China Discovers Lawyers

In America, lawyers can be ridiculed with humor without touching off any of the "political correctness" alarms raised when other groups are attacked. Attacking lawyers, of course, is nothing new. In the New Testament we read, "Woe unto you, lawyers! for ye have taken away the key of knowledge." Florynce R. Kennedy, herself a lawyer, once said, "The question arises ... whether all lawyers are the same. This is like asking whether everything that gets into a sewer is garbage." Perhaps the most famous line ever written about lawyers is contributed to William Shakespeare. In his play Henry VI, Dick the butcher utters, "The first thing we do, let's kill all the lawyers." The fact is, however, that when lawyers are needed -- to protect their rights or provide defense -- people quickly put aside their negative perceptions and embrace lawyers as friends if not saviors. Still, people elsewhere marvel that America is such a litigious society. Lawsuits are often viewed as a road to an easy fortune. Lawyers are, in part, responsible for creating this culture through advertising, class action lawsuits, and contingency cases. Legal costs, however, are a necessary (and worthwhile) business expense, especially when it comes to copyrights, patents, and protecting intellectual property. This is a lesson the Chinese are quickly learning ["850,000 lawsuits in the making," The Economist, 12 April 2008 print edition].

"Western firms are always complaining about the theft of intellectual property in China. From knock-off designs to copycat brand names, pirated music and fake drugs, China has a well-earned reputation as a free-for-all when it comes to patents and copyrights. Worse, there often seems little hope of redress: the courts are too distant and too incompetent; the laws are too weak or too vague; the culture is too resistant to the very idea of intellectual property. Yet help is at hand, in the form of Chinese firms with patents to defend. Since 2003 the number of trademark applications has grown by 60%; the number of patents has nearly doubled (850,000 are now active) and the number of lawsuits about intellectual property has more than doubled. The government is encouraging the trend in many ways, including signalling to the press to cheer it on."

With Chinese political leaders openly encouraging their scientists and engineers to become more innovative so that China can become a global leader in innovation, this trend is likely to have legs.

"This enthusiasm marks a dramatic change. During the Maoist era, private property of any kind was seen as theft from the masses, and so subject to just expropriation. Only in 1985 did China begin to enact laws to protect patents. It did not enforce them much until 2001, when the authorities promised to crack down in order to win admission to the World Trade Organisation. China has since opened more than 50 courts that deal solely with intellectual-property cases, and Chinese firms are using them. Prominent litigants include a pram manufacturer protecting designs, a soya-milk producer defending an industrial process and a maker of Chinese medicines shielding a name that, roughly translated, means 'mind and blood purge'. As companies in China establish brands and develop products, the incentive to sue will grow, particularly because the cost of bringing a case is minimal. 'If you can afford a car, you can afford a lawsuit,' says Tony Chen, who works in the Shanghai office of Jones Day, an international law firm."

Although there has been an increase in lawsuits by individuals in China, Chinese leaders' enthusiasm for legal action is limited to helping businesses protect their interests. Human and civil rights enforcement are not greeted with the same eagerness. Another difference between the Chinese legal system and America's is that juries are largely uninvolved.

"In America, firms often settle intellectual-property cases out of court for fear of enormous awards by juries. That is not true in China, Mr Chen says, where a judge rules in the majority of cases and damages tend to be small. They normally cover legal costs, however, turning lawsuits into a self-funding method to battle piracy."

That's where the American and Chinese systems share a lot in common.

"Unsurprisingly, the main beneficiaries of the sudden interest in intellectual property are Chinese lawyers. Some reportedly earn more than $5m a year. Non-Chinese law firms sometimes provide advice on thorny cases. But they are not allowed to file patents or appear in court on behalf of a client—a proprietary process that Chinese lawyers are keen to defend."

If the lawyers turn out to be the primary beneficiaries of lawsuits, Chinese jokes about lawyers won't be far behind. For foreign companies that have seen their intellectual property rights ignored by Chinese firms, this new interest in protecting such rights is long overdue. Whether foreign IP rights will be pursued with the same enthusiasm as the protection of Chinese IP rights remains a question to be answered.

In a Twist: Industries Looking to be Regulated

The recent problems with food and toys coming out of China have created a situation where some industries that normally eschew regulation are calling for more of it ["In Turnaround, Industries Seek U.S. Regulations," by Eric Lipton and Gardiner Harris, New York Times, 16 September 2007].

"After years of favoring the hands-off doctrine of the Bush administration, some of the nation’s biggest industries are pushing for something they have long resisted: new federal regulations. For toys and cars, antifreeze and fireworks, popcorn and produce and cigarettes and light bulbs, among other products, industry groups or major manufacturers are calling for federal health, safety and environmental mandates. Some of those industries are abandoning years of efforts to block such measures, often in alliance with the Bush administration, which pledged to ease what it views as costly, unnecessary rules."

This doesn't mean that big industry suddenly got religion. They understand that new regulations are in their best interests.

"The tactical shift by industry groups is motivated by a confluence of self-interests: growing competition from inexpensive imports that do not meet voluntary standards, and a desire to head off liability lawsuits and pre-empt tough state laws or legal actions that were a response to laissez-faire Bush administration policies."

The article points out that industry's timing is also critical. They would rather have regulations passed under a Republican administration than a Democratic one. Apparently, industry doesn't hold out much hope for Republican presidential candidates in the next election.

"But industry officials, consumer groups and regulatory experts all agree there has been a recent surge of requests for new regulations, and one reason they give is the Bush administration's willingness to include provisions that would block consumer lawsuits in state and federal courts. Such pre-emption clauses were included, for example, in a drug label rule issued by the Food and Drug Administration in 2006 and in a new fire-prevention standard for mattresses imposed by the Consumer Product Safety Commission in July, said David C. Vladeck, a professor at the Georgetown University Law Center. The pre-emptions bar consumers from filing liability claims in courts and supersede any tougher state regulations, extremely valuable protections for a major manufacturer, Mr. Vladeck said. 'This is Christmas,' he said of industry, 'this is their wish list.' A number of businesses are seeking such pre-emptions, though the clauses are being challenged in many courts."

There are other reasons that industries want regulations besides clauses that provide them exemptions from lawsuits.

"Some industries and consumer groups are aligned in seeking the same regulations, though perhaps for different reasons. 'It's definitely a strange-bedfellow situation,' said Sarah Klein, a lawyer at the Center for Science in the Public Interest, which is seeking, along with grocery stores and produce growers, new requirements to prevent food-borne illnesses. 'The voluntary system is not working from a food-safety perspective, and it’s creating real problems for the industry.' Other industries, though, are endorsing mandated government standards that fall well short of what consumer advocates want or what tougher state rules require. Trade groups representing makers of antifreeze, upholstered furniture and all-terrain vehicles, for example, had long opposed federal regulations, but are now pushing the Bush administration for rules that consumer advocates say inadequately address safety or environmental concerns. ... Concerns about competition have led to other proposals. As imports from China have grown in recent years, low-priced Chinese products that do not meet voluntary industry standards have motivated trade groups to seek new safety mandates."

I've noted before that internationally recognized standards are important for ensuring that products are safe and workers protected. Industry is just beginning to realize that doing business with unregulated or poorly regulated industries can be a real liability. They may like the freedom that unregulated environments provide, but moving products made in such an environment into the global economy is problematic. In his Weblog, Tom Barnett wrote this about the article:

"Interesting dynamic with Chinese competition: because the Chinese undercut on both price and safety, U.S. industries see regulation as salvation. Oddly enough, so will the Chinese over time. The better our regs work upstream on the Chinese, the more we help their economy become more rule-bound. Good stuff for both sides."

There will always be a tension between regulators and those regulated, but that's not a bad thing. The big winners should be consumers and workers, both of whom should be safer as a result of good regulations around the world. How companies deal with regulations can make compliance either an asset or a liability. Enterra Solutions was originally founded to deal with compliance, security, and business optimization challenges. Whenever routine processes can be automated, especially those associated with regulatory requirements, time, resources, and manpower can be optimized giving the company a competitive edge. As companies learn that they must embrace a certain level of regulation, they will search for better ways to ensure compliance.

