Koss Corporation Case: Trouble in Brew City

ABSTRACT This instructional case provides auditing students an opportunity to examine an interesting real-life embezzlement and financial statement fraud occurring at a publicly traded company in the post-Sarbanes-Oxley (SOX) era. The case focuses on independent auditors' and senior management's reporting responsibilities related to internal control over financial reporting involving smaller public companies (nonaccelerated filers). While all public companies are subject to external auditor and management attestation on the effectiveness of internal control over financial reporting following SOX, the Securities and Exchange Commission (SEC) granted nonaccelerated filers numerous extensions for the effective date of required auditor attestation. In 2010, President Obama signed legislation to permanently exempt nonaccelerated filers from auditor attestation. The case also highlights inherent risk assessments by the independent auditor when one individual holds multiple C-level titles (Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, etc.) within the organization concurrent with membership on the board of directors, and requires students to recommend internal control policies and procedures designed to prevent or detect the embezzlement.

Download Full-text

From Phishing To Advanced Persistent Threats: The Application Of Cybercrime Risk To The Enterprise Risk Management Model

Review of Business Information Systems (RBIS) ◽

10.19030/rbis.v14i4.358 ◽

2010 ◽

Vol 14 (4) ◽

Author(s):

John W. Moore

Keyword(s):

Risk Management ◽

Financial Reporting ◽

Internal Control ◽

Enterprise Risk Management ◽

Management Model ◽

Material Weakness ◽

Public Companies ◽

Advanced Persistent Threats ◽

Sarbanes Oxley ◽

Enterprise Risk

This paper examines the issues of cybercrime in the context of risk to organizations. In particular, it considers the control frameworks most commonly used by U.S. public companies to benchmark their internal controls over financial reporting. It discusses the market for stolen identities, looking at the sources from which many of those identities are stolen. It reviews the available internal control frameworks and explains how a firm’s risk of cybercrime might be classified as a material weakness under Sarbanes-Oxley Section 404. It models how the use of COSO’s Enterprise Risk Management model could improve an organization’s chances of avoiding a serious incident.

Download Full-text

Armor Holdings Inc.

Journal of Business Ethics Education ◽

10.5840/jbee20201720 ◽

2020 ◽

Vol 17 ◽

pp. 291-294

Author(s):

Fatima Alali ◽

Silvia Romero ◽

Keyword(s):

Financial Reporting ◽

Real Life ◽

Thinking Skills ◽

Securities And Exchange Commission ◽

Professional Judgment ◽

Foreign Corrupt Practices Act ◽

Tone At The Top ◽

Sarbanes Oxley ◽

Analytical Thinking ◽

Ethics Course

The U.S. Foreign Corrupt Practices Act (FCPA) has gained significant popularity in recent years across borders due to the increased investigation and penalties under the law. The following case is a real-life case that highlights the main provisions of the FCPA. Using cases in teaching an auditing or ethics course is much needed to develop students’ professional judgment, critical and analytical thinking skills and communication skills. Presently, there are a few cases that address the Foreign Corrupt Practices Act and its effect on financial reporting and auditor responsibilities about illegal acts. The Armor Holdings case is interesting and information is publicly available regarding the circumstances that describe the bribery act, lack of whistle-blower protection, the tone at the top, and the accounting treatment. In addition, the increase in actions brought by the Securities and Exchange Commission (SEC) under the FCPA since 2010 heightens the relevance of this case and underscores the need for students to learn the skills necessary to ensure compliance with FCPA and related key regulations such as the Sarbanes Oxley and the Dodd Frank Act. Therefore, cases like this one provide a rich tool to navigate topics and enforce students’ learning of client’s illegal actions and their consequences. These skills are invaluable in practice.

Download Full-text

Section 404 Compliance and Financial Reporting Quality

Accounting Horizons ◽

10.2308/acch.2010.24.3.441 ◽

2010 ◽

Vol 24 (3) ◽

pp. 441-454 ◽

Cited By ~ 41

Author(s):

Albert L. Nagy

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Reporting Quality ◽

Financial Statements ◽

Securities And Exchange Commission ◽

Small Companies ◽

Section 404 ◽

Financial Reports ◽

Sarbanes Oxley

SYNOPSIS: This study examines whether the Sarbanes-Oxley Act Section 404 (S404) compliance efforts lead to higher quality financial reports. An objective of S404 is to encourage companies to devote adequate resources and attention to their internal control systems, which should lead to more reliable financial statements. A natural laboratory of S404 compliance and noncompliance companies exists because the Securities and Exchange Commission has deferred the S404 compliance date for small companies (nonaccelerated filers). A logistic regression model is estimated using a sample of companies surrounding the S404 compliance threshold to measure the S404 compliance effect on the likelihood of issuing materially misstated financial statements. The results show a significant and negative relation between S404 compliance and issuance of materially misstated financial statements, and suggest that the S404 regulation is meeting its objective of improving the quality of financial reports.

Download Full-text

Is SOX 404(a) Management Internal Control Reporting an Effective Alternative to SOX 404(b) Internal Control Audits?

