Language Selection

English