A New Role for Auditors in privately owned Technology Companies 

By Jeffrey D. Solomon, CPA, CVA

Since Congress passed the Sarbanes Oxley Act of 2002 (the Act), public companies have had to comply with numerous requirements and standards in a variety of areas, including internal controls, corporate governance, composition of audit committees and boards of directors, auditor independence and responsibilities, and CEO/CFO certifications over the accuracy of financial disclosures.  The degree to which private companies will ultimately have to comply with certain of the Act’s provisions remains unclear.  Most would agree that these new requirements have improved investors’ faith in the accuracy of public company financial results; however, the cost of compliance has been high.  Private companies are now struggling to determine their ultimate level of compliance with the Act.  There are clearly some areas that private companies should focus on, which will not only be beneficial should the Company be sold to a public company, or go public itself, but could also help the Company to improve its operations and financial position.  While the role of the public company auditor has been drastically limited under the provisions of the Act due to new independence rules, the auditors for a privately held company have a bit more latitude and, I would argue, more responsibility to help their clients establish certain “best practices”.  Your independent auditor can play a key role in helping you to determine where to focus. 

            The first step is for the company to establish an audit committee that is comprised not only of management, but also of several outside independent directors who have financial as well as business expertise.  The audit committee should develop a written charter, which will serve as a guideline for the conduct of their meetings.  The audit committee is a key communication point for your auditors.  They should meet with the audit committee prior to and at the conclusion of your company’s audit.  Items discussed during these meetings should include the audit approach, areas of concern, high-risk areas (such as revenue recognition), audit findings, and a review of the financial statements and recommendations to management.  Your auditor should take the lead and communicate valuable recommendations and insights to the Company based upon their work.

            An adequate system of internal controls has always been critical to the financial success of a company, but the Act imposes additional requirements that private companies should consider.  Your auditor can help the company determine if it has a proper internal control system.  This is particularly important if the company may be doing an initial public offering or plans to be acquired by a public company.  We have seen situations where a private company does not have adequate controls in place, slowing down the potential acquisition or merger.  In many smaller companies, adequate controls are difficult to maintain due to a lack of segregation of duties, inadequate technology, or personnel without solid accounting skills.  However, your auditor should raise managements’ awareness about the weaknesses they have seen during their fieldwork and recommend areas where improvements can be made.  Often, a few simple changes can drastically improve a company’s accounting controls. 

Once the appropriate controls are in place, accounting policies and procedures should be documented.  This is especially critical for revenue recognition, due to the complexity of the standards governing this area.  A corporate code of conduct should also be prepared and circularized to employees.  Your auditor should review these written policies and ensure that they are accurate and adequately communicate to all employees the company’s philosophies and values.

Recently, we have reviewed and helped management assess many Corporate revenue recognition policy statements for our software companies, as an example.  This would be important so that there are now “side deals” made by the sales force that could corrupt the Company’s ability to maintain their vendor specific objective evidence (VSOE) which is required for proper revenue recognition treatment.

Certain transactions are now prohibited under the Act.  Loans to officers and other corporate fringe benefits or perks are no longer allowed for public companies.  We suggest that even private companies seriously consider complying with the new rules.  Again, these are areas worth exploring with your auditors.

While the Act has mandated stricter requirements over corporate governance, internal controls, and disclosures for public companies, there are certain elements of the Act that should be evaluated and applied to private companies.  Auditors today have the opportunity to provide valuable assistance to their emerging technology clients.  The auditor’s role should be to advise their privately held clients on how they should be complying with the Act, which will ultimately smooth the way for an IPO or acquisition /merger with a public company.

BACK to Newsroom