Direct and indirect impact of Sarbanes-Oxley hits private companies

Computerworld - When Congress passed the Sarbanes-Oxley Act one year ago this month, the mandates to put more stringent controls on corporate accounting practices were primarily aimed at public companies. But executives, consultants and lawyers are starting to realize that there are both direct and indirect implications for privately held businesses as well.
For instance, public and private companies alike have to adhere to the so-called whistleblower provision of the law, under which employees must be permitted to anonymously notify regulators of any potential wrongdoing within a company, said John Hagerty, an analyst at AMR Research Inc. in Boston.
In addition, privately held companies would have to take many of the steps required to demonstrate compliance with Sarbanes-Oxley if they decided to go public or agreed to merge with a public company.
Although the whistleblower provision probably doesn't pose any major IT implications for most companies, the stock-offering and merger considerations do. Just like their publicly traded peers, privately held businesses could be forced to make substantial changes to their system infrastructures and data-reporting capabilities, according to Hagerty and others.
"If you're thinking of going public or it's even in the realm of possibility for you, this is sure as heck something that you'd better plan for," said Robert Handler, an analyst at Meta Group Inc. in Stamford, Conn.
In a survey of 1,400 chief financial officers at private companies that was published in this month's Journal of Accountancy, 44% said they are either reviewing or changing the accounting procedures within their organizations as a result of Sarbanes-Oxley.
In addition, public companies involved in potential acquisition deals with privately held businesses are beginning to push them to document their internal accounting controls and processes, said Jocelyn Arel, a partner at law firm Testa, Hurwitz & Thibeault LLP in Boston. "We're starting to see that in the due diligence process that buyers are going through," said Arel, who is co-chairman of the firm's corporate finance and securities group.
Fred Pauls, corporate records manager at J.R. Simplot Co. in Boise, Idaho, said the privately held agribusiness has already taken steps to address the mandates of Sarbanes-Oxley because it has government contracts that require compliance with the law.
J.R. Simplot, which has annual revenue of more than $3 billion, last year began using an automated records management system developed by Colorado Springs-based Optika Inc. to help index its purchase-order system so it complies with Sarbanes-Oxley record-keeping requirements.
"We do comply in most cases with Sarbanes-Oxley due to previous [internal financial control] policies, and this software system is a key part of that," Pauls said.
In the future, he said, J.R. Simplot will likely take advantage of a link that's already in place between Optika's Acorde Records Management software and J.D. Edwards & Co.'s financial applications "to accommodate other financial reporting provisions of Sarbanes-Oxley."