The following article was prepared by Mike Taylor, C.P.M.
Do you have a monkey on your back? Is there someone who second-guesses the decisions you make when awarding purchase orders and contracts? For those of us fortunate enough to work in the government arena we get plenty of oversight from big brother. Internal auditors, DCAA auditors, customer process reviewers, the IG, the GAO and a few more organizations all review buyer's procurement decisions.
With the spreading implementation of the Sarbanes Oxley Act of 2002 (SOX), buyers in commercial companies are starting to get more 'help' as well. As a result of SOX, Corporate and independent auditors are much more concerned about management of the procurement process. Your Finance Department may already be working on a compliance review. Very soon, if not already, they will be contacting procurement.
Basically SOX places more liability on senior
company officials for ensuring that the company is acting in a fiscally
responsible manner. [Lately it seems like a lot of
companies in the news need help] . Senior managers
have direct liability if the company misstates earnings, liabilities, financial
position, company value, etc.
So what does this have to do with purchasing? I'm glad you asked. ]. Section 404 of the SOX Act, Management Assessment of Internal Controls, includes this phrase "…. adequate internal control structure…….". That is, does your company have internal controls to prevent financial loss and fraud? This would include the financial liabilities associated with procurement and subcontracting.
Consider how much of your company's annual budget is
spent in the procurement process. Thirty percent, fifty percent or even 80
percent? Whatever the number, if even a small part of that money is being
misappropriated, it could have a big impact on the financial health of the
company and its investors. Not to mention the large financial risks associated
with contract claims and litigation? Since procurement handles so much of the
money, it's a major area where the risk of fraud needs to be managed and
[Have you ever heard of a buyer being asked to change the effective date on a contract or invoice because of the way it impacts the company financial reporting for month end? Gee, I wonder if that could be construed as fraud by one of the investors?]
Under SOX, 'procurement' risk is a source of personal liability for senior managers. Thus internal and external auditors get the green light to investigate and ensure that 'adequate management controls' are in place. The net result is that those of you in commercial companies will soon enjoy the benefits of increased audit attention that we in government have always had. Welcome to the club.
Has this change affected commercial companies? You
bet. The January 26, 2004 issue, Business Week magazine reported that an
increasing number of public companies were going private, since SOX was enacted.
[Hmmmm, wonder if that's because the CEO wants
to have the freedom to tweak the numbers or is it just because he doesn't like
The bottom line is buyers in both government and commercial companies end up with auditors looking over their shoulder as they make contracting decisions. These audits can be onerous when the reviewer believes that the buyer's actions were not in accordance with sound business practices.
Greg Hutchins of Quality Plus Engineering has been discussing SOX as it relates to procurement in his workshops.
Also, here is one copy of the SOX Act found on the
How can we better prepare to defend our contracting decisions? Here are several suggestions.
For Buyers and Contract administrators:
Here is a real life example of how a Buyer's actions were misinterpreted by an auditor with major consequences to the company. This is a recent GAO protest decision. In this case the evaluation process was very elaborate and was designed to obtain the most realistic competitive proposal.
When all was said and done, the GAO determined that one offeror was prejudiced when the final decision wasn't made as planned. Thus the best contractor may not have been selected. [under SOX, this could mean that the company was fiscally out of control.]
Part of the reason the decision went against the buyer was because of the ambiguity between the buyer's actions and the file documentation.
Here are some excerpts from this protest decision
worth noting: http://www.gao.gov/decisions/bidpro/292288.htm
In this case the protest was sustained, meaning the buyer lost. If this was an internal auditor or a SOX audit, we might end up with some serious explaining to do. Under SOX, an auditor could say this failure increased risk and cost to the company. The CEO or CFO could be held accountable and you know what happens to us at the bottom, when senior management gets some heat at the top.
With shareholders driving the train, auditors will dig deeper into our procurement decision making process and second guess even more of our actions.
Hope this helps you understand the link between SOX and the Supply Chain.
|MLTWEB is owned by Michael L. Taylor, C.P.M. Mail:|
|Materials prepared by Mike may be shared for supply chain education, provided that this source is credited and no fee is charged. The rights for any other use are withheld.|
|Copyright; Michael L. Taylor, C.P.M.|