SOX Five Years On

Just over five years ago, Congress passed the Sarbanes-Oxley Act in response to the corporate scandals at Enron, WorldCom, Tyco, etc. There have been many complaints about the law and publicly-owned companies have chaffed under its compliance requirements. Over the past couple of years I have written a number of posts on the subject [SOX: The Ante for Business in the 21st Century; Why Regulatory Compliance Remains Important; U.S. Business Regulations to be Examined; More on Compliance & Over Regulation; Small Companies to Get SOX Relief; Attacks on SOX Continue; Investors Like SARBOX; More on the Upside of Sarbanes-Oxley for Investors]. The Economist provides a non-U.S. perspective of the law five years on ["Smelly old SOX," 28 July 2007], but the article begins by giving the common U.S. view of SOX.

"Today, SOX, as it is known, is widely reviled. In boardrooms across the world's mightiest economy, it has become shorthand for foolish, heavy-handed state interference in the wealth-creating marvel that is corporate America. The cost of complying with its requirements, it is said, has been far higher than predicted. It is blamed for promoting risk aversion and mistrust in corporate boardrooms, driving a growing number of public companies into the clutches of private-equity firms, and undermining the global competitiveness of America's capital markets. Much is wrong with SOX. It was passed in haste, and shoddily written. It took little account of current thinking about what a well-designed regulatory system should look like. Section 404 has caused the biggest problems. It makes top managers responsible for a firm's internal risk controls, and requires companies to produce an annual report in which outside auditors 'attest' to their quality—a requirement that has turned out to be unreasonably expensive for small public companies."

Sounds pretty bad doesn't it? Well, the Economist believes it is not as bad as it sounds.

"Section 404 is being dealt with. Small companies have already won temporary exemption from full compliance. A newly issued set of guidelines for auditors ought to reduce the cost of complying with section 404 for other firms. And the other criticisms of the act are overdone. At a time when profits and share prices are touching record highs, it is hard to argue convincingly that America's bosses have lost their capitalist zeal. Boardroom processes have certainly become more bureaucratic since SOX took effect, and board membership has shifted from entrepreneurs to watchdog types. That, however, is not necessarily a bad thing. Bosses may take fewer risks than they did in the past—but they may be taking the sensible risks, and avoiding the bad ones. Firms are indeed flooding away from public markets; but that is happening across the world, so cannot obviously be blamed on SOX. More likely, SOX is a convenient scapegoat for the bosses of public companies, who tend to get more money and less exposure to complaints about fat-cattery when their companies go private."

The law was intended to help protect investors by forcing companies to be more transparent-- a sort of forced integrity. Integrity was a characteristic too many corporate leaders seemed to have lost during the run-up to the Enron scandal. The real losers in many of these cases were employees who not only lost their jobs but lost their entire life's savings because they were tied up in retirement accounts consisting mostly of company stock. The question is, "Has it worked?"

"Once they have stopped fulminating, many bosses privately admit that SOX has brought benefits. Managers are now far more confident about the quality of the numbers they get from their business units. And if buoyant share prices are any indication, the public seems to have plenty of confidence in the markets. Since the purpose of SOX was to get a better deal for shareholders, it may deserve some credit for that. Still, it is too soon for a final verdict on SOX. Only after the next economic downturn will it become clear whether the tighter rules have made American capitalism stronger or weaker. As Warren Buffett likes to say, 'It's only when the tide goes out that you learn who's been swimming naked.'"

The article was written before the latest stock market "corrections," but that correction had nothing to do with SOX. As most people are aware, the latest correction is primarily a response to bad business decisions by sub-prime lenders and investment groups willing to buy bundled mortgage security offerings with little due diligence on their part. Regulatory compliance will always be "painful" because it amounts to the non-productive expenditure of resources. On the other hand -- as the Economist article implies -- companies that have good compliance processes in place generally have higher valuations because investors have greater trust in them. Done right, therefore, a compliance process can actually be an investment rather than a liability. Companies that fully comply with SOX requirements won't be found swimming naked.

China Learning about Resiliency and Trust

I have written several posts that discuss the important role that trust plays in supporting the global economy. In recent weeks, China has learned a costly lesson about trust. It began with the pet food scare and quickly moved to exported food and other products intended for human consumption. China's immediate response was to execute its senior food regulator, but it was unclear to whom that severe signal was being directed. The New York Times editorial staff responded to this episode by sending a signal of their own to China's leadership reiterating the importance of trust not punishment ["Killing the Regulator," 16 July 2007]. They wrote:

"The Chinese government's extraordinary decision to execute its chief food and drug regulator for taking bribes and allowing the sale of tainted drugs is a perfect example of all that is wrong with China’s approach to regulation. Beijing's leaders — who disdain the idea of their own accountability — may think that killing the regulator is enough to reassure consumers at home and abroad that China is now ready to guarantee the safety of its products. But they’re wrong. What China needs is an effective and transparent regulatory system and a clear understanding that its export boom will suffer if it continues to sell tainted food, toys and toothpaste. Until that happens — and there is no guarantee that it will — American regulators will have to do more to screen Chinese imports to protect American consumers."

The timing of this latest crisis in confidence couldn't be worse for China's leaders. They are doing all they can to focus the world's attention on what is good and vibrant about China as they prepare to welcome the world to the 2008 summer Olympics. The New York Times editorial goes on to list a litany of problems that continue to plague China's consumer sector. It also admits what I have seen on my numerous trips to China -- China has a new breed of leader who is committed to making China world class in every way -- including consumer safety.

"The good news is that for the first time China’s leaders are talking about the need for more and better regulation. And Washington and other governments can help with offers of technical advice and warnings about the cost of failing to take it. But the scope of the problem is too big, too complex and too urgent for the United States — with $300 billion worth of Chinese imports a year — to wait for Beijing to act. American importers need to provide the first line of defense. Companies like Wal-Mart should send inspectors regularly to visit the factories of Chinese suppliers, to ensure that products are up to acceptable standards. Ultimately the American government will have to enforce these norms."

While China's long-term efforts will likely prove effective, its short-term public relations efforts may be backfiring. Washington Post Foreign Service correspondent Ariana Eunjung Cha believes that China's leaders have concluded that the current crisis is about bad press not Chinese regulation ["After Silence, China Mounts Product Safety PR Offensive," 14 July 2007].

"Scanning the headlines in the Chinese press, it's easy to conclude that the global brouhaha over product safety is not about China -- but about America. Investigative reports in the state-run media delve into the case of an exploding cellphone purportedly made by U.S.-based Motorola that allegedly killed a young man. They warn consumers not to use contact-lens solution produced by U.S.-based Advanced Medical Optics, which has been linked to rare cases of blindness. And they play up recalls of U.S. beef. Faced with mounting international concern over the safety of some of the products it exports, the Chinese government -- often perceived as defensive and clumsy in how it handles public relations -- is firing back."

Cha reports that China has flooded Washington with lobbyists and hired well-known public relations firms to get their message out.

"The result has been an aggressive campaign to save the 'Made in China' label by presenting an alternate view on consumer safety and globalization. The message is that China isn't the only country that has had problems with the products it exports. China, as government officials have been pointing out in recent days, rejects U.S. imports at a rate that is just a little less than the 1 percent of Chinese products rejected by the United States."

I don't think the "Made in China" label has been seriously undermined in areas except the food sector(both human and pet) and toothpaste sector, which have received the most press. China's leaders seem to think that if they can show that bad things are happening to their consumers who use imported products foreigners will be more sympathetic to defective products that originate in China. Their hopes are ill-founded. Unlike other developed countries, China has no history of strong regulation upon which trust can be based. It is still trying to build that history of trust and pointing fingers at others does nothing to help. Cha does agree that China's leaders are taking the matter of trust more seriously, even as they mount their PR campaign.

"At the same time, the Chinese government is trying to show that it is taking seriously recent recalls by making examples of individuals and companies that allegedly contributed to the problems. The recalls have included pet food laced with an industrial chemical, toys coated with lead paint, defective tires and toothpaste made with toxic chemicals. The government has played up the fact that Zheng Xiaoyu, country's former chief food and drug regulator, was executed this week and that 180 factories that put industrial chemicals into food have been shut down."

Still, Cha insists, it is difficult to break habits fostered by years of propaganda aimed at putting a happy face on dire situations -- sort of like putting lipstick on a pig. China's propaganda machine is changing, however. Where once it was used primarily to influence internal politics, it is more and more geared to getting its message to foreigners. While such propaganda does little to foster trust, the fact that Chinese leaders care about foreign perspectives is a good sign. They are trying to connect.

