SOx strikes again

A sigh of relief radiated from non-profits, private companies and their risk managers when the Sarbanes-Oxley Act passed nearly two years ago. After all, the federal law targeted only public companies. Absent a direct need to consider Sarbanes-Oxley issues, non-profit organizations, privately held businesses and subsidiaries of publicly traded companies have enjoyed a period when Sarbanes-Oxley ignorance has been bliss. However, it's time for the non-public sector and risk managers--no matter where they work--to become intimately acquainted with the new SOx requirements.

Sarbanes-Oxley establishes a roadmap for good accounting, auditing, governance and disclosure practices. Consider this. Many of these federal requirements will become de facto standards for organizations in the private and non-profit sectors. For example, if a non-publicly-owned business experiences financial distress or becomes an investigation target, the Sarbanes-Oxley standards could be referenced as the appropriate principles that should have been followed. By adopting SOx standards, a company--regardless of its structure--could avoid or temper its liability during stressful times.

Many of the SOx standards will become the actual requirements for all insurers, including privately owned, non-profit and mutual carders. It doesn't make sense to contend that only the publicly traded insurers should be required to comply with enhanced standards. Obviously, you could effectively argue that all insurers:

* Would benefit from independent directors;

* Need financial experts on their audit committee and independent auditors;

* Should make "real time" disclosure of significant events affecting the insurer's financial condition or operations;

* Should report off-balance sheet transactions; and,

* Should establish a code of ethics for an insurer's principal officers.

Given the logic of the SOx requirements, the guidelines will eventually migrate, through law or otherwise, to insurance companies regardless of their organizational type. In fact, the National Association of Insurance Commissioners has launched a study comparing the SOx standards against the existing model law that requires insurers to obtain annual audited financials.

Attention to Sarbanes-Oxley shouldn't stop there. Risk managers at non-publicly-traded companies should also consider SOx standards relative to their own operations.

In light of today's liability exposure for accounting firms, auditors are unlikely to drastically after their practices based on whether the audited company is public or not.

There's an additional pocketbook benefit for risk managers. If they put their houses in SOx order, securing directors and officers liability insurance should be easier and cheaper. With D&O availability and affordability already stretched over these past several years, a lack of adherence to Sarbanes-Oxley standards may make it difficult to buy such coverage at an acceptable price.

Given the impending regulatory, accounting, customer and competitor pressures, private insurers and nonpublic companies can no longer blissfully ignore the importance and scope of the Sarbanes-Oxley Act. However, by analyzing the SOx standards, and preparing to adopt the appropriate improvements, non-public businesses won't be caught unaware when the Sarbanes-Oxley tidal wave hits this sector of the industry.

LINDA S. KAISER is a member of the insurance corporate and regulatory practice group at the law firm of Cozen O'Connor She can be reached at riskletters@lrp.com.

COPYRIGHT 2004 Axon Group
COPYRIGHT 2004 Gale Group