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-51669 ◽

2017 ◽

Vol 36 (3) ◽

pp. 71-89 ◽

Cited By ~ 4

Author(s):

Yangyang Fan ◽

Chan Li ◽

K Raghunandan

Keyword(s):

Internal Control ◽

House Of Representatives ◽

Cost Effective ◽

Securities And Exchange Commission ◽

Effective Alternative ◽

Section 404 ◽

Public Companies ◽

Sarbanes Oxley ◽

Cost Effective Alternative ◽

Management Reporting

SUMMARY Section 404 of the Sarbanes-Oxley Act (SOX; U.S. House of Representatives 2002) continues to be controversial. Using samples of Securities and Exchange Commission (SEC) registrants with market capitalizations of less than $150 million, we find that non-accelerated filers have a significantly larger reduction in the likelihood of material misstatements, discretionary revenues, and discretionary accruals compared to smaller accelerated filers after non-accelerated filers became subject to the requirements of Section 404(a). Our findings are consistent with the argument that management reporting on internal controls (Section 404(a)) may be a cost-effective alternative to internal control audits (Section 404(b)) for smaller U.S. public companies.

Download Full-text

Perspectives on the Public Company Accounting Oversight Board (PCAOB) 2004–2005

Accounting Horizons ◽

10.2308/acch-50877 ◽

2014 ◽

Vol 28 (4) ◽

pp. 889-899 ◽

Cited By ~ 38

Author(s):

Andrew D. Bailey

Keyword(s):

Financial Reporting ◽

Professional Practice ◽

Internal Control ◽

Securities And Exchange Commission ◽

Public Companies ◽

Public Company ◽

Audit Standard ◽

Year 2000 ◽

International Aspects ◽

Audit Standards

SYNOPSIS This commentary reflects my experiences with the U.S. Securities and Exchange Commission (SEC) during the academic year 2000/2001 (Academic Fellow) and the two calendar years 2004–2005 (Deputy Chief Accountant [Professional Practice]). These comments reflect only my thoughts without citations in support of or contrary to those thoughts and resulting opinions. The topics covered in this commentary include: (1) early staff relations between the PCAOB and SEC in their respective roles of audit standard setter and oversight agency; (2) the PCAOB decision to act as the sole audit standard setter for registered public companies displacing the AICPA in this role; (3) the PCAOB's approach to “revising” the interim audit standards through Rule 3101, Certain Terms Used in Auditing and Related Professional Practice Standards; (4) Audit Standard 3 (AS3), Audit Documentation; and (5) Audit Standard 2 (AS2), An Audit of Internal Control over Financial Reporting Performed in Conjunction With an Audit of Financial Statements. I will also comment on several observations made by others concerning the competence of PCAOB staff and the PCAOB Board members to set audit standards and perform meaningful inspections. I conclude with a brief note on the international aspects of PCAOB actions during this period.

Download Full-text

Model Pengendalian Internal Berbasis Sarbanes-Oxley Act dan Keandalan Pelaporan Keuangan (Studi Internal Audit Pada Perusahaan Publik di Indonesia)

Jurnal Ekonomi dan Bisnis ◽

10.24914/jeb.v18i2.264 ◽

2016 ◽

Vol 18 (2) ◽

pp. 81

Author(s):

Syahril Djaddang ◽

Shanti Lysandra

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Audit Quality ◽

Internal Audit ◽

Public Companies ◽

Audit Opinion ◽

Moderating Variables ◽

Sarbanes Oxley ◽

Control Application ◽

The Impact

<em>This study focus on internal control application based on the Sarbanes-Oxley Act. The research objective is to examine the impact of Sarbanes-Oxley Act implementation and the financial reporting reliability toward audit quality and audit opinion. The research is conducted on public companies implementing Sarbanes- Oxley Act in Indonesia. The internal audit section in the companies are used as respondents. Based on questionnaires distributed, there were 35 samples of public companies used in this research. This study employs WarpPLS to handle the SEM model in testing the hypotheses and multigroup analysis to conduct the sensitivity analysis. The research’s results showed that application of Sarbanes-Oxley Act based internal control and financial reporting reliability are positively affect the audit opinions and directly influence the audit quality. However, the independent auditor's opinion is not a moderating variables between other variables. The research results are expected to be used as considerations by the companies in implementation of Sarbanes-Oxley Act based internal control.</em>

Download Full-text

They Protect Us from Computer Fraud: Who Protects Us from Them? SafeNet, Inc.: A Case of Fraudulent Financial Reporting

Issues in Accounting Education ◽

10.2308/iace-51120 ◽

2015 ◽

Vol 30 (4) ◽

pp. 353-372 ◽

Cited By ~ 2

Author(s):