"When questions about Chinese food safety arose in March, following the death of scores of pets in the United States, the Chinese government's response was silence. Then it was denial, as officials brushed off the accusations as fabrications and called them another salvo in a growing trade war between the two countries. But in recent days, the government has gone on the offensive. It is issuing almost daily statements saying how much it is doing to improve food and consumer safety. On July 3, it reported it was stepping up anti-corruption efforts. On July 4, it said it would ban firms that advertise medical claims that have not been approved by the government. On July 5 it said it was working on the country's first food recall system. ... In a two-hour session with reporters on [10 July], a panel of high-ranking officials from five agencies responsible for food safety handed out about 50 pages of information in Chinese and English about specific actions China is taking to overhaul its food and drug safety system. The officials repeatedly assured reporters that China's government is 'a responsible government.'"

Still, admitting errors does not come easy for the communist regime (or others for that matter). Take, for example, a recent news conference held in Beijing. Cha reports:

"At a news conference last week, Qin Gang, a Foreign Ministry spokesman, uncharacteristically fired back at reporters who asked if he would comment on why the quality of Chinese exports had become an issue of such intense debate worldwide. 'Why don't you tell me?' he said. 'If the media made less sensational news, the situation might not be so bad. . . . Chinese exports are at least as safe as U.S. exports -- if not better than them.'"

To underscore the fact that things are changing, Cha's article included a critical comment from a university professor -- something that would have been unthinkable in the past.

"Shi Anbin, an associate professor of media and cultural studies at Tsinghua University in Beijing, said that trying to turn the tables and focus attention on problems with U.S. products is 'not a wise strategy. We need to face our own problems rather than pointing an accusing finger at a scapegoat,' Shi said. 'I believe Chinese officials still need to learn some PR and communication skills.' ... Meanwhile, many Chinese companies that have been caught up in the recent recalls because they have produced shoddy products or because they compete with companies that do are taking their cues from the government and scrambling to distance themselves from the scandals. They frequently say it is unfair to treat all Chinese companies like criminal operations."

This winnowing process, accompanied by a strengthened regulatory and inspection regime, will go a long way towards helping China build the foundation of trust it needs to stay atop the global economic pyramid. Cha's article concludes with comments from a Dan Harris, an occasional reader of this blog:

"Dan Harris, a U.S.-based attorney who runs a popular China law blog and represents small to mid-sized companies doing business with China, said the shift in the government's public relations strategy 'is definitely smart on their part. They are not going to convince Americans that everything is okay just by denials.' He predicted it would take years, if not decades, to undo the damage done to the reputation of Chinese manufacturers in recent months. 'My view is that no matter what they say they are going to do and no matter how much they want to do it, the problem is so massive and so deep-seated that I think it's going to take huge amounts of money and a very long time for it to be cleaned up,' he said."

Dan is right. Trust must be earned and that takes years. Trust is developed more by actions than by words. China will likely continue its PR campaign -- because perceptions do matter -- but eventually PR must be replaced by action that fosters genuine trust. China will get there, but, as Dan says, it's going to take a very long time.

Incompetence to the Maxx

Last week the parent company of TJ Maxx (TJX) reported the theft of nearly 46 million credit and debit card numbers from customers in the United States, Britain and Canada. This didn't happen in one fell swoop (like the loss of laptop or theft of a CD), it took place over a period of years. ["Data Theft Grows to Biggest Ever," by Ellen Nakashima and Ylan Q. Mui, Washington Post, 30 March 2007].

"The figure, which the company said is incomplete, represents the largest reported computer theft of personal data in history. ... According to the filing, TJX discovered suspicious software on its computers Dec. 18 and began an investigation. Three days later, the company concluded that a breach had probably occurred and that the intruder was still on the system. The next day, it notified federal investigators. On Dec. 27, the firm learned that customer data had been stolen, and it notified banks and check-processing companies. On Jan. 17, TJX announced the intrusion but did not say how much data was taken. Based on the firm's investigation, the intrusion occurred in July 2005, on subsequent dates in 2005 and from mid-May 2006 to mid-January 2007. No customer data was stolen after Dec. 18, 2006. Three-quarters of the cards were expired or contained magnetic strip data that was masked or stored as asterisks rather than numbers at the time the information was stolen. The firm stored data, some of which dated to 2003 transactions. Expired cards can still be at risk because they are often renewed with the same numbers, and the TJX filing said the hackers' technology could have penetrated masked data. The thieves stole data from the firm's computer systems in Framingham, where transactions are processed for customers in the United States, Puerto Rico and Canada. They also took data from systems in Watford, England."

Anyone who has ever been mugged, had their car broken into, or had their house robbed knows how violated they feel afterwards. Forty-six million shoppers should have that same feeling right now. Whenever you hand over a credit or debit card to a merchant, you are demonstrating a high level of trust in that company -- both its employees and processes. You assume that they will take extraordinary measures to protect your property (in this case, your identity and credit). TJX violated that trust in a huge way and needs to take extraordinary measures to recover its reputation. Otherwise, the company should suffer the consequences to the Maxx.

"TJX, whose 2,500 stores include clothing chains T.J. Maxx and Marshalls, reported the breach in January but disclosed its massive scale for the first time in a filing made to the Securities and Exchange Commission after business hours Wednesday [28 March]. The computer breach is significant not only because of its scope but also because the hacker or hackers had access to the decryption tool used to decipher sensitive encrypted information and an ability to intercept data as shoppers' credit transactions were being approved. Thieves have been using the data to make fraudulent purchases in Florida and as far away as Sweden and Hong Kong, according to police and bank officials. Also taken were personal ID numbers, related names and addresses, and drivers' license, military and state ID numbers from 455,000 shoppers who made merchandise returns in the United States and Puerto Rico. The Framingham, Mass., firm acknowledged in the filing that it 'may never be able to identify much of the information believed stolen.'"

When you think about it, the entire economy relies on trust. People give merchants little pieces of paper (called money) or little pieces of plastic (called credit or debit cards) and in return customers get real products like televisions, computers, and meals. Merchants trust customers and and customers trust merchants. Break down that trust and you break down the economy. That is perhaps the greatest irony of identity theft. Criminals, whose activities undermine that trust, rely on it to make their crimes profitable.

Lawmakers who understand the importance of maintaining that trust have proposed legislation that would make companies responsible for breaches of trust.

"Legislation pending in Massachusetts would make retailers responsible for the financial cost of data breaches, currently covered by banks that issue the credit cards. Rep. Barney Frank (D-Mass.) is considering introducing a similar bill in Congress."

TJX's incompetence in protecting data should serve as a cold shower to sleepy merchants who remain lax or unvigilant in their transactions. The 17 February 2007 cover of The Economist carries the headline "The end of the cash era." If other major merchants prove as incompetent as TJX in handling credit and debit transactions, the cash era may be around for a long time.

"The breach is a wake-up call, analysts said, to retailers, consumers and regulators about the increased sophistication of hackers and the need to improve data security. 'In the old days, a fraudulent store employee could steal 30 or 40 credit cards a weekend,' said Mark Rasch, technology director with FTI Consulting, which helps firms prevent data breaches. 'Now we're at the point where a motivated hacker can steal 30 or 40 thousand cards in a weekend. And a team of motivated hackers can steal 30 or 40 million.' Avivah Litan, a security analyst with Gartner, said investigators told her they thought hackers gained access through a wireless network that managed the cash registers and terminals. Once in, they were able to find their way to systems in Britain, Puerto Rico and Canada. 'The lesson is that one little hole in your network through a wireless network can lead you to the entire corporate treasure,' Litan said. This month, Florida police arrested six people suspected of using stolen TJX credit card data to purchase $8 million in gift cards and electronic goods, said Keith Kameg, an officer in Gainesville. The arrests are among the first indications that the stolen information is being used to buy goods fraudulently, and Kameg and others said they expect many more cases to turn up."

The first consequences of the TJX breach are already beginning to occur.

"Since January, when TJX disclosed the breach, it has been the target of class-action lawsuits by shoppers in Massachusetts Alabama, California, Canada and Puerto Rico. 'They're obviously not happy,' attorney Jon J. Lambiras said of his clients in Massachusetts. 'They're very concerned that they're at risk for identity theft.'"

