sarbanes-oxley (sox)
DESCRIPTION
Sarbanes-Oxley (SOX). Agenda. What is Sarbanes-Oxley? What does SOX mean for the Postal Service? Communications and Training Timeline Financial Support & Control Activities. Paul Sarbanes. Michael Oxley. What is Sarbanes-Oxley?. - PowerPoint PPT PresentationTRANSCRIPT
Sarbanes-Oxley
(SOX)
Agenda
What is Sarbanes-Oxley?
What does SOX mean for the Postal Service?
Communications and Training
Timeline
Financial Support & Control Activities
The Sarbanes-Oxley (SOX) Act of 2002 was enacted as a result of a series of large corporate financial scandals.
It is administered by the SEC.
It is intended to: ● Improve confidence in financial
reporting through increased corporate governance.
● Reduce fraudulent practices and accounting inconsistencies.
What is Sarbanes-Oxley?
Paul Sarbanes
Michael Oxley
What does SOX mean for the Postal Service?
We must begin quarterly certifications in February 2008.
We must comply with Section 404 of SOX by 2010.
As a result of the Postal Accountability and Enhancement Act of 2006:
Management must:
● State its responsibility for establishing and maintaining an adequate internal control structure for financial reporting.
● Make an assertion on the effectiveness of the internal control structure with regard to financial reporting.
● Provide annual certifications for fiscal year 2010 and beyond.
SOX is about:
● Good business practices
Accountability and ownership
Effective execution of controls
● Timely, accurate and authorized
What SOX is and is not about…
SOX is not about:
● Waiting time in line at a post office
● Carriers still on the street at 1900
● Productivity targets in mail processing
SOX “Speak”
Process – One or more business activities, normally end-to-end from transaction origination to recording a financial activity.
Examples: Payroll Process 1412 Process Retail Floor Stock Process Credit Card Purchasing Process Employee Hiring Process
SOX “Speak”
Controls – Procedures performed within processes that add a level of assurance that the process objective is being achieved.
For instance: Authorizations of transactions
Authorizations of activities
Physical control over assets
Steps Necessary for Compliance
Documentation● Define processes and systems
that impact financial reporting
● Identify key controls
● Identify risks
Testing● Test key controls for effectiveness
● Remediate failures and retest
Steps Necessary for Compliance
Reporting
● Management Certification Management certifies
effectiveness of internal controls
● External Auditor Validation External Auditor tests
key controls External Auditor certifies
effectiveness of internal controls
Through the implementation of SOX:● Provide consistent documentation of our
processes and systems.
● Increase accountability and ownership of controls.
Receive external auditor certification quarterly and annually, as required, for FY 2010 and beyond.
Our Objectives
Our Mission
Strengthen our business practices to thrive
in a competitive environment
Strategic Transformation beyond compliance
Improve“Optimize and Sustain”
Transform“Leverage Compliance for Better Performance”
Comply“Penalty Avoidance”
Stakeholder Value
Mat
uri
ty C
on
tin
uu
m
Cost
Value
Our Vision
Benefits
Reinforces public trust in our financial reporting
Standardization and streamlining of processes and systems
Increased accountability and ownership of controls
Consistent documentation of processes and systems
SOX Impact on the Field
Financial Accountability Examples with SOX
• Limit access to the unit cash reserve
• Close credits
• Remit all funds from retail operations
• Secure cash/stamp drawers
• Monitor or reconcile master trust account balances
• Properly follow close out procedures
• Properly prepare bank deposits
• Verify disbursement transactions are supported
• Ensure Voyager transactions are supported with receipts
• Ensure SmartPay (IMPAC) transactions are supported with receipts
Financial Accountability Examples Present Today
• Limit access to the unit cash reserve
• Close credits
• Remit all funds from retail operations
• Secure cash/stamp drawers
• Monitor or reconcile master trust account balances
• Properly follow close out procedures
• Properly prepare bank deposits
• Verify disbursement transactions are supported
• Ensure Voyager transactions are supported with receipts
• Ensure SmartPay (IMPAC) transactions are supported with receipts
How Does SOX Affect You?
You must employ existing financial controls according to present policies and procedures
Ensure your actions are timely, accurate, and authorized
Where signatures are required – be sure to sign it!
