• No results found

Private Companies Banking in a Sarbanes-Oxley World

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Private Companies Banking in a Sarbanes-Oxley World"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

1 INTRODUCTION

The Sarbanes-Oxley Act of 2002 (SOX) is the most significant business legislation introduced since the Great Depression and is primarily designed to enhance public confidence in corporate governance and financial reporting of public companies.

For the most part, the reception of SOX and the implementation of its requirements by companies have been controversial. Much of this controversy stems in part from the time and expense required by companies to comply with its Section

404 internal control requirements.

Under Section 404, a public company is required to include in its annual report a management report on its internal control that generally provides management’s assessment of the effectiveness of such control and discloses any material weaknesses. Section 404 also requires a report by the company’s independent auditor attesting to management’s assessment.

IMPACT ON PRIVATE COMPANIES

For better or worse, the impact this legislation has had on public companies has been, in many ways, painful. While SOX was largely intended to apply to public companies only, the “pain” has extended to private companies. SOX is affecting many of our private company clients, including our clients preparing for an initial public offering or a merger with a public company, where compliance with SOX requirements is paramount. Private companies that have their financial statements audited by independent auditors are also likely to be affected by the rigors of SOX-influenced auditing standards.

FOCUSING ON

BANKING-RELATED CONTROLS

Generally speaking, SOX implements provisions to ensure that a company’s financial statements fairly present the condition of the

Private Companies Banking in a

Sarbanes-Oxley World

While SOX was

largely intended

to apply to public

companies only,

the “pain” has

extended to private

companies.

(2)

While banking

activities may

be fairly routine

matters when

compared to other

key financial areas

of focus such as

revenue recognition,

it is essential for a

company’s overall

SOX compliance

to have effective

internal controls.

business and that the company has established effective internalcontrol systems over its financial reporting. Because a company’s banking activities directly impact its financial statements and financial reporting, careful consideration must be made when designing and implementing internal banking-related control systems. While banking activities may be fairly routine matters when compared to other key financial areas of focus such as revenue recognition, it is essential for a company’s overall SOX compliance to have effective internal controls.

Companies preparing themselves for an assessment of their internal controls over financial reporting may first want to conduct their own thorough self-assessment of their controls, such as their internal policies. SEC guidance has encouraged companies to sharpen their focus on the areas of greatest financial reporting risk for their internal controls assessment process. The process is one of risk-based prioritization, and is not all-inclusive. Obviously, the internal controls over financial reporting need to be sufficient to prevent or detect a material misstatement in the financial statements.

(3)

3

Our experience working with thousands of private and public companies has given us much insight into their internal banking-related controls and practices. While there are many best banking practices to consider for companies preparing themselves for SOX, the design and implementation of your internal banking-related controls must be tailored for your company and its risks and needs, not to mention costs. Below are some considerations you may wish to take into account for your internal banking-related controls, some of which may be more relevant to you as each company’s situation is different.

GENERAL BANKING

• Centralize the administration of bank accounts.

• Limit the authority of individuals under corporate resolutions to specific officers and directors acting together to open or close bank accounts.

• Separate certain functions and duties, such as accounts payable, treasury and bank reconciliation.

• Institute a system of dual authorization where authorized personnel are not in the same department or reporting chain of command.

• Examine bank statements monthly.

• Separate bank accounts based on the type(s) of payment and payment method (check, wire, ACH, etc.).

• Ensure authorized signers for each account are reviewed on a semiannual basis.

• Consider direct transmission of bank data directly into an accounting system to improve data integrity.

PAYMENTS

• Limit the number of domestic and international paper checks domestically and use wires or Automated Clearing House (ACH) payments as an alternative.

• Establish dual control guidelines for the use of wires vs. ACH.

• Establish levels of authority for account access and payment activities.

• Perform frequent account reconciliation (at least monthly), and automate activity to improve data integrity.

• Reduce exposure to check fraud with positive pay service.

• Set review limits within positive pay and require all high dollar presentments to be reviewed and released by two parties.

• Consider check issuance and comprehensive payables service as a way to centralize and automate paper and electronic disbursement needs.

• Establish signatory thresholds and review those thresholds periodically.

COLLECTIONS

• Develop a strategy to improve the predictability and identity of incoming payments.

• Develop a risk matrix for customer quality vs. payment method (checks, wires, ACH).

