It's official. Australia entered the first year of Sarbanes-Oxley reporting under Section 404 on July 15, 2006.
Issuers outside the US who fall under Section 404 are required to file audit reports relating to internal controls for the first fiscal year ending on or after that date.
This includes documented financial processes, risk assessment and financial reporting controls.
Australian companies can expect a few mistakes. In the US, one in six companies failed to meet Sarbanes-Oxley (SOX) compliance in the first year.
Australian head of KPMG of Sarbanes-Oxley compliance, Brian Bogardus, said it is hard to say why these companies are failing as there are too many complexities involved, adding that the Securities and Exchange Commission (SEC) disclosures do not go into tremendous detail.
Bogardus said one area where companies struggle is the impact of IT on internal reporting, because the solutions are not simple.
Fortunately, only 6 percent of companies in Australia need to comply with the mandate.
But even outside legal mandates, companies find other audit controls covering both internal partners and suppliers a struggle.
KPMG claims only six percent of companies conduct audits of reporting controls and, as a result, businesses are losing billions of dollars.
KPMG claims 90 percent of IT businesses that undertake a review of self-reporting relationships (SRR) find under-reporting by partners or customers.
This figure translates into billions of unaccounted dollars, according to a KPMG report.
In a self-reporting environment, each party involved provides the other with information relating to activity, such as sales volume data.
The study, entitled Contract Compliance in the High-Tech Industry, also found that the reason such SSR are not audited is fear of offending a business partner or customer.
Nearly 60 percent of the respondents agreed that, by not auditing partners' reports they risked encouraging grey market activity in products.
Maurice Pagnozzio, KPMG contract compliance services Asia Pacific leader, said if companies can see the benefits in better control of intellectual property as well, the arguments for bringing SRRs under proper control begin to look overwhelming.
"Of the 155 respondents we surveyed, 72 percent indicated they were in a SRR, yet only six percent said they audit even half of their relationships," Pagnozzio said.
"Most often, the misreporting is not intended or malicious, it's simply because of poor compliance processes and controls or original contracts that are too vague and therefore easily misunderstood."