This story will continue to play out as more reports of identity thefts occur. Millions of unproductive hours are likely to be spent (along with hundreds of millions of dollars) in straightening out the mess created by this breach of trust. What is TXJ's response to this mess?

"TJX is cooperating with a federal criminal investigation. State and federal authorities are also looking into whether TJX violated consumer-protection laws. TJX spokeswoman Sherry Lang suggested that TJX was simply the most visible example of a widespread trend. 'Breaches go on all the time that never get detected and never get reported,' she said. 'I think we have been victimized here along with our customers.'"

Somehow I don't think the real victims will see TJX as a victim. In today's society, however, nobody wants to take responsibility -- it's always someone else's fault. That's not enjoying life to the Maxx or taking responsibility to the Maxx.

U.S. Banks Having Trouble with Basel 2

One the international standards that was aimed at improving the banking industry was hammered out in Basel, Switzerland, three years ago. According to an article in The Economist, the U.S. banking industry is having more difficulty than its European counterparts in implementing the Basel 2 accord ["A twist or two of Basel," 24 Feb 2007].

Since January 1st many European banks have begun implementing the new [Basel 2] rules, which govern how much capital they must set aside to cushion themselves from various calamities. The same process was meant to be unfolding in America. But there the banks are struggling to get their mouths around the new accord. A great deal of money is on the line for banks on both sides of the Atlantic. The more capital they must squirrel away to satisfy regulators, the more insulated they are from untoward events—but the less money remains to be put to work in order to make profits."

Considering shockwaves that have hit Wall Street as a result of defaulted high-risk mortgages, one would think that banks would have firm plans in place for making themselves more resilient to such calamities. In Europe, they apparently are:

"Happily for the bottom lines of big European banks, regulatory capital is expected to drop under the new regime—perhaps dramatically. Under Basel 2, the amount of capital a bank must sit on depends on the riskiness of its loans and other assets. So those expert in managing and minimising risk—by packaging loans into securities and selling them on, for example—can get away with a thinner cushion than others. Indeed, big, sophisticated banks will largely make up their own minds about how much capital to set aside, as long as their internal risk-management models are up to snuff. This is meant to reward the banks that already invest in cutting-edge risk-management methods, and prod others to catch up."

The news is not as good for U.S. banks:

"Banks in America, on the other hand, are glum. Their regulators have taken fright over studies showing that banks' required capital could fall by an average of 16% if they embraced the new accord. European regulators are inclined to let regulatory capital fall (subject to the discretion of national authorities). American regulators are not. They have now proposed changes in America's version of Basel 2 that will delay its implementation until at least January 2009. Under their proposals American banks will be subject to a number of 'safeguards' that keep capital cushions plump. These include the 'leverage ratio,' a blunt measure of a bank's lending exposure that is not linked to the riskiness of its activities."

One of the real peace dividends brought by the end of the Cold War was the fact that the global economy could move forward using the same rules. Basel 2 was supposed to establish that sort of international standard.

"The accord was intended as a single worldwide standard. But it now threatens to be qualitatively different in Europe and America. International banks that straddle the Atlantic are in a bind and America's large banks are especially irritated. On February 7th four of them, including Citigroup and JPMorgan Chase, wrote a letter of complaint to regulators. These extra restrictions, the banks wrote, give foreign competitors an edge, because they can hold less capital for identical assets. There may be some truth in this. But America's regulators are too uneasy about the Basel 2 project to lighten up. They think the accord relies too heavily on banks' in-house risk models, which are fallible and 'highly subjective,' as one regulator put it. Quietly, some also worry about European banks, which already have much higher levels of leverage than American ones and hold less capital to offset it. Others fret about a lack of transparency. Under Basel 2, national regulators can force individual banks to boost capital reserves if they see fit. But in Europe it is unclear what an unacceptable level of capital might be, or how bank regulators would react if a bank edged towards it."

U.S. regulators, according to the article, have reasons for being more rigid in their approach. The U.S. has suffered a series of financial institutional failures that resulted in losses for millions of victims. Since the government had to pick up the bill for many of the consequences of these failures, regulators are not eager to ease regulations aimed at preventing future financial crises. The Economist writes:

"There is no such ambiguity in America, where banks have been held to a stringent regime known as 'prompt corrective action.' This came into law in 1991 in the wake of America's savings-and-loan debacle, in which more than 2,900 banks failed. Then, regulators repeatedly threw lifelines to struggling banks, which only postponed their inevitable collapse. Now, they have much less scope for leniency. They must take specific, and increasingly severe, actions—from curbing lending to closing a bank—as a bank's capital ratios deteriorate. The idea is to intervene before banks get into trouble, and to make the consequences of falling into the red zone clear to banks and investors well before anything bad happens. American regulators will not budge on these issues soon. Indeed, Sheila Bair, one of America's bank regulators, thinks that her foreign counterparts should adopt something like the American approach to buttress Basel 2. A number of European bank regulators and academics agree. But politicians in Europe have reservations. They point out, rightly, that America's approach is largely untested, because the country's banks have enjoyed good times since 1991. They also worry that adding the leverage ratio, which disregards risk, to Basel 2 would render all their past work irrelevant."

American banking customers are much more interested in the security of their accounts than in the profitability of their bank. Basel 2 doesn't necessarily make these two positions mutually exclusive:

"In fact, each side can learn from the other. The Europeans should add clarity to Basel 2. The Americans should add a bit of urgency to implementing it. No doubt the accord has flaws, but these can be fixed later. In the meantime, it would be better to finalise a rule on Basel 2."

International cooperation and standards are critical for moving the global economy forward. Trying to find a European way or an American way or an Asian way to globalize will undermine the hope that this wave of globalization has brought with it.

More on the Upside of Sarbanes-Oxley for Investors

Last month I posted a blog about the fact that while public corporations dislike many provisions of the Sarbanes-Oxley legislation, investors seem to like it [Investors Like SARBOX]. I was commenting on a BusinessWeek article by David Henry ["Not Everyone Hates SarbOx," 29 January 2007]. Tom Barnett's web master Sean Meade pointed me to an article that discusses the fact that University of Iowa researchers Sonja Rego and Haidan Li confirm Henry's observations ["UI researchers show gains from Sarbanes-Oxley," Iowa City Press-Citizen, 20 February 2007]. The article notes:

"While corporate executives say their businesses are groaning under the weight of complying with Sarbanes-Oxley regulations, two University of Iowa business professors have found that most investors cheered the law during its early days. Research by Sonja Rego and Haidan Li in the Tippie College of Business shows that stock market values increased significantly as a result of the reforms imposed by the Sarbanes-Oxley Act in July 2002. The two authors said that while the law may impose burdens on businesses, it has restored investor confidence in a market that was battered by a six-month long string of corporate scandals from Enron to WorldCom. Their research also found that market values increased even more significantly for those corporations that were thought to have been the most aggressive in managing -- and occasionally manipulating -- their earnings in order to artificially inflate their stock price."

At Enterra we have argued for some time, based on research done by Gartner, that valuation increases when corporations are proactive in their approach to compliance. The article notes that corporations chafe under SOX requirements, but:

"Rego and Li's research found that whatever controversy there might have been about the potential costs SOX would impose was outweighed by its expected benefits as investors were looking to have their faith restored in the market. In their research, Rego and Li followed the price of 850 stocks starting on June 25, 2002, the date of the announcement of a $3.8 billion accounting fraud at WorldCom, the largest corporate fraud in American history at that time. Stocks sunk to new lows on news of the fraud, as investors increasingly lost faith in companies' earnings statements. The WorldCom scandal turned out to be the event that spurred Congress to reform corporate governance and accounting regulations. The government's response began almost immediately, with the SEC filing suit against WorldCom executives on June 26 and requiring chief executive and chief financial officers at all publicly traded U.S. companies to certify their companies' financial statements. Within a month, Congress had passed what would become the Sarbanes-Oxley Act, which was signed into law by President Bush on July 30. Stock prices began to rebound almost as soon as the SEC announced its actions on June 26, as stock returns increased by 3.6 percent by the end of the trading day June 27 from their lows of the day before. The market dropped again in the coming weeks amid more accounting fraud revelations and a general consumer gloom about the economy, but increased once more on July 24th, when a Congressional conference committee issued the Sarbanes-Oxley Act and sent it to the House and Senate for approval. On that news, the market jumped 5.4 percent. It jumped another 5 percent on July 29, when the SEC said it would publicly identify those CEOs and CFOs who did not certify their firms' financial statements. Overall, the market jumped 11 percent by the end of the study period on Aug. 15 from its post-WorldCom low on June 26. Li and Rego said the increase is largely the result of investor confidence that SOX would make companies' financial statements more accurate and reliable."