• Establish fraud detection controls.

• Optimize bank products (such as automated data feeds) for incoming payments integrity.

• Segregate collection accounts from payment accounts.

Considerations for Designing and Implementing

Internal Banking-Related Controls

(4)

INFORMATION TECHNOLOGY

• Ensure that electronic banking systems are compatible with the company’s enterprise resource planning system.

• Monitor electronic banking system access and set up users with levels of authority to approve and release payments within the electronic banking system(s).

• Audit the security administration function on a routine basis and audit all employee access privileges at least annually.

INTERNATIONAL TRANSACTIONS • Establish domestic treasury personnel as

directors of foreign subsidiaries.

• Designate two directors to cooperate as the only authorized officers with the ability to open an close accounts or authorize contract banking services (foreign exchange (FX), lines of credit, etc.).

• Identify foreign currency exposure and establish an FX policy.

• Follow approved policies for FX transactions, including hedging strategies.

• Monitor foreign exchange policy adherence monthly.

• Establish and assign FX trading authority based on the size of the transaction.

INVESTMENTS

• Establish an investment policy for excess cash that must be approved by an investment committee.

• Establish appropriate controls, such as authorized signers, to open new investment accounts.

• Establish standards for reporting externally managed accounts (SAS 70).

• Review investments monthly and investment policies at least semiannually.

(5)

5 9 About Silicon Valley Bank

Silicon Valley Bank is the premier commercial bank for emerging, growth and mature companies in the technology, life science, private equity and premium wine industries. SVB provides a comprehensive suite of financing solutions, treasury management, corporate investment and international banking services to its clients worldwide. Through its focus on specialized markets and extensive knowledge of the people and business issues driving them, Silicon Valley Bank provides a level of service and partnership that measurably impacts its clients’ success. Founded in 1983 and headquartered in Santa Clara, Calif., the company serves clients around the world through 27 U.S. offices and five international operations. Silicon Valley Bank is a member of global financial services firm SVB Financial Group, with SVB Analytics, SVB Capital, SVB Global and SVB Private Client Services. More information on the company can be found at www.svb.com.

Our experience working with thousands of private and public companies has given us insight into their internal banking-related controls. Please contact your Silicon Valley Bank Relationship Management team or product advisor to discuss how we can assist your company.

This article is for informational purposes only. You should consult with your legal and accounting advisors, as well as your auditors, with respect to your SOX compliance program.

(6)

silicon valley bank headquarters

3003 Tasman Drive Santa Clara, California 95054 U.S.A. phone 408.654.7400 svb.com

References

Download now ( PDF - 6 Page - 166.59 KB )

Related documents

Electronic structure of Pd multi-layers on Re(0001): the role of charge transfer

d-band center shifts and bandwidths. Therefore the Pd 3d states at the interface layer have higher binding energies that those from consecutive layers.. e) The charge transfer

Fear and Serve The LORD

As we read the book of Joshua we witness the fickle faith of Israel, the steadfast promises and power of God, and the constant reminders that the LORD is the God of all the earth –

AIG Domestic Accident & Health Division

the Covered Percentage of Eligible Expenses incurred in excess of the Deductible for each session of Outpatient Services subject to the Maximum Number of Visits per Policy Year

A DISTANT-LEARNING TRAINING MODULE ON ENERGY EFFICIENT INTEGRATED BUILDING DESIGN IN URBAN ENVIRONMENT

One of the main objectives of the present project concerns the production and promotion of a complete educational module using advanced media technology and facilitating

Delirium Incidence, Duration and Severity in Critically Ill Patients with COVID-19

Delirium incidence, duration and severity in patients admitted to the intensive care unit (ICU) due to COVID-19 is not

Test-Driven Development and Continuous Integration

Finally, we discussed CruiseControl.NET and how it can help you fi nish off the automation aspects, so that any time someone modi fi es your code base, the building and testing

An Exploration of Dance Therapy, its Origins, and its Applications in Parkinson’s Disease

Ultimately, although dance/movement therapy was not intended as a resurgence of early ritual and ritual dances, many of the key elements of ritual healing dances can be found in

Review of Participatory Heritage

Chapters that may be of particular interest to archivists cover topics such as the archives of the African American community in Flat Rock, Georgia; the Bethel African