The Sarbanes-Oxley Act of 2002: Why it is Relevant to the Closely Held Family Business by Ira Tatelbaum Sarbanes-Oxley.1 Sounds like the name of a treaty that ended some far-off foreign war. Meant to quench conflagration of a different sort: the torching of prudent business practice and fiduciary responsibility in corporate America, this act of the United States Congress reinforces and expands policies that have maintained confidence in the American capitalistic system for almost seventy years. The Act focuses on management accountability and corporate governance while carefully defining the role of professionals who provide legal, accounting, and other services. Although promulgated for regulation of publicly held companies, the legislation has much to offer for closely held family enterprises. The name Enron has come to epitomize all that can be wrong in corporate business practice, particularly because its management destroyed the balance sheet of a company they did not own as well as the retirement savings of many thousands of Americans. Both the company’s public shareholders and its employees entrusted Enron’s management and directors with their money and with their financial futures. Instead of fulfilling these sobering responsibilities, the officers and directors of Enron violated every fundamental obligation as they fudged their books, made a mockery of their board, and enlisted the assistance of unprincipled auditors to certify their misdeeds. And, while Enron may represent the worst example of corporate criminal excess, we learned that many of our most trusted enterprises had become tainted by less than perfect adherence to existing laws that were meant to protect shareholders and maintain public confidence in our economic system. Thus, the purpose of Sarbanes-Oxley is to restore confidence by clearly defining the rules of public corporate function and fortifying them with severe penalties for breach. So, why is this important to privately held family businesses that often eschew the public realm precisely because they want to protect their privacy and, therefore, to minimize public scrutiny? The Sarbanes-Oxley Act is grounded by prudent business practice and buttressed with principled corporate governance. Behind the government regulation is a series of sensible requirements that will enhance the ability of any business, public or private, to manage and govern itself. In three areas, the role of outside professionals, management accountability, and corporate governance, the Act requires compliance with regulations that will not only protect public stockholders, but will also provide a model for the privately held family business to protect and enhance its long term competitiveness. The Outside Auditor Outside auditors have long been explicitly prohibited by the Act from providing certain services to their audit clients: bookkeeping, appraisal or valuation services, and actuarial services. And they can not act as a broker dealer, investment advisor, or banker to an audit client. The new legislation adds internal audit, financial information systems and design, and consulting services. Actually, the latter restrictions have always been implied, but, over time and in the face of its industry’s self-regulation lapses, these practices have crept into the portfolio of services offered to audit clients by their outside auditor. The purpose of the legislated prohibitions is to keep the outside auditor completely independent of management and under scrutiny by certain members of the board of directors. In the past, as outside auditors took on these prohibited practices, lines blurred and the nature of the auditor/client relationship was altered detrimentally. After all, how can an outside auditor who is assisting with internal audit functions offer a truly independent opinion of a company’s financial condition? Or, if an outside auditor also has a lucrative MIS consulting contract with the company, might not the provider be compromised by management pressure to soften an opinion for fear of losing the consulting contract? The Act addresses these issues directly and is clear in its definition of what services the outside auditor may and may not provide. The objective of these provisions is to preserve undisputable independence for the outside auditor. Further, the new law provides for all audit and non-audit services to be pre-approved by the Audit Committee of the board of directors (more on this below). In order to provide continuously objective treatment by the auditor the Act requires audit partner rotation after five years. Finally, the auditor is required to report to the Audit Committee of the board of directors on critical accounting policies, alternative accounting treatments brought by management to the auditor, and other material communications such as management letters. For the privately held family business and for its stockholders, particularly if they are not board members or part of management, the independence of the outside auditor is of critical importance. Each constituency: owner managers and passive stockholders, needs financial information that purely represents the condition of the company, the latter group because it is entitled to the information and the former because accurate financial data are requisite to daily functioning and strategic planning. The government may not be watching, but the independence of the outside auditor is indispensable to the private family enterprise’s integrity and competitiveness. Management Accountability The new law requires the CEO and principal financial officer of the company to certify each quarterly and annual report. Both must read the report and attest that it is not misleading and