounts so that they can recognise any kind of
deception committed by management or auditors (Cunningham, Lawrence A.
Connecticut Law Review, Spring 2003).
Under SOX audit committees are made responsible for supervising the
audits of the company but, apart from the non-independent directors, the mem-
bers of the audit committee remain ill-informed as to the affairs of the company.
They are in the same position as the accounting firms which are carrying out
the audit of the company. There is no provision in SOX for enabling them to be
informed as to what is going on in the company through internal channels
The independence of public accounting firms
SOX has especially provided for the independence for accounting firms so that
there is no conflict of interest and no repetition of Enron and Arthur Andersen
circumstances. However, one major flaw in this reform has been reported by
several commentators. The tax services are not included in the non-audit ser-
vices which have been prohibited by SOX. There is inherent conflict of interest
in providing tax services to the company for which audit is being provided. The
independence of accounting firms will be best served if there is a total ban on
them from providing any other service than an audit service. There is general
belief by investors that auditors should not provide any other service than
audits (Barrett 2004).
The effectiveness of the disclosure of waiver of ethics code
Section 406 of SOX was enacted to require companies to disclose the waiver of
codes of ethics. The reason for such enactment is that the Enron board waived
the code of ethics to facilitate the CFO in participating in the LJM-party-related
transaction. The logic is that if this waiver had been disclosed then investors
would have closely looked into these shady transactions. This reasoning does
not; however, seem to be convincing bearing in mind that the regulators and
analysts were indifferent to Enronâ€™s way of functioning for so long. This small
disclosure is unlikely to have affected their attitude towards Enron. Moreover
there is no elaboration in Section 406 as to what kind of code of ethics there
should be and what waivers need to be disclosed. This uncertainty gives com-
panies the opportunity to form such kind of code which requires minimum
waivers. In reality this kind of ambiguity can lead to the lowering of moral and
Chapter 22 â€“ Legal risk management in the US â€“ the United Statesâ€™ response to the Enron collapse 571
ethical standards in the corporation (Kroger, J. University of Colorado Law
Review, Winter 2005). This is because dishonest executivesâ€™ intent on abusing
the code will not be deterred as codes can be rewritten to satisfy the bare min-
imum of the subjects mentioned by SEC. Meanwhile honest executives will
also try to rewrite the codes in order to evade litigation. These are some of the
negative signals to the market which a disclosure of the waivers can cause. This
is one of the provisions which can be best described as an example of a coun-
terproductive law (â€˜The good, the bad, and their corporate codes of Ethicsâ€™,
Harvard Law Review, May 2003).
No guidelines for good governance
SOX protects investors from corporate abuse because of mal-governance but
does nothing to improve governance. It intends to prevent corporate misbehav-
iour but does not strive to introduce good governance (Carver, J. Now Letâ€™s
Really Reform Governance, available at business premier).
Can lawyers be gatekeepers?
It has been argued that corporate governance cannot be resolved by assigning
lawyers the role of corporate gatekeepers and information intermediaries with-
out proper incentives to corporate attorneys, directors and managers. Under
SOX corporate lawyers are required to report any misconduct to corporate offi-
cers and directors. The failure to do so attracts liability under federal law. The
mandatory reporting by lawyers under Section 307 of SOX to prevent fraud will
not be effective unless corporate attorneys are conferred the right to raise objec-
tions to corporate decisions and to persuade change. The abetting of fraud by
lawyers was illegal before the collapse and it remains illegal also after the col-
lapse. SOX does not affect the role of corporate attorneys in corporate govern-
ance (Fisch, Jill E. and Rosen, Kenneth M. â€˜Is there a role for lawyers in
preventing future Enrons?â€™ Villanova Law Review 2003).
No doubt the recent US reforms have imposed harsher criminal penalties upon
erring executives to deter them from committing fraud and enhanced the inde-
pendence and responsibility of independent directors. Yet these reforms have
weaknesses. Whereas unethical executives still work for their selfish interest at
the peril of investors (Ronen and Berman 2004) no guidance for others on good
governance has been made available. While it is important to have a tough regu-
latory environment that allows competition to thrive, excessive and costly
regulation â€“ however well meaning â€“ is having a stifling effect on capital forma-
tion and economic growth, especially on smaller businesses. In the following
chapter some comment on the comparative approaches in the light of emerging
Part E â€“ Case Studies of Business Risks
economies and the way forward for sustainable risk management will be
made having regard to the relevance of corporate responsibility and corporate