Web-Based Whistle-Blowing?

Readers comment on current business issues as reported in CFO magazine.


CFO welcomes your letters. Send them to: The Editor, CFO, 51 Sleeper St., Boston, MA 02210

E-mail us at ScottLeibs@cfo.com, or contact a specific author by clicking on his or her byline. You can also post a comment directly on CFO.com by clicking on the appropriate link at the end of any article.

Please include your full name, title, company name, address, and telephone number. Letters are subject to editing for clarity and length.

Recent discussions among accountants, attorneys, and compliance professionals on LinkedIn.com suggest that Sarbanes-Oxley is not working as intended to prevent fraud and misconduct ("Fraud Case Casts Doubt over Sarbox Exemption," Topline, January/February).

A group of finance and accounting professionals has proposed a viable alternative: they're asking employees of U.S. publicly traded companies and financial institutions to anonymously disclose information about the questionable business practices of their companies and those companies' executives on a new Website (www.zethics.com).

This online information service provides officers and directors of U.S. publicly traded companies with extended visibility into companies and their management teams. Unlike information provided to officers and directors by the governance committee chair or chief audit executive, these online reports allow directors to deal with increasing shareholder demands, executive compensation, risk oversight, strategy, and transparency.

Through this service, investment professionals gain confidence and trust in U.S. publicly traded companies. And publicly traded companies gain investor and public acceptance of their ethics and corporate-governance programs, as well as extended visibility into customers, suppliers, and competitors to assess business risks and qualify business opportunities.

Mark Rome
zEthics Inc.

The fraud factor in the Koss Corp. case should have been discovered through simple inquiry [that would have found one] person having access to both accounting transactions and the cash (credit cards, wire transfers, signing checks). Not all fraud can be detected, but this type should have been. The SEC Interpretive Guidance specifically says, "Management's evaluation of the risk of misstatement should include consideration of the vulnerability of the entity to fraudulent activity."

So, one might ask, was the fraud portion of the SOX 404(a) assessment performed by a competent and objective party? Or, a bigger question: Was the SOX 404(a) management assessment in fact done at all? The answer in this case would need to be yes to one of those two questions.

This leads to the next point, which was, why aren't outside auditors verifying that 404(a) was done? Perhaps outside auditors do not view this as part of their responsibility. Our informal conversations with the SEC, the PCAOB, and the AICPA CAQ indicate that it is an illegal act to not comply with SOX 404(a) and should be reported by the outside auditors as such.

If management did not document and test controls under Section 404(a), how could they express "clean" opinions on controls and say they did test the controls? Their report reads as follows:

"Management conducted its evaluation of the effectiveness of its internal control over financial reporting based on the framework in 'Internal Control-Integrated Framework' issued by the Committee of Sponsoring Organizations of the Treadway Commission…as of June 2009. Based on this assessment, the Company's management…believes that…the Company's internal control over financial reporting was effective."

Three questions arise: (1) Was the SOX 404(a) assessment not done by a competent or objective party? (2) Did they not do it at all? (3) Or did they find it and look the other way? Outside auditors were not required to test controls under SOX 404(b), so there is no accountability.

Bob Benoit
President & Director, SOX Research
Lord & Benoit LLC
Worcester, Massachusetts

Why Banks Don't Lend

It appears that the thrust of "Small Consolation" (December 2009) is that commercial banks are not being good corporate citizens because they are not lending to small businesses and this is why these businesses are struggling or will fail. If venture capitalists and angel investors don't believe small businesses are good credit risks, as highlighted by a decrease in funding of 58% and 27%, respectively, why should commercial banks operate differently?

Commercial banks are lending to creditworthy customers. Bill Dunkelberg [a commercial banker and head of the National Federation of Independent Business] identified the real cause of some small businesses being denied credit: lack of sales, customers, and confidence. I also think the results of the NFIB survey in the article indicate that it's not the commercial banks' fault that times are tough for small businesses. Commercial banks can't change the rules of a recession: businesses will fail.

The return to sound lending practices for some banks that took on too much risk is a good thing, and I'm sure the adjustment period is difficult on those less-than-creditworthy individuals who now find themselves carrying too much debt that can't be refinanced. Park National Corp., based in Newark, Ohio, where I work, did not ease its underwriting standards like some commercial banks did. As a result, it is business as usual for us, and commercial loans are up 3.4% in the past 12 months.

Carl H. Mayer Jr.
Vice President and Chief Risk Officer
Enterprise Risk Management
Park National Corp.
Utica, Ohio

Becoming Best-in-Class

I enjoyed "Keen to Be Lean" (December 2009), and agree that hospitals should be looking at other types of organizations for ideas on profit and process improvement.

I had a sense of déjà vu — I could have been reading this article about manufacturers in the 1980s. Yes, the Toyota Production System practices evolved from the 1970s, but other process-improvement approaches have also been introduced, and in some cases have become integrated with lean improvement. An example is Six Sigma quality improvement, which for a time was a competing methodology with lean. Best-in-class manufacturing companies have now combined their process excellence programs with names such as Lean Six Sigma. The best of the best have also included simulation technology to test process changes before implementing them in operating departments.

Best-in-class hospitals started to implement Six Sigma programs to reduce errors and improve quality a few years ago. Rather than making the same mistakes that manufacturers did, with competing methodologies, hospital CFOs should become familiar with and take advantage of the methodologies and tools currently available.

Jim Curry
OpStat Group Inc.
Ridgefield, Connecticut

Land of Hope and Dreams

I love the statistics and resources in "Failure to Launch?" (October 2009), like the Ewing Marion Kauffman Foundation's studies of corporations founded during recessions. I'm delighted to see the other quotes as well showing that people are forging ahead with their dreams and visions.

When I was a child, my parents terrified me with thoughts of the next Great Depression. I'm fascinated with stories of people who became millionaires during that time. The one thing that I feel most strongly contributes to the success of those who come out on top following a depression or recession is the ability to see beyond the fear, to have hope, passion, and a dream.

John R. Aberle
Aberle Consulting
San Dimas, California


Read next:

Finance At BeyondCore