Language Selection

English French German Italian Portuguese Spanish

SEC gets a taste of its own medicine

Filed under
Security

Like a professor flunking part of his own test, the agency that grades corporate America on its accounting announced Thursday that it had three major flaws of its own in its internal systems for preventing financial fraud or mistakes.

The Securities and Exchange Commission got a passing grade for financial accuracy in its first-ever audited financial statements. But the Government Accountability Office found the SEC lacking in how it tracks fines and penalties collected from corporations and others, how it ensures that unauthorized people can't tamper with its computer systems, and how it prepares its financial reports.

The finding was part of the SEC's first annual Performance and Accountability report, required by a 2002 law that aimed to make government agencies account for how they spend taxpayer dollars.

That the SEC had to disclose three ``weaknesses'' will probably be a bittersweet irony for the hundreds of valley companies that file their financial reports for SEC approval. Many of them have been loudly decrying the cost and burden of new requirements to document and test such controls, while getting only minimal relief from the SEC.

``This will probably give people in public companies a lot of emotional satisfaction, seeing the SEC hoisted on its own petard,'' said Bill Sherman, a corporate lawyer with Morrison & Foerster in Palo Alto.

Asked by reporters on a conference call if it was embarrassed to have failed standards it enforces every day, the SEC reacted like many of the dozens of companies that have reported material weaknesses -- by focusing on the positive.

``We feel the process was a healthy process,'' said Peter Derby, the SEC's managing executive for operations, noting that the SEC was fixing the problems.

Other executives say they'd laugh at the irony if they weren't still crying over the multimillion-dollar cost and thousands of hours required to document and test their controls -- made mandatory in the 2002 corporate crackdown law known as Sarbanes-Oxley. ``It's amusing,'' said Bryan Stolle, chief executive of Agile Software.

``But the damage and the pain is so high, it's a shame.''

David Dunlap, chief financial officer at Socket Communications in Newark, said he's not surprised the SEC's first audit wouldn't be perfect. But he said it's ``satisfying'' that the SEC is now following its own rules.

``What's good for the goose is good for the gander.''

By Deborah Lohse
Mercury News.

More in Tux Machines

Linux 4.14-rc2

I'm back to my usual Sunday release schedule, and rc2 is out there in all the normal places. This was a fairly usual rc2, with a very quiet beginning of the week, and then most changes came in on Friday afternoon and Saturday (with the last few ones showing up Sunday morning). Normally I tend to dislike how that pushes most of my work into the weekend, but this time I took advantage of it, spending the quiet part of last week diving instead. Anyway, the only unusual thing worth noting here is that the security subsystem pull request that came in during the merge window got rejected due to problems, and so rc2 ends up with most of that security pull having been merged in independent pieces instead. Read more Also: Linux 4.14-rc2 Kernel Released

Manjaro Linux Phasing out i686 (32bit) Support

In a not very surprising move by the Manjaro Linux developers, a blog post was made by Philip, the Lead Developer of the popular distribution based off Arch Linux, On Sept. 23 that reveals that 32-bit support will be phased out. In his announcement, Philip says, “Due to the decreasing popularity of i686 among the developers and the community, we have decided to phase out the support of this architecture. The decision means that v17.0.3 ISO will be the last that allows to install 32 bit Manjaro Linux. September and October will be our deprecation period, during which i686 will be still receiving upgraded packages. Starting from November 2017, packaging will no longer require that from maintainers, effectively making i686 unsupported.” Read more

Korora 26 'Bloat' Fedora-based Linux distro available for download -- now 64-bit only

Fedora is my favorite Linux distribution, but I don't always use it. Sometimes I opt for an operating system that is based on it depending on my needs at the moment. Called "Korora," it adds tweaks, repositories, codecs, and packages that aren't found in the normal Fedora operating system. As a result, Korora deviates from Red Hat's strict FOSS focus -- one of the most endearing things about Fedora. While you can add all of these things to Fedora manually, Korora can save you time by doing the work for you. Read more

BackSlash Linux Olaf

While using BackSlash, I had two serious concerns. The first was with desktop performance. The Plasma-based desktop was not as responsive as I'm used to, in either test environment. Often times disabling effects or file indexing will improve the situation, but the desktop still lagged a bit for me. My other issue was the program crashes I experienced. The Discover software manager crashed on me several times, WPS crashed on start-up the first time on both machines, I lost the settings panel once along with my changes in progress. These problems make me think BackSlash's design may be appealing to newcomers, but I have concerns with the environment's stability. Down the road, once the developers have a chance to iron out some issues and polish the interface, I think BackSlash might do well targeting former macOS users, much the same way Zorin OS tries to appeal to former Windows users. But first, I think the distribution needs to stabilize a bit and squash lingering stability bugs. Read more