By: John Klee, Senior Advisor, TPI
One of the most critical points in an outsourcing environment is often one of the least addressed. U.S. public companies receiving outsourced services have statutory requirements to substantiate that proper controls are in place to assure the integrity of data, systems, etc. Additionally, there are requirements for a firm’s external auditors to report on the reliability of a company’s management assertions regarding these internal controls. Both clients and service providers need to understand these requirements and it is best to address them during negotiations rather than after services begin.
Why is this issue being discussed in this entry? As noted, it is always better to address issues upfront in negotiations than after the contract has been signed. Part of a client strategy should be to have the best compliance and controls built into the contract requirements. This exhibits foresight and evidence to auditors conducting reviews and positions both clients and providers with built-in controls, which is far easier accomplished beforehand than attempting to build in these requirements once delivery has begun.
The three main regulatory or organization issuances that define and standardize these requirements – The Sarbanes-Oxley Act of 2002, SAS70 (AICPA Statement on Auditing Standards – Issued 1992), and COSO (1992 Committee of Sponsoring Organizations Internal Control – Integrated Framework). The crux of these regulations and standards are to certify and assert that public disclosures are truthful and reliable and management is satisfied that they have taken the appropriate steps to ensure that the processes and controls in developing this data are consistent so that stakeholders can rely on it. Additionally, they can provide transparency into financial statements, offer companies a framework and guidance in the design, implementation and test of control mechanisms, and offer a common ground in which clients and service providers can work from.
Compliance and control is important since it offers assurances to investors and more often than not, it is the law.
Points and Reminders:
• Clients and service providers need their accounting experts to sign off on any accounting treatments.
• Every contract can be different; slight nuances to contract language can alter accounting treatments.
• Recognizing and addressing these issues upfront, in the client’s sourcing strategy, improves their RFP and negotiation position.
• Everyone benefits from a clearly defined strategy.
And one last parting thought, “It’s an Accounting Issue. No, it’s a Contract Issue.”
About the author