that it presents fairly the financial condition of the company. Further, the CEO and principal financial officer must establish internal controls, evaluate their effectiveness, and disclose to the auditors and the audit committee significant deficiencies or management fraud. These requirements target the CEO and CFO who may otherwise claim to be unaware of the actions of underlings who have perpetrated acts of fraud or misrepresentation unbeknownst to their superiors. The certifications described above are meant to preclude any claim by upper management that they are ignorant or uninformed. While these rules might not seem pertinent to the family business whose stock ownership is confined to family/owner/managers, there are many family businesses whose family/owners are not managers and who do not work in the business. These family members are totally dependent on management for information regarding stock ownership that may represent their greatest asset. Adoption of the certification and disclosure provisions of the Act, acceptable to management particularly because they come from an unbiased source, would provide a measurable degree of comfort for these family owners. Corporate Governance For many privately held family businesses the board of directors is a kind of familial club organized more out of legal necessity than to provide effective oversight of management. For others the board may be active but its membership is confined to family members. The ideal board structure is composed of family owners and/or managers with at least three outside directors, outside being defined as non-family, non-management, and with no financial arrangements with the company for consulting or other services. The provisions of the Sarbanes-Oxley Act of 2002 support the ideal model and give structure and substance to the board of directors and its most important subset, the Audit Committee. Traditionally, the Audit Committee has been the Board’s liaison with the company’s auditor (accountant). A business with an active Board might have had an Audit Committee, but the work of the Committee was in practice often limited to review and recommendation rather than oversight and enforcement. The new law has changed all that. The Audit Committee’s largely passive role has grown to be not just a toothless line of defense for the stockholder, but the active, ongoing conscience of the company. The future Audit Committees of public companies will hire, fire, determine compensation for, and oversee the work of the company’s auditor. The auditor will report directly to the Audit Committee. To ensure objectivity the members of the Audit Committee must be independent and cannot accept consulting or advisory fees from the company. In its expanded role the Audit Committee will also resolve disputes between the auditor and management. At least one member of the Audit Committee will be required to be an expert, i.e., a Certified Public Accountant or present or past corporate CEO. The Committee will be required to structure procedures for dealing with complaints regarding auditing matters. No longer a shrinking violet, the Audit Committee will have authority to engage independent counsel or other advisors to help execute powers now mandated by the new law. Granting such powers to an Audit Committee by a private family owned enterprise might appear to be an unacceptable intrusion to entrepreneurial free wheeling executives who have built their company with a purposeful eye toward independence and conscious avoidance of Big Brother’s watchful eye. However, as the governance of the family’s company grows from the informal Board of Directors, to the family only Board, to the Board that includes outside directors, careful adoption of components of Sarbanes-Oxley could be of great benefit to the family and the company. While it may not be necessary or even possible to give the Audit Committee of a family business the wide ranging powers described above, the establishment of an Audit Committee composed of outsiders, one of whom is an expert, to oversee the company’s audit relationship would be a comfort to non-management family stockholders and a management resource for establishing sound business practice. To the extent that the Sarbanes-Oxley Act of 2002 has imposed new, explicit duties on every public company’s Chief Executive Officer, Chief Financial Officer, and Board of Directors, its passage has heightened the consciousness of corporate officers and directors to their fiduciary responsibility to stockholders and employees. As each officer signs the certification of financials, as each Audit Committee member prepares to select an outside auditor, as the Securities and Exchange Commission scrutinizes compliance with the new law, public faith will be restored in the institutions that have monitored and governed and fostered American economic growth for decades. The importance of the Act is in its quest to institutionalize prudent business practice and fiduciary responsibility. It is this goal that makes the Act relevant to the privately held family business. Study, scrutiny, and adaptation of the law’s principles will be of great benefit to stockholders, managers, and all the directors of closely held family businesses. After all, the privately held family business of today may be the public company of tomorrow. What better way to prepare than to understand and adopt the Sarbanes-Oxley principles of management accountability and responsible corporate governance? 1. The information in this article is for general information only and does not constitute legal advice. Readers should contact their own legal counsel for guidance on the issues addressed Copyright © 2003 - All rights reserved.