Congress is going to have to walk a fine line as it considers how to relieve some of SOX's more onerous provisions while preserving enough financial reporting to justify continued investor confidence. Whether it can accomplish this in the term leading up to the 2008 presidential elections remains to be seen. Businesses may see this as an opportunity to buy relief with political contributions, but this early in the race neither party has a clear frontrunner for president. Corporations may not see that as too problematic since they can beneficially concentrate on Congress -- especially on senators up for re-election and on House members. If remedial legislation fails to pass Congress, it really doesn't matter who wins the White House. The risk for Congress, of course, is that remedial legislation that retreats too much from stiff reporting requirements could result in voter backlash. Corporations are betting that voters won't care and hope the next election remains a referendum on the war in Iraq.   

Investors Like SARBOX

According to a BusinessWeek article by David Henry, Sarbanes-Oxley regulations have been a big hit with investors ["Not Everyone Hates SarbOx," 29 January 2007]. There has been no shortage of news about how unhappy businesses have been with the legislation and I've written several posts about their displeasure [Corporations, Compliance, & Competitiveness, More on Compliance & Over Regulation, Small Companies Get SOX Relief, and Attacks on SOX Continue]. Henry notes:

"The complaints have been so passionate that regulators are now planning to loosen the rules, probably before the year is out. Not so fast, says a growing chorus of investors. Lost amid all the boos over SarbOx, they say, are some major benefits. The biggest: SarbOx and related reforms have produced much more reliable corporate financial statements, which investors rely on when deciding whether to buy or sell shares. For them, SarbOx has been a godsend. What's more, says Duncan W. Richardson, chief equity investment officer at Eaton Vance Management and overseer of $80 billion in stockholdings, even the act's much disparaged requirements for testing internal financial controls could drive gains in corporate productivity and profits."

Henry notes that earnings statements have been better prepared and have contained less spin since SOX legislation was passed. In addition, executives seem to have a much better grasp of costs. Henry writes:

"Beefed-up disclosure requirements have also meant that companies now deliver numbers with fewer adjustments for unusual charges and write-offs, which in the past have been used to make earnings look better. Thomson Financial's Earnings Purity Index, which tracks earnings adjusted for such write-offs, shows improvements in each of the past four years. And now earnings reports reflect expenses for incentive stock options, information investors like that wasn't available before the big accounting scandals. Just as important, executives appear to have a firmer grasp of costs when they talk about operating margins, according to Richardson of Eaton Vance. He credits the improvement to the infamous Section 404 of SarbOx, which requires documented testing of internal controls. 'Even not-so-good management teams have good controls now, and that leads to an ability to cut costs,' he says."

While all of this sounds good, complaints have mostly been about costs making companies non-competitive. This is especially true for small public corporations. Henry notes:

"This isn't to say SarbOx is flawless. Section 404 is often applied unreasonably, causing costly checks of minor book entries. It's bad, too, that small-scale businesses find fewer benefits relative to the costs."

Large public corporations also have reason to complain because they have met the compliance challenge by throwing money and people at it. At Enterra Solutions, we believe costs and errors can be reduced by automating compliance associated processes. Once in place, these automated processes provide corporations with a competitive edge over rivals. Despite the praise for SOX, Henry warns that investors should still be wary of financial reports.

"Lack of growth often exposes aggressive accounting estimates used to manipulate earnings. And that's when some capital investments are revealed to have been hiding operating costs. Still, the next round of abuses to surface will probably not be as bad as it would have been without the reforms. Says Eaton Vance's Richardson: 'You're always better going into any downturn with tighter rules.' For regulators eager to start tinkering, that's food for thought.

Corporations can dream about Sarbanes-Oxley going away, but dreaming is about all they can do. Investors, regulators, and legislators have shown no penchant for letting businesses off the hook so that they can return to the accounting practices that brought down Enron and Worldcom. Henry indicates that even those who believe that the legislation needs tweaking need to be careful about how it is done.

Data Collection Challenges

The 2004 Intelligence Reform Act authorized a Cross-Border Electronic Funds Transfer Program as part of America's war on terrorism. A Washington Post article that discusses a report just issued by the Department of Treasury notes how difficult setting up a massive data collection program can be ["Vast Data Collection Plan Faces Big Delay," by Ellen Nakashima, 17 January 2007]. Treasury had hoped to start the program by the end of this year but now reports that it will be delayed until at least 2010.

"The Treasury Department concluded that the program was technologically feasible and has value, but said it needs to determine whether the counterterrorism benefit outweighs banks' costs of compliance and to address privacy concerns."

Conducting cost/benefit analysis is always wise; but when issues like terrorism and privacy are concerned, subjective factors (like emotions) often play as big a role as objective factors (like compliance costs). Bankers oppose the program because they feel it is burdensome and intrusive. According to the article:

"Unlike another Treasury program, which uses administrative powers that bypass traditional banking privacy protections to tap into the vast global database of transactions maintained by the Brussels-based Society for Worldwide Interbank Financial Telecommunication, the cross-border plan is the result of legislation sought by Treasury and would require congressional oversight."

Banks and money services, Nakashima reports, are already required by law to keep records on all wire transfers of $3,000 or more. "The proposed program would mandate that each of those transactions -- if they cross the U.S. border -- be reported to the Treasury Department's Financial Crimes Enforcement Network (FinCEN)." She continues:

"The type of data captured would include the names and addresses of senders, the amount and dates of the transfers, the names and addresses of the beneficiaries and their financial institutions. Treasury officials said in interviews and in the report to Congress that the data would give analysts more information to ferret out illicit activity as they try to detect links between suspects. FinCEN said that Australia and Canada had used similar data effectively. Australia has used it to catch tax evaders and predict the movement of drugs into and out of the country. But those countries deal with much smaller numbers of transactions. Treasury receives more than 16 million currency transaction records and suspicious activity reports a year from banks and other financial institutions, which help officials track money launderers and terrorist activity. Bankers say the additional reporting requirement would be a tremendous burden. 'We're talking about a volume of transactions that dwarfs anything that has been done in the name of [financial regulatory reporting] up to now,' said Richard R. Riese, director of the American Bankers Association Center for Regulatory Compliance."

Such a massive data collection effort, if it occurs, would demand automated rule sets to help keep compliance and data mining costs affordable. The Treasury Department has proposed a "first in" and "last out" rule that would require only the first institution to receive a cross-border fund transfer or the last institution that actually makes a cross-border transaction to file reports. The number of reports would still be massive, but technically the challenge is not insurmountable. Dealing with privacy issues is another challenge being raised both in America and Europe.

"In an October interview, Robert W. Werner, who then was director of FinCEN, said most of the data collected would be 'commercial oriented' transactions and 'irrelevant' to FinCEN's mission to detect and prevent illicit activity. 'The key is to have a system that allows you to be able to pull the relevant data without people worrying that irrelevant data is being browsed and used inappropriately,' he said. FinCEN would also need to develop the technical capability to store and analyze the information, the study noted. FinCEN is considering setting up a 'federated data warehouse' to store the data, which would be held separately from other financial records data. Officials said there would be strict rules to ensure that the data is not shared inappropriately, including audit trails to check for improper access. The program would be developed through a public rulemaking process over an extended period, officials said. 'We know there will be costs. We believe there is value. How do those two play out?' said Eric Kringel, senior policy adviser at FinCEN. He said that as a regulatory body, FinCEN 'would not want to proceed' without determining if the benefit is worth the cost. FinCEN has proposed taking a year to conduct a $1.1 million cost benefit analysis. Implementation would cost $32.6 million and take 3 1/2 years, officials said."

