Growing Compliance Squeeze

In its 2023 SOX year-end webcast last April, RSM US cautioned listed entities to expect increased scrutiny from its auditors with a renewed focus on IT application controls, interdependencies of IT controls, and segregation of duties and user access controls (Note: RT&Co. is a member firm of RSM Network). In the same breath, consulting firm Protiviti reported that in 2020, the average cost of SOX compliance increased by seven percent from the previous year and that the average hours spent on related compliance activities increased by eight percent in the same period.

RSM US 2023 SOX year-end webcast

The compliance squeeze from the intensifying effort due to ever stringent rules and the escalating cost of compliance has US listed entities resorting to a multi-pronged approach:

• The mounting costs and effort are driving more investments in automation and technology tools that can generate greater efficiencies.
• Actively pursuing offshore outsourcing of SOX control testing as a cost play as well as in tireless pursuit of procedural and structural upgrades in their compliance programs. Offshore professional “centers of excellence” now offer a lucrative avenue for effective SOX compliance that confers strategic competitive advantage.

RT&Co. SOX Value Solutions

RT&Co. firmly believes that Philippine subsidiaries of US listed entities need to have the same breadth of strategic SOX compliance choices similar to what we are seeing across the globe. In this spirit, the Advisory Division has launched its SOX Value Solutions, a risk-based program for entities that aim to reduce the burden of SOX compliance with the aim to assist in maintaining the effectiveness of internal controls, complying with disclosure requirements, integrating internal control testing and internal audits, and leveraging the organization’s SOX investments. To achieve this, we have devised a robust and adaptable approach to assessing internal controls in four easy, commonsensical steps:

Acknowledging that each entity has peculiarities, we have a full suite of SOX compliance services to respond to your concerns and which we can tailor-fit to your needs:

• Risk Control Mapping: Are all financial statement risks mitigated by a control activity and are all control activities relevant and necessary?
• Gap Analysis: Do internal controls individually and collectively meet SOX requirements?
• Business Process Reviews: Are your organization’s financial close and reporting, revenue-to-collect, procure-to-pay, payroll, taxation, fixed assets management, and treasury processes designed to allow effective internal controls over your financial reporting risks?
• IT Controls Testing: Are the IT general controls and application controls over the systems and databases involved in financial reporting effective?
• COSO Mapping and Review: How well does the internal control system holistically cover the organization’s operating environments based on the COSO Framework?

Why Trust Us

We understand the importance of sustaining compliance and ensuring the investment reap benefits for your organization. We want to give our clients the best value for their money, without sacrificing quality. 

The Compliance Regulatory and Consulting team has extensive experience in SOX compliance review engagements with various industries locally and internationally. Our diverse experience includes clients in customer service, electronics, manufacturing, and pharmaceuticals to name a few. 

If you want to learn more about our program and what we can offer, do not hesitate to contact us through the RT&Co. website or email us at [email protected]. We would love to hear from you!