Communication to Eliminate Tax Risk –
Communication and Beyond Tax Risk Management
IN AN ATTEMPT to address the occurrence of material weaknesses under SOX 404 (dealt with in chapter 8), and in an attempt to limit these exposures, Margaret S. Thomas CPA in her lecture notes on “Sarbanes-Oxley 404: Compliance and Beyond,” 2006 states that “an ethical cultural environment should be created in any business. Management should create policies that create a positive environment for employees, without fear of reprisal, to report unusual occurrences. All incidents of alleged fraud or discrepancies must be investigated promptly and action taken. Employees must be encouraged to come forward with any information that may have an impact on the business.”
Another area of risk is the failure of having frequent and timely meetings with the BO/CFO and the tax manager, internal auditors, and external auditors. The audit committee should meet privately with the BO/CFO, as well as with internal and external auditors to discuss the reasonableness of the reporting process, system of internal controls, tax risk, and other areas of potential concern.
In her notes Thomas goes on to share some of the following techniques that businesses can employ to ensure full compliance with compliance provisions such as SOX 404, which reiterate the processes that businesses should follow in any Tax Risk Management process :
• The board and audit committee regularly discusses the effectiveness of internal controls over financial reporting, accounting policies, and procedures, including tax risk management Tax Risk Management.
• The board of directors reviews financial statements before they are released.
• The board or audit committee monitors information from anonymous reporting vehicles.
• The board and audit committee allocates time for discussion of issues without management present.
• The audit committee has at least three independent members.
• Internal control objectives, including information on tax risk management, and their importance, are communicated by e-mail or voice mail, regular conference calls, or Web casts.
• The company maintains an intranet site and posts information regarding internal controls and tax risk management.
• The company provides summaries of laws and regulations affecting internal controls and tax risk management.
• There is a direct line of communication with senior management either by e-mail or an open-door policy.