If the cost/benefit analysis indicates that government should proceed, the kinds of supporting technologies that could address reporting, mining, correlating, and protecting data are all the kinds of issues that could be researched at the Institute for Advanced Technologies in Global Resilience (IATGR). It could be especially useful during the "rulemaking process" discussed in the article. With potential costs (both real and social) being so high, taking time to make the right decision appears to be a wise course.

Attacks on SOX Continue

Over the past few months I have written several posts about Corporate America's unhappiness with the requirements of the Sarbanes-Oxley Act [U.S. Business Regulations to Be Examined; Corporations, Compliance, & Competitiveness; More on Compliance & Over Regulation]; and Small Companies Get SOX Relief]. The Secretary of Commerce and the U.S. Chamber of Commerce are among those that have been pressing to have SOX changed. The Chairman of the Libertarian Cato Institute, William A. Niskanen, has now joined the fray with an op-ed piece in the New York Times ["Enron's Last Victim: American Markets," 3 January 2007]. Niskanen claims the legislation was passed "hastily" and has "proven counterproductive in the extreme." He is calling on the new Congress to repeal the law.  He claims:

"Sarbanes-Oxley has seriously harmed American corporations and financial markets without increasing investor confidence. The section of the law requiring companies to perform internal audits has turned out to be far more costly than proponents projected, especially for smaller firms. These costs have led some small companies to go private, hardly a victory for public oversight, and some foreign firms to withdraw their stocks from American exchanges. In addition, the average 'listing premium' — the benefit that companies receive by listing their stocks on American exchanges — has declined by 19 percentage points since 2002. This explains why the percentage of worldwide initial public offerings on our exchanges dropped to 5 percent last year, from 50 percent in 2000. Other costs associated with the act may turn out to be more important. For example, more stringent financial regulations and increased penalties for accounting errors may make senior managers too risk-averse. Most chief executives are not accountants, so the requirement that they personally affirm audits and accounts — at the risk of jail time should anything be amiss — may make them reluctant to partake in perfectly legitimate activities. ... The negative repercussions of the act on businesses might have been worth it if the act had achieved its primary goal: substantially increasing the confidence of investors in the accuracy of the accounts of firms listed on the exchanges. But that does not seem to have happened. The best measure of investor confidence is the price-earnings ratio — the price that investors are willing to pay for each dollar of a company’s reported earnings. The overall price-earnings ratio for the Standard & Poor’s 500-stock index, however, has declined continuously since the Sarbanes-Oxley Act was being drafted in the spring of 2002. "

Undoubtedly SOX has had an adverse affect on public corporations. The complaints have been loud and frequent since the law was passed. Repealing the bill, however, because it "may make senior managers too risk-averse" or because it "may make them reluctant to partake in perfectly legitimate activities" seems a bit extreme. Niskanen simply makes a dismissive wave when it comes to investor confidence without offering recommendations about such confidence can be increased. I think Niskanen would agree that trust must be earned. Trust doesn't flow naturally from legislation. With the last of the high-publicity cases just being completed last year, I would argue that it is a bit too soon to expect investor trust to be very high. The fact that the Home Depot Board of Directors just dismissed its CEO with a $210 million departure package isn't going to help. You can't blame that on Sarbanes-Oxley. Niskanen continues:

"The basic structure of Sarbanes-Oxley is unsound. One big problem is that the act nationalized the rules for corporate governance, reducing the value of the competition among the states for setting such rules. In addition, the act failed to resolve the major conflict of interest created when auditing firms are paid by the companies they audit. Rather than creating a regulation to change the system, Sarbanes-Oxley created an expensive and arguably unconstitutional new regulatory agency to regulate the audit firms’ activities. And, as is too often the case, Congress has rewarded the failures of the very bureaucracies that failed to keep up with Enron — doubling the budget of the Securities and Exchange Commission. Tinkering is not enough. Sarbanes-Oxley continues to discourage smaller companies from trading publicly and foreign companies from listing their stocks on American exchanges. In the eyes of investors, it hasn’t cleaned up any corruption, it has only forced companies to jump through hoops. As Senator Sarbanes and Representative Oxley drift into retirement, their act should retire with them."

Niskanen certainly stays true to his Libertarian roots, but I would have appreciated a more prescriptive op-ed piece from the head of the nationally-known think tank. Since many average Americans are only invested in stock market through pension funds, I doubt they would see any "value [in] the competition among the states for setting [oversight] rules." I am hardly a disinterested observer in this matter. I'm the CEO of a company that offers a way for public corporations to help reduce compliance costs. In addition, I may someday want to take my privately-held company public. Deregulation, however, has a mixed history. Investors want a system in place that helps protect their investments. Perhaps SOX isn't the answer, but regulation and oversight are necessary to help increase trust. Let's hope some productive ideas are forthcoming.

Prevention Better Than Mitigation

One corporate accounting scandal that failed to catch wide public attention occurred at Rent-Way before the more infamous scandals at Enron, WorldCom, Tyco and other companies were uncovered. Unlike those cases, however, the CEO, William E. Morgenstern, was not involved and, over the next half dozen years, he did everything in his power to uncover and correct criminal activity once it was discovered ["Poisoned by Scandal, Craving an Antidote," by Charles Duhigg, New York Times, 10 December 2006]. On that fateful day in 2000:

Morgenstern ... was preparing for bed when a woman called to warn him that the company he had built from scratch was about to fall apart. In the days before that call, Mr. Morgenstern had been scrambling to reconcile discrepancies he had discovered in Rent-Way’s books. He had much at stake. Since its founding in 1981 in Erie, Pa., Rent-Way had grown into a national powerhouse by renting furniture and electronics to low-income consumers through more than 1,100 stores. The stock price had tripled since its initial offering in 1993, making Mr. Morgenstern a Wall Street darling and propelling dozens of Erie families who had invested in the company to sudden wealth. When he discovered the accounting problems, Mr. Morgenstern initially hoped for a quick explanation. But interviews with executives led to more questions. Then came the midnight phone call: a weeping employee told him that for three years Mr. Morgenstern’s top deputies had forced her to cook Rent-Way’s books. Mr. Morgenstern then called the company’s lawyer in a panic. What, he asked, should they do?

Morgenstern was a man of ethics and integrity and did what CEOs at other scandal plagued corporations viewed as unthinkable -- he asked the SEC to investigate.

“There was a stunned silence from the regulators,” said one participant in the call. “Then the S.E.C. attorney said, ‘Can you say that again?’ ” The S.E.C. had good reason for surprise. Rent-Way’s openness was unusual, especially in an era when other companies actively masked glaring frauds or covered up problems to avoid the legal and financial complications they might incur. “There’s a huge amount of pressure to fight,” said Lanny J. Davis, a lawyer who has advised many besieged executives, including the HealthSouth founder Richard M. Scrushy, the former White House occupant Bill Clinton, and, for a period, Mr. Morgenstern. “If you let regulators in, you lose control of everything. Suddenly, they start exposing problems you didn’t know existed. Some say the safest route is to fight and hope regulators won’t be able to make their case.”

In addition to contacting the SEC, Morgenstern and his board fired the culpable executives. They hoped that their openness and quick action would contain the crisis. In Duhigg's words: "Rent-Way’s own journey, which came to a head last month, offers a chilling lesson: Even the most virtuous decisions have unforeseen, often damaging, consequences, and full disclosure may create as many problems as it solves."

“We were committed to not letting this company be brought down by a small group of people engaged in criminal activity,” said William Lerner, a Rent-Way director and former S.E.C. official. “We were determined to do everything as morally and ethically as we could.” Initially, Rent-Way’s open-door strategy had little effect. When its stock began trading after the fraud was revealed, shares plummeted 75 percent within hours. Law firms began encouraging investors to file class-action suits.

Morgenstern received personal threats, but he continued his struggle to save the company. They sold off some of their stores to try to reduce debt, but the scandal had increased the interest rates banks charged Rent-Way. The scandals that followed over the next few years meant that the climate for scandal tainted companies was toxic.

Despite the good words from the law enforcement authorities, the financial markets continued to batter Rent-Way. Its interest payments consumed more and more cash, and the stock price refused to budge.

The final nail in Rent-Way's coffin was the rise in gas prices that hit its customer base hard -- people who frequent rent-to-own businesses are generally from low income families. With gas prices high, less disposable income was available for TVs, appliances, and furniture. The company was put up for sale and its main competitor, Rent-A-Center, bought it in November.

