Vicky A. Bailey, a member of the Federal Energy Regulatory Commission, has left the FERC to serve as president of Cinergy Corp.'s PSI Energy Inc. unit in Indiana. Bailey served on the Indiana...
Business & Money
Business & Money
By approaching Sarbanes-Oxley compliance as an opportunity rather than a burden, companies can reap strategic rewards and become stronger.
The stakes have risen in the compliance game. A series of incendiary scandals-followed by the Sarbanes-Oxley Act and its implementing regulations-have focused the scorching light of public scrutiny onto public companies in all industries, and the heat is particularly intense for investor-owned utilities.
Regulators and investor groups demand that utility companies demonstrate they are squeaky-clean, inside and out. From American Electric Power Co. to Maine Public Service, energy and utility companies across the nation are renewing their commitment to ethics and good governance.
That, as Martha Stewart might say, is a good thing.
But now that the smoke is beginning to clear from the American corporate conflagration, companies are moving out of firefighting mode and into long-term fire prevention.
"Now the challenge for companies is to ensure that the compliance programs they have established adhere to best practices," says Deborah Meshulam, a partner with the Piper Rudnick law firm in Washington, D.C., and formerly assistant chief litigation counsel with the SEC's enforcement division.
"Sarbanes-Oxley has added a wide range of new issues to the traditional compliance function," Meshulam says. Coping with these issues on a long-term basis requires companies not only to review and update their policies; it requires them to make substantive organizational and cultural accommodations, and to train personnel at virtually all levels on the new compliance mandates.
So even as the scrutiny subsides, companies must maintain their commitment to the goal of unimpeachable corporate ethics. Doing that cost-effectively and efficiently across the entire organization is the next big challenge in the governance game.
The updating of governance and financial reporting policies has required enormous time and attention during the past 18 months. Companies have enhanced the authority, skills, and resources of their internal audit and compliance functions, and they have instituted new ethics, governance, and accounting policies.
But the game isn't over yet. Sarbanes-Oxley compliance will continue devouring resources in the months and years to come.
"This is one of the larger risks we are facing," says Scott Smith, chief risk officer at AEP. "Some companies might think they have all the controls in place already, but that just means they haven't read all the regulations."
In fact, not all the regulations exist yet. As recently as Aug. 8, the SEC proposed new rules regarding disclosure in director-nomination procedures. Thus companies must continue tracking changes in the law and integrating them into their policies.
Such steps may not be enough by themselves, however. Regulators and investor groups alike are focusing attention on precisely how companies are implementing new standards. Moody's Investors Service, in developing its new corporate governance assessment methodology, cited as a red flag "an ethics policy that appears to lack coherence or clear methods for implementation, suggesting possible lack of commitment to ensuring ethical practices in the organization."
Reading between the lines, it becomes clear that companies are not expected just to comply with the letter of the law, but to integrate