Language Selection

English French German Italian Portuguese Spanish

SEC gets a taste of its own medicine

Filed under
Security

Like a professor flunking part of his own test, the agency that grades corporate America on its accounting announced Thursday that it had three major flaws of its own in its internal systems for preventing financial fraud or mistakes.

The Securities and Exchange Commission got a passing grade for financial accuracy in its first-ever audited financial statements. But the Government Accountability Office found the SEC lacking in how it tracks fines and penalties collected from corporations and others, how it ensures that unauthorized people can't tamper with its computer systems, and how it prepares its financial reports.

The finding was part of the SEC's first annual Performance and Accountability report, required by a 2002 law that aimed to make government agencies account for how they spend taxpayer dollars.

That the SEC had to disclose three ``weaknesses'' will probably be a bittersweet irony for the hundreds of valley companies that file their financial reports for SEC approval. Many of them have been loudly decrying the cost and burden of new requirements to document and test such controls, while getting only minimal relief from the SEC.

``This will probably give people in public companies a lot of emotional satisfaction, seeing the SEC hoisted on its own petard,'' said Bill Sherman, a corporate lawyer with Morrison & Foerster in Palo Alto.

Asked by reporters on a conference call if it was embarrassed to have failed standards it enforces every day, the SEC reacted like many of the dozens of companies that have reported material weaknesses -- by focusing on the positive.

``We feel the process was a healthy process,'' said Peter Derby, the SEC's managing executive for operations, noting that the SEC was fixing the problems.

Other executives say they'd laugh at the irony if they weren't still crying over the multimillion-dollar cost and thousands of hours required to document and test their controls -- made mandatory in the 2002 corporate crackdown law known as Sarbanes-Oxley. ``It's amusing,'' said Bryan Stolle, chief executive of Agile Software.

``But the damage and the pain is so high, it's a shame.''

David Dunlap, chief financial officer at Socket Communications in Newark, said he's not surprised the SEC's first audit wouldn't be perfect. But he said it's ``satisfying'' that the SEC is now following its own rules.

``What's good for the goose is good for the gander.''

By Deborah Lohse
Mercury News.

More in Tux Machines

How to: Disk partitioning for Linux and Windows dual-booting

Finally, there is an Extended Partition for all the other Linux distributions I am trying out on this little netbook. The actual number installed varies depending on what I am doing. There are currently six different distributions installed there, and there is enough free space at the end to add one or two more if I want. The important thing here is that the Linux grub bootloader will boot either a Primary or a Logical Partition without requiring any unusual manipulation of boot files or partitions. Ok, that's enough - probably more than enough. I hope that what all of this showed was that installing Linux doesn't require complicated disk partitioning, it can actually be quite simple. Read more

antiX 16 "Berta Cáceres" Linux OS Arrives without systemd, Based on Debian 8.5

Today, June 27, 2016, just a few moments ago, the developers of the antiX GNU/Linux operating system have had the great pleasure of announcing the final release of the antiX 16 distribution. Read more

Q4OS 1.4.12 Distro Receives the Latest Debian GNU/Linux 8.5 "Jessie" Updates

The Q4OS team have informed Softpedia today, June 27, 2016, about the immediate availability for download of a new maintenance release in the stable "Orion" series of the Debian-based GNU/Linux operating system. Q4OS 1.4.12 "Orion" is now the latest and most advanced version of the distribution build around the Trinity desktop environment, and it has received all the important security patches and software updates from the upstream Debian GNU/Linux 8.5 "Jessie" repositories, along with a couple of other improvements requested by users. Read more

Linux 4.7 RC5

  • Linux 4.7-rc5 Kernel Released
    The fifth weekly test release to the Linux 4.7 kernel is now available for testing. As of writing this article, Linus Torvalds has yet to send out an official 4.7-rc5 announcement but it's available for those interested in the latest installment of the kernel that's codenamed the Psychotic Stoned Sheep.
  • Linus Torvalds Announces Linux Kernel 4.7 RC5, Things Are Calming Down
    Another Sunday, another Release Candidate build of the upcoming Linux 4.7 kernel is out for testing, as announced by Linus Torvalds himself a few hours ago, June 26, 2016.
  • Linux 4.7-rc5
    Another week, another -rc. Hmm. I think things are calming down, although with almost two thirds of the commits coming in since Friday morning, it doesn't feel that way - my Fridays end up feeling very busy. But looking at the numbers, we're pretty much where we normally are at this time of the rc series. The stats looks fairly normal: about half the patch is drivers, roughly a quarter is architecture updates, and the remainder is "misc": filesystems, scheduler, mm, etc. The bulk of the drivers is GPU updates, but there's a smattering of rdma, hwmon, Xen, gpio, sound. The architecture side is powerpc, x86, some arm64, and some noise all over from some MM cleanups.. Go out and test. By -rc5, we really should be starting to be getting fairly ready. And please, if Thorsten Leemhuis is tracking one of your regressions, can you make sure to double-check it and see if it remains? It's lovely to have a regression tracker again, but it would also be really good to make sure that the ones that are solved get closed. Linus