The House Financial Services Committee plans a hearing for June 25th on “Reassessing Sarbanes-Oxley: The Cost of Compliance in Today’s Capital Markets.” It sounds like the hearing will mainly focus on an old friend, SOX § 404.

Section 404 was intended to improve public company internal controls over financial reporting (ICFR). Faulty internal controls were believed to have contributed to many corporate scandals during the dot-com era. Empirical research of the pre-SOX era suggested that reporting companies with poor internal controls tended to have more frequent earnings restatements, more SEC enforcement proceedings, and poorer performance than comparable firms with strong internal controls.

Section 404(a) required the SEC to promulgate rules requiring reporting companies to include a statement by issuer management acknowledging their responsibility “for establishing and maintaining an adequate internal control structure and procedures for financial reporting” and assessing, “as of the end of the end of the issuer’s most recent fiscal year, the effectiveness of the issuers’ internal controls for financial reporting.” Section 404(b) required the issuer’s external auditor to “attest to, and report on,” management’s assessment of the reporting company’s ICFR. It further required the PCAOB to promulgate auditing standards governing such attestations.

When SOX was first adopted § 404 was not among the statute’s most controversial provisions. Instead, it was the attorney conduct rules, CEO and CFO certification requirements, and the ban on loans to officers and directors—plus the larger question of federalizing corporate governance—that generated most of the early criticism aimed at the statute. Once companies began implementing § 404’s mandate for assessments of their ICFR and it became apparent that compliance costs were vastly greater than anticipated, however, § 404 quickly became what former Securities and Exchange Commission (“SEC”) Commissioner Paul Atkins called SOX’s “most controversial provision.”

A couple of years ago, UCLAW’s Lowell Milken Institute held a symposium on SOX at Twenty, which was reprinted in the Business Lawyer. My contribution was a reevaluation of § 404 as it had evolved.

I will not be able to attend the House hearing (despite an invitation), but if I was there I would tell the Committee that there is a considerable body of empirical evidence on the costs and benefits of § 404, which this article reviews. As it turns out, however, there are so many potential confounding factors that all of the evidence must be viewed with a degree of skepticism. Nonetheless, a few conclusions can be drawn.