Crisis consultants say the lessons from Rent-Way’s experiences are troubling. “This company did the right thing in letting the S.E.C. and the public know about the fraud as quickly as possible,” said Ron Hartwig, a crisis communications expert now with the J. Paul Getty Trust. “But when you’re besieged by lawyers and reporters and shareholders, it’s easy to lose control. If executives don’t appear to have a plan, if they don’t seem to know all the answers, everything begins to slip away. Sometimes being honest and forthright isn’t enough.” For Mr. Morgenstern, who now lives in North Carolina and is seeking new business opportunities, that has been the hardest lesson of all. “I did everything that I thought was right, but in some ways it didn’t matter,” he said. “This wasn’t a broken company. And when I found illegal activity, I exposed it. But that shouldn’t have ended a great company. I don’t know what else we should have done.”

Being resilient means being compliant. Morgenstern's story underscores the fact that prevention is always better than cure -- in most cases, there isn't a cure for a corruption-riven organization. Having a system in place that helps identify problems early -- either criminal or unintentional -- should be part of any resilient enterprise's infrastructure. This is especially true since SEC regulators are about to place more focus on having an acceptable compliance system in place.

Small Companies to Get SOX Relief

According to an article in the New York Times, small public corporations that are subject to regulation under the Sarbanes-Oxley Act will get an early Christmas gift starting this Wednesday -- relaxation of some of the more stringent SOX requirements ["S.E.C. to Ease Auditing Standards for Small Publicly Held Companies," by Stephen Labaton].

The relaxed standards represent a compromise, giving a qualified victory for businesses, which had considered any regulation burdensome, and for the auditing firms, which had benefited from the imposition of stringent requirements on their clients. Section 404 of the act requires publicly traded companies to assess the controls they have put in place to ensure that their financial reports are reliable. The rule, a response to the many accounting frauds that haunted investors before the legislation, was intended to try to discourage fraud and manipulation of financial statements. But Congress left it to the regulators to determine precisely how thoroughly auditors had to examine financial controls, and the commission has repeatedly delayed imposing any rules on smaller companies until it considered their complaints and worked out details — a temporary exemption that benefited about four out of five of all public companies. The commission’s long-awaited interpretation of Section 404 is the culmination of a fierce lobbying battle. It has pitted the largest accounting firms, which have reaped huge profits from the tighter standards, against an equally influential coalition of small public companies, which has lobbied for years for relief.

This SEC action precedes the release of reports aimed at convincing lawmakers that U.S. businesses are being overregulated to the point of being uncompetitive (see my previous posts Corporations, Compliance, & Competitiveness and More on Compliance & Over-Regulation).

The proposal will, for the first time, impose a “materiality standard” — that is, auditors will be advised to scrutinize only those controls that could have a reasonable risk of having a material impact on the financial statements. It is expected to encourage auditors to rely on prior years’ work as a basis for testing controls and discourage auditors from multiple testing of the same controls. And it will encourage the auditors to use a “risk assessment” to focus the audit on the areas of greatest potential concern. Commission officials said last week that the proposal would not be an unequivocal victory for smaller companies because it would not give them what they wanted most: a blanket exemption from Section 404. Nor would it impose a sharp restriction that would limit the auditors to looking at the design of the financial controls. But the officials said the proposal would address many of the cost concerns raised by small businesses.

Its timing, coming as it does during the interregnum between a Republican and Democratic controlled Congress, may signal that the Administration doesn't know how the Congress will react if significant steps aren't taken before the turnover. It may also be viewed as an olive branch.

The fight over auditing standards has far broader political implications, according to officials, lawmakers and industry executives. An adequate resolution of the issue by regulators would take significant pressure off Congress to address other complaints from some business groups about the law and other corporate governance rules. Since the Sarbanes-Oxley law was adopted, small businesses have maintained that it imposed unnecessary costs and burdens. The accounting firms, which have experienced a sharp increase in their billable hours as a result of the law, have praised the provisions, while groups representing institutional investors have sought to prevent the regulators from watering down the provision in ways that could lead to more accounting abuses.

In light of this action, large public corporations are likely to increase their lobbying efforts to get relief also, but their case will be harder to make.

Some large companies have also complained about the increased audit costs, but new data suggests that the law is having beneficial effects for investors. A new study by Glass, Lewis & Company to be released this week shows that although financial restatements of public companies increased by 12 percent in 2006, they have actually declined by 25 percent among large companies. The study attributes the decline among large companies to the effects of Section 404.

With the new focus being on the adequacy of internal controls, small and large companies alike should look for solutions that automate processes. Automated processes reduce errors (and fines), increase confidence (by creating automated audit trails), and reduce costs by decreasing the number of manhours that must be devoted to compliance issues. While I see this as good news for Enterra Solutions, it should also be welcomed by small corporations. SOX isn't going away and the new Congress has promised that it will watch closely to ensure that its provisions aren't watered down so much that investor confidence is once again shaken. 

More on Compliance & Over-Regulation

A few days ago I blogged about corporate efforts to get relief from some of the more onerous portions of the Sarbanes-Oxley Act [Corporations, Compliance, & Competitiveness]. Those activities are taking place in the legislative arena. There are also efforts in the judicial arena to get relief from what they consider over-regulation. In this case, the banking industry is attempting to get the Supreme Court to rule that financial institutions should only be regulated federally as opposed to today's situation which finds them regulated at both the federal and the state level ["Federal Oversight of Banks Risks Abuse, States Argue," by Tomoeh Murakami Tse, Washington Post, 30 November 2006].

All 50 states and the District of Columbia yesterday urged the Supreme Court to overturn lower court rulings that they said would give federal authorities the ability to block states from prosecuting financial institutions for predatory lending practices. In oral arguments, the justices posed tough questions about the implications of a mortgage-lending case that could affect the way state-chartered subsidiaries of national banks are regulated. Chief Justice John G. Roberts Jr. expressed concern about the banks' apparent effort to seek immunity from state regulations, but other justices suggested that banks are stumbling under excessive regulation by being required to report to both state and federal officials.

The case in question, Watters v. Wachovia Bank, focuses on mortgage lending practices but Tse notes that the implications flowing from the case go far beyond mortgage practices and could ultimately affect regulatory oversight of other industries.

Although the case centers on the lending practices of banks, legal experts said that it has broader implications for other industries that are also regulated on both the state and federal levels, in such areas as transportation safety, civil rights and environmental protection. At issue is whether state-chartered subsidiaries of national banks should be subject to the regulations of state governments or be solely under the purview of the federal Office of the Comptroller of the Currency.

One of the more interesting aspects of this case involves the age of the laws under consideration. One would think that banking laws in this age of electronic transfers would be some of the most up-to-date statutes on the books. Not so.

For 35 years, states have regulated the mortgage-lending practices of state-chartered subsidiaries of national banks. The parent national banks are regulated by the OCC. In 2001, the OCC ruled that those lenders should be overseen by the federal government under the National Banking Act of 1864, not by state regulators. And in 2003, officials at North Carolina-based Wachovia decided that their state-chartered subsidiaries, which are mortgage lenders but are not themselves banks, would no longer abide by the regulations of local jurisdictions and would answer only to the OCC. Michigan protested, so Wachovia sued for release from state oversight. The bank won on the lower court levels, and Michigan appealed to the Supreme Court. Critics of the OCC have long said the federal agency falls short in consumer protection and that it bases its regulatory decisions on maintaining the banks' safety and soundness.

Tse reports that questioning by the Justices was intense, with some justices appearing to support the states and others who appeared to support the banking industry.

Chief Justice John G. Roberts Jr. expressed concern about the banks' apparent effort to seek immunity from state regulations, but other justices suggested that banks are stumbling under excessive regulation by being required to report to both state and federal officials. ... Roberts said it seemed that banks wanted to be viewed as federally governed on regulation issues but state-based to shelter themselves from liability issues. "You are really trying to have your cake and eat it too," he said. Justice John Paul Stevens questioned whether the OCC had the manpower to handle the increased responsibility it took when it preempted state law in 2001. He asked specifically how many additional investigators the OCC had hired when it took over this responsibility. " ... Justice David H. Souter, however, noted that banks could be forced to go through two separate rounds of inspection -- state and federal. "Regulation costs the regulated entity something," he said. "It is a burden on them."