Leisa L. Marshall ◽

James Cali

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Stock Options ◽

Governance Structure ◽

Fraud Triangle ◽

Fraudulent Financial Reporting ◽

Corporate Governance Structure ◽

Chief Operating Officer ◽

Tone At The Top ◽

Prevention Methods

ABSTRACT This case focuses on fraudulent financial reporting as related to the tone at the top, primarily the chief operating officer, Carole Argo, of SafeNet, Inc. (SafeNet). This case provides students a real-world example by which to apply basic fraud concepts including the fraud triangle, fraud prevention, and red flags (fraud symptoms). Students analyze SafeNet to identify deficiencies and prevention methods, from the perspective of COSO's (2013) Internal Control—Integrated Framework's internal control objectives, components, and principles. Students also analyze SafeNet's corporate governance structure by comparing SafeNet's Board of Directors and its subcommittees pre- and post-SOX. Students learn of stock options as a form of compensation. However, this case does not focus on the details of accounting for stock options. This case is appropriate for students with the financial accounting principles course background. This case was classroom tested in a basic fraud examination course and an internal auditing course. Students' responses in both courses support the use of the case as a learning tool.

Download Full-text

Do Small Firms Benefit from Auditor Attestation of Internal Control Effectiveness?

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-50238 ◽

2012 ◽

Vol 31 (4) ◽

pp. 115-137 ◽

Cited By ~ 19

Author(s):

Gopal V. Krishnan ◽

Wei Yu

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Small Firms ◽

Securities And Exchange Commission ◽

Control Effectiveness

SUMMARY While auditor attestation of the effectiveness of internal control over financial reporting (ICFR) is required for firms with a public float of at least $75 million (accelerated filers), the Securities and Exchange Commission (SEC) has delayed auditor attestation for non-accelerated filers several times. The Dodd-Frank Act of 2010 exempts non-accelerated filers from auditor attestation. We examine the relation between auditor attestation and revenue quality for a sample of non-accelerated filers and small accelerated filers. We find that discretionary (abnormal) revenues, our proxy for revenue quality, are lower by about 1.5 percent of total assets for accelerated filers relative to non-accelerated filers. This finding holds even among firms whose management has certified their ICFR to be effective. Overall, the findings support the notion that auditor attestation of the effectiveness of ICFR benefits small accelerated filers via higher revenue quality. We believe our findings are timely and potentially informative to regulators, investors, and others.

Download Full-text

Human Resources Information Systems Role in Sarbanes Oxley (SOX) Compliance

Encyclopedia of Human Resources Information Systems ◽

10.4018/978-1-59904-883-3.ch069 ◽

2009 ◽

pp. 471-476

Author(s):

Kathryn J. Ready ◽

Milorad Novicevic ◽

Monica Evans

Keyword(s):

Human Resource ◽

Financial Reporting ◽

Standard Operating Procedure ◽

Public Companies ◽

Business World ◽

Resource Information ◽

Business Operations ◽

Sarbanes Oxley ◽

Human Resources Information Systems ◽

It Departments

Compliance with the Sarbanes-Oxley Act (SOX) has become a new indispensable standard operating procedure for public companies competing in the business world of the 21st century. The SOX compliance is crucial for capital market stakeholders that want to ensure transparent insights into the companies’ business operations and financials following the revelation of significant fraud in financial reporting by Enron, HealthSouth, WorldCom, and Global Crossing. From the onset the demands of SOX compliance have resulted in increased responsibilities from companies’ finance and accounting departments. For more effective compliance and monitoring, the human resource (HR) and information technology (IT) departments need to be more strategically involved (Deloitte & Touche, 2003). One tool that may ease the companies’ burden of SOX compliance is the human resource information system (HRIS), provided its role is expanded beyond the traditional scope of ensuring Equal Employment Opportunity (EEO)m compliance and supporting payroll systems (Fletcher, 2005).

Download Full-text

An exploration of the choice to comply voluntarily with SOX section 404(b)

Managerial Auditing Journal ◽

10.1108/maj-10-2018-2023 ◽

2019 ◽

Vol 35 (1) ◽

pp. 93-110

Author(s):

Alan Blankley ◽

David Hurtt ◽

Jason MacGregor

Keyword(s):

Financial Reporting ◽

Internal Control ◽

Small Businesses ◽

Small Companies ◽

Section 404 ◽

Content Type ◽

Sarbanes Oxley ◽

Financial Perspective ◽

The Law ◽

Several Delays

Purpose Central to the Sarbanes–Oxley Act was a requirement that every company have an audit of its internal control over financial reporting. However, there were concerns that this requirement was overly burdensome, from a financial perspective, for small businesses. This concern promoted several delays in enforcing the law for small companies and ultimately caused congress to permanently exempt small businesses. Yet, there are some small companies that voluntarily elect to comply with the law. The purpose of this paper is to explore why these companies elect to incur these costly audits. Design/methodology/approach Using a sample of 5,834 non-accelerator US firms, this paper uses a robust logistic regression model to examine why some firms comply voluntary with SOX Section 404(b). Findings This study shows that small companies getting audits of internal controls may be doing so to restore investor confidence after reporting failures, to appear credible prior to raising funds, as a response to organizational changes, or in anticipation of being required to comply. Practical implications This study provides regulators with an improved understanding of when it is necessary to implement mandatory rather than voluntary guidance. Originality/value This study is the first to document why a client would voluntarily comply with SOX Section 404 (b).

Download Full-text