Allen Liebnick
Allen Liebnick

SOX Nabs Small Public Companies

Are you compliant?

December 3, 2009
by Allen Liebnick, CPA, CFF

The U.S. Securities and Exchange Commission (SEC) announced recently that small public companies will no longer get a reprieve from complying with the Sarbanes-Oxley Act (SOX). Next year, the small public companies will have to attest to the adequacy of their company’s internal controls-tracking of inventory, accounts payable and cash. Obviously, as an accounts payable/sales-tax recovery firm, we are very attuned to accounts-payable controls and work closely with our clients’ internal and external auditors to help them avoid duplication of our efforts and hopefully, keep some of the costs down. However, because of the fixed cost nature of compliance, it very well may be sticker shock for our smaller clients when they find out just how much those costs can be. To add to this, we are seeing clients both large and small having a tough time collecting from both current and former customers, and, of course, vendors that have been overpaid. For the small public companies, companies with market capitalization below $75 million, the future could hold additional expenses going out, and for both the large and small companies less receivables coming in. Having some questions about both SOX compliance and business-to-business collections, I am fortunate to have two people who keep abreast of these very areas — my sons Bryan Liebnick, MBA, CIA (Certified Internal Auditor) and Matthew Liebnick, attorney-at-Law.

SOX Compliance

My first set of questions was for Bryan, whose background includes several years with two of the Big Four accounting firms, internal audit at an energy related firm, and for the last two years, internal audit with one of the major banks. Having been involved with SOX compliance from its infancy to current requirements and having been on both sides of the table — in public and private — I had several questions as to what he personally has seen and foresees.

I spent many years in the public sector and remember way back when how audits had become fairly routine with lots of freshly minted accountants making checkmarks, and a time of acceptance and trusting of clients’ figures. We all know how that has had to change and how more comprehensive audits have become.

Do you think that at some point SOX compliance may become a routine procedure that will be assigned to lower-level staff to just fill in the check marks?

Bryan: Public companies have become more comfortable with the required SOX compliance and readiness preparation. When I first started in an advisory role with a Big 4 firm, SOX was fairly a new requirement and public companies were heavily relying on external consultants to help identify and document their key SOX controls, one process at a time. More recently though, the companies I’ve worked for support SOX audits internally with dedicated SOX control owners.

Most companies continue to experience enough change from year to year that the audit routines are rarely, if ever, repeatable. With process risk and controls changing, it will likely remain an in-depth process for experienced staff.

In your experience where have you seen the stronger push for compliance coming from, the private sector or their external auditors?

Bryan: Both corporate management as well as the external auditors place high importance on the SOX audit. I would say there is an equal push, as both are accountable for ensuring complete SOX compliance.

Regarding methods used today versus methods used when you first started: Is it becoming more dependent on computer analysis? Where does the human factor come in?

Bryan: A major objective of SOX over the years has been to automate wherever possible. Automation has enabled a quicker, more efficient testing of a larger sampling, as opposed to manual document inspection and observation, which is more error-prone and time-consuming. Automation should be used with some caution as it is a tool and not a substitute for questioning and practicing good judgment. As more controls move from manual to automated, it has allowed companies to incorporate testing routines on a year-round basis in addition to annually. Furthermore, automation has freed up SOX auditors, giving them the opportunity to work on areas of concern or deficiencies resulting from the SOX audit. For example, the bank I work for has been able to leverage SOX work and incorporate areas of concern into the annual audit plan. Similarly, we have been able to leverage continuous internal-audit activities (in my case auditing loan files) into annual SOX testing.

Just as there is no guarantee that an audit will uncover fraud, is it more likely to be detected through SOX compliance?

Bryan: With SOX compliance in place, it is more likely that fraud will be prevented over the years. One of the critical elements of SOX is management’s assertion and scrutiny around the accuracy of the financial statements. Failure to comply with SOX could not only expose companies to reputational damage and severe penalties, but imprisonment of their mangers as well.

Business-to-Business Collection

To better understand what options some of my own clients may have in collection matters, I went to my son Matthew. Matthew is an attorney-at-law, licensed in both Texas and Oklahoma and before the United States Supreme Court. Matthew’s practice is devoted to the representation of companies of various sizes in premises liability claims as well as business disputes.

Since our business is collecting overpayments to vendors, we often have clients trying to decide whether to pursue reticent vendors or not. It’s not too hard to decide when you no longer use the vendor, but with an active vendor, and a tight credit market, it makes the choice a lot harder. Add to this situation trying to collect from customers/former customers (who could be customers again).

What options does a company have in collecting not only monies due them from their customers/former customers but from their vendors that may have been erroneously overpaid and now refuse to refund the money?

Matthew: Litigation can be a time-intensive and costly option for resolving business-related disputes. Generally, the quicker the parties can work towards identifying their issues and working towards a resolution, without the involvement of the legal process, the better. Today, there are several alternatives available to parties who are willing to pursue this path, including pre-litigation mediation and non-binding arbitration.

Where alternative resolution approaches may have broken down, a company will need to consider making the business decision whether or not to pursue litigation. There are several factors that a company will need to consider, including, but not limited to, the local rules and remedies available to the company in which the lawsuit may be filed. In some states, for example, there are expedited procedural devices available, such as a suit on sworn account, which is used in certain types of breach of contract actions where the plaintiff furnishing goods or services to the defendant. A suit on sworn account, for example, allows the plaintiff to establish a prima facie (refers to sufficient evidence that raises a presumption of fact or establishes the fact in question unless rebutted) right of recovery on its sworn petition if the defendant does not file a sworn denial. In addition, some jurisdictions provide for the recovery of attorney fees, as well as court costs and pre and post-judgment interest to the party bringing the cause of action.

In choosing to pursue litigation, a company should factor in its ultimate goal, including debt satisfaction and precedence setting goals. In many instances, a judgment may be hollow, in which the defendant, ultimately, does not have the assets to satisfy the debt being asserted by the plaintiff. For some companies, there may be additional benefits to litigation, beyond the recovery of money, including establishing precedence with its current vendors, and customers. A company should consider consulting with a local attorney specializing in business litigation in order to fully understand its options.


The purpose of SOX was to improve the quality of financial reports and to give investors more confidence in what companies report, and from what Bryan says, companies have adapted to the requirements. The question is, how small public companies will be able to absorb the costs in addition to collect on their receivables in a tight market, but one thing is for sure — SOX is here to stay.

Rate this article 5 (excellent) to 1 (poor). Send your responses here.

Allen M. Liebnick, CPA, CFF, is president of Overpaid Payables Recovery, Inc. Liebnick has been providing accounts payable, sales tax and telecommunications post-audit recovery services for over 15 years. He is a member of the New York State Society of CPAs as well as Texas Society of Certified Public Accountants. Liebnick thanks both Matthew and Bryan Liebnick for participating in this article. Corporate Finance Insider readers who have questions for Matthew Liebnick or Bryan Liebnick, can contact them directly to ask any questions you might have, feel free to contact Matthew Liebnick or Bryan Liebnick. Tell them Dad sent you.