I am certainly mindful that regulatory oversight can be costly and confusing. Keeping straight which regulations apply to which branches and making sure proper compliance takes place can be daunting. That is one of the reasons I invented Enterprise Resilience Management, which, inter alia, is a way to automate compliance processes -- reducing costs and increasing accuracy. Normally conservative courts (which most people argue this Supreme now is) favor states' rights. How they rule on this case will be one indication of the direction they will be taking over the next few years. It will be interesting to see if the lingering memory of the savings & loan scandals of the 1980s, during which under-regulation played a part, will have any effect on this case.

Corporations, Compliance, & Competitiveness

Back in September, I noted that a distinguished group of academics, financiers, lawyers and corporate executives announced that it would be conducting a major study of whether such regulatory excesses posed a threat to the competitiveness of U.S. public capital markets [U.S. Business Regulations to Be Examined]. Treasury Secretary Henry M. Paulson Jr., was quick to applaud such a study indicating that he believed over-regulation of public corporations was a problem. Today Paulson issues a report "that argues that the United States may be losing its preeminent position in global capital markets to foreign stock exchanges because of costly regulations and nettlesome private lawsuits." ["Five Years After Enron, Firms Seek Weaker Rules," by Carrie Johnson, Washington Post, 29 November 2006]. Apparently the recent elections have spurred interest groups to intensify their campaign to roll back some of the more stringent rules that Congress put in place following the Enron and WorldCom fiascoes.

Interest groups are trying to build political support to review long-standing rules that govern companies, as well as parts of the 2002 Sarbanes-Oxley law, which imposed stringent responsibilities on accountants, boards of directors and corporate executives. Some key members of Congress have recently expressed concern that U.S. companies may be over-regulated. For example, Sen. Charles E. Schumer (D-N.Y.) joined New York City Mayor Michael R. Bloomberg (R) to commission a study by McKinsey & Co. on whether U.S. stock exchanges are losing listings to more lightly regulated overseas markets. Sen. Christopher J. Dodd (D-Conn.), who is set to head the Banking Committee, has expressed skepticism that the Sarbanes-Oxley law has led businesses to flee overseas but has signaled a willingness to hold hearings next year on how the legislation is working. The business groups are initially focused on getting rules changed at the Securities and Exchange Commission, the independent federal agency that oversees U.S. capital markets and companies. The growing bipartisan concern about over-regulation will help set the tone for deliberations at the agency, which is led by Christopher Cox, a Republican and former congressman from California.

Business groups are counting on the fact that most of the high profile cases associated with the corporate scandals are settled and the memories of those scandals are fading from the public's mind. These groups are thrilled that discussions about over-regulation are replacing discussions about corporate greed and corruption. The U.S. Chamber of Commerce is scheduled to release its own report next year (it's conclusions apparently already determined).

The chamber plans to publish its own study next year that attacks what it views as duplicative rules and overly aggressive enforcement by securities regulators. The renewed push to soften government oversight of business comes as the outcry begins to diminish over a series of financial scandals that erupted five years ago after Enron collapsed, costing thousands of employees their jobs and wiping out billions of investor dollars. The phony accounting at Enron and the bankruptcy of WorldCom months later prompted Congress to pass the Sarbanes-Oxley law. The chamber panel studying regulation contains several prominent Democrats, including two members of President Bill Clinton's Cabinet -- William M. Daley, who headed the Commerce Department, and former U.S. trade representative Mickey Kantor. Lobbyists at the chamber are moving to line up meetings with Dodd, who is considering a bid for the presidency in 2008, and soon-to-be House Financial Services Chairman Barney Frank (D-Mass.). Frank recently spoke in general terms of his willingness to compromise with business on some matters to win concessions on minimum-wage legislation and housing reforms.

While I'm not certain that the public's memory is as short as the Chamber of Commerce thinks it is, I know that a Democratic Congress will remember that the scandals took place while the Republicans were in charge and won't want to look like it is soft on corruption before the next presidential election. Some adjustments to current regulations may be in order, but how far the new Congress compromises in order to get minimum wage legislation passed is yet to be determined.

The current drive to roll back regulation pivots on a complex rule that requires companies to assess their financial controls to prevent fraud and mistakes. The provision, contained in Sarbanes-Oxley, has proved more expensive than regulators envisioned, particularly for small businesses. With the encouragement of senior federal lawmakers, officials from the SEC and the Public Company Accounting Oversight Board, which sets rules and oversees accountants, are meeting to hash out an accord on scaling back the rule. How far they go, perhaps effectively exempting smaller companies, is raising intense concerns from those who think the rules are necessary to protect investors from fraud. If they decide to exempt small companies, that would take out "the guts of getting accounting and auditing straightened out" after years of cursory reviews by accountants helped fuel financial scandals, warned Charles A. Bowsher, former comptroller general.

The report released by Paulson's office advocates raising the standard for charging companies with crimes and proposes shielding accountants from fraud lawsuits under certain circumstances. Corporations have yet to win back the trust and confidence of most Americans and corporate America would suffer under a new round of scandals. Let's hope that Congress is wise enough to find a compromise that maintains American competitiveness without opening the door for further corporate abuses.

A Time for Trust

In his latest column, Sebastian Mallaby discusses the issue of trust ["The Decline of Trust," Washington Post, 30 October 2006]. He begins his remarks recalling that in 1995 Francis Fukuyama published a book entitled Trust "in which he argued that a society's capacity for cooperation underpins its prosperity." This is especially true in the information age when everything is so connected. Online both organizations and individuals rely heavily on trust -- trusted software, trusted connections, and trusted relationships. Ebay's entire business model relies on such trust. When that trust is breached (through scurrilous activity like phishing, click fraud, ID theft, viruses, Zombie computers, etc.) we are outraged. Mallaby laments the fact that we don't talk as much about trust as we used to. Because of corporate and political scandals, today we talk a lot more about accountability.

You see this most viciously in politics. In the mid-term campaigns, nobody has time for trust. The name of the game is to hold opponents accountable by attacking their records -- for failings real or imagined.

Mallaby notes that the shift away from trust and towards accountability took place after the corporate scandals and after the invasion of Iraq -- "a shift somewhere around 2003 or 2004."

In the 1990s, after academics and pundits began talking about trust, the nation did actually become more trusting. The share of Americans saying they trust government "most of the time" or "just about always" rose from 21 percent in 1994 to 56 percent in 2002. Equally, elections became less abrasively focused on accountability. In 2000, according to John Geer of Vanderbilt University, a relatively low 40 percent of the messages in presidential TV spots were negative, down from 47 percent four years earlier. But some time after the Iraq invasion, these trends reversed. In 2004 the share of Americans saying they trusted government fell to 47 percent, and this month a CBS News-New York Times poll put it at a rock-bottom 28 percent. Meanwhile Geer's measures show that in the 2004 election negative messages jumped to 50 percent of the total, and he guesses that this year's congressional races are the most negative in history.

Trust, as the old saying goes, must be earned. The statistics Mallaby quotes indicates that, especially in government, it may take a while to regain that trust. Corporations that face scandal often change their names or go out of business because people vote with their pocketbook. Unfortunately, corporations haven't done much better on the trust issue than government. Mallaby writes:

There's been a similar change in corporate America. In the late 1990s, the new thing for corporate managers was to trust ordinary employees. Company hierarchies were flattened so that people in the middle could demonstrate initiative rather than suffocating under bureaucratic controls. In 1999, the Harvard Business Review reported that 30,000 articles on trusting and empowering middle managers had appeared in the business press over the previous four years. That paradigm ended in 2002 with Enron, WorldCom and dozens of lesser corporate scandals. Suddenly nobody wanted to trust managers; they wanted to audit them. Instead of the era of management empowerment, we entered the era of mandatory online ethics training. Meanwhile private-equity firms are raising record sums to take over companies on the premise that incumbent managers need to be kicked rather than trusted.

Mallaby certainly believes that people should be held accountable, but, he also assumes that Fukuyama is correct about the importance of trust and that trust is an asset that any prosperous society must embrace.

Trust, when not abused, is nonetheless an asset. Accountants, lawyers and online training sessions impose costs on businesses; it would be cheaper to trust people if that were possible. Like