Notes From Germany on Section 404

BY MICHAEL DOBLER

The article, “ How Sarbanes-Oxley Will Change the Audit Process ” ( JofA , Sep.03, page 49), in its discussion of management’s and the auditor’s duties regarding internal controls emerging from the Sarbanes-Oxley Act, shows obvious parallels in Germany.

In 1998 German public limited companies were obliged to establish a monitoring system for early recognition of developments that might endanger the company as a going concern. The auditor has to assess the corporation-wide existence, the effectiveness of design and the operating effectiveness of the measures taken.

Compared with the internal control system of the Sarbanes-Oxley Act, the German risk early recognition system is narrower in scope because it highlights but doesn’t exclusively aim at going-concern uncertainties and more general in that it does not focus on information related to financial accounting.

Moreover, the auditor’s tasks differ particularly because German legislation requires no publicly available disclosure of the auditor’s assessment of the system and does not refer to the management’s assertion but directly to an audit of the system.

Despite these discrepancies the major implications of the new requirements appear similar:

Management is provided little regulatory guidance on establishing an adequate system. This allows for firm-specific solutions, but causes uncertainty.

Auditors face a new challenge and the need for changing audit procedures. Pure substantial tests are no longer valid. In Germany this was even interpreted as a legal codification of the concept of audit risk.

However, empirical evidence from Germany suggests implementation of risk early recognition systems even five years after the new legislation was imposed has been unassertive and unsatisfying. Higher risk of litigation and sanctions in the United States seem capable of preventing these failings in part but not in total.

For further information on this topic, see my paper at www.intranet-lehrstuhl.bwl.uni-muenchen.de/dispatch/Publikation/Volltexte/1728.pdf .

Michael Dobler
Diplom-Kaufmann,
Master of Business Research
Munich, Germany

SPONSORED REPORT

Cybersecurity threats proliferating for midsize and smaller businesses

This report details how SMBs can properly protect private information from breaches, design and implement a cybersecurity policy, and create safeguards for training and education.

QUIZ

News quiz: Senate health care bill in the spotlight

Reports related to the Republican bill to repeal many provisions of the PPACA, other tax issues, and the giant AICPA ENGAGE Conference offered a diverse reading list for June. See how much you know about recent news with this short quiz.