Promote good business practices – reinforce accountability
Communications & Training
Website – http://SOX
● Who-what-where-when-why-how
● FAQ’s, Acronyms, Glossary of Terms
Email – [email protected]
Communications in partnership with the new law and transformation strategy
Training:
● Method: On-line & instructor led
● Topics: General awareness and audience specific
● Venues: Classroom, meetings, conventions
Countdown to Compliance
December2006
FY 07 FY 09 FY 10February2007
FY 08
December 2006 – PAEA passed
February 2007 – SOX Program Management Office created
FY 07 – Organization and Implementation Guide in place
FY 08 – Processes and control documentation completed
FY 09 – Control testing and remediation completed
FY 10 – Compliance and monitoring
Countdown to Compliance
Timeline
®
Financial Control and Support
NAPUS National ConventionSeptember 10 – 11, 2007
Financial Control & Support
Financial Control & Support
●Key group for interaction with the Field on SOX
480 Managers and Analysts in 80 districts
●Proactive ApproachPerform Finance ReviewsOffer Support and GuidanceAssist in the remediation of control failures
Financial Control & Support
Established in early FY 2007 to:
● Monitor, evaluate, and review financial and revenue systems
● Focus on weaknesses identified through control testing
● Improve integrity of financial and revenue reporting
Established in early FY 2007 to:
● Test key financial activities in support of SOX compliance
Conduct field testing
We will use a statistical sampling approach for testing our financial controls
Remediate control weaknesses
Typically for SOX compliance, the pass rate of 95% is required for a given control
Financial Control & Support
Established in early FY 2007 to:
● Focus on control failures identified by Ernst & Young (our external auditors).
● Use cause analysis to address control weaknesses
● Support Accounting Service Centers and retail units
Conduct training on financial systems
Support financial system implementation
Financial Control & Support
Area VPs, District Managers and PMs
● Report systematic control failures
● Progress toward SOX compliance
● Communication will be ongoing
Communication to the Field
Key Financial Activities
A set of controls/procedures
Provide assurance to financial statement assertions
Sustain a strong internal control environment
Ensure alignment with policy and procedures
Reviewed by FCS during SOX/key financial activities
Key Financial Controls
The absence of any one/or combination of key financial activities would result in a high
probability that financial statements will contain
material misstatements!
Key Financial Activities at Post Offices
Liquid Assets Are Physically Controlled
Limit access to the unit cash reserve
Close inactive credits
Secure stamp/cash drawers
Properly follow close-out procedures
Properly prepare bank deposits
9
20
3
16
24
0
5
10
15
20
25Limit access to theunit cash reserve
Close inactivestamp/cash credits
Secure cash/stampdrawers
Properly follow close-out procedures
Properly prepare bankdeposits
Key Financial Activities at Post Offices
Liquid Assets Are Physically Controlled
Failure Point7
Key Controls at Post Offices
Retail Sales & Cash Are Reconciled Daily
Adequately separate duties
Restrict access to information resources
Monitor and reconcile master trust account balances
Monitor and promptly clear employee items
Monitor and reconcile financial differences
Remit all funds from retail operations
1
11
8
22
25
4
0
5
10
15
20
25Adequately separate duties (POSOne)
Restrict access to Postal Serviceinformation resources to authorizedemployees (POS One)
Monitor and reconcile master trustaccount balances
Monitor and promptly clear employeeitems
Monitor and reconcile financialdifferences
Remit all funds from retail operations
Key Financial Activities at Post Offices
Retail Sales & Cash Are Reconciled Daily
FailurePoint7
Key Controls at Post Offices
Field Payables are Properly Approved
Verify that disbursement transactions are supported
Ensure SMARTPAY (IMPAC) transactions are supported with receipts
Update Voyager master PIN list
Secure Voyager master PIN list
Support Voyager transactions with receipts
Reconcile monthly Voyager purchases
24
1
13
45
3
0
5
10
15
20
25Verify that disbursement transactionsare supported
Ensure SMARTPAY transactions aresupported with receipts
Update Voyager master PIN list
Secure Voyager master PIN list
Support Voyager transactions withreceipts
Reconcile monthly Voyager puchases
Key Financial Activities at Post Offices
Field Payables are Properly Approved
7FailurePoint
Key Controls at Post Offices
Time Records are Approved before Submission to Payroll
Support payroll transactions
Complete PS Forms 1723 to support higher level authorization
16
1
0
5
10
15
20
25Have adequatedocumentation tosupport payrolltransactions
Complete PS Forms1723 to support higherlevel authorization
Key Financial Activities at Post Offices
Time Records are Approved before Submission to Payroll
FailurePoint7
Nothing new
Renew efforts to ensure that policy and procedures are being followed at your postal retail unit
Continue to be aware of changes to policy and procedures
What do Postmasters have to do?
Email us at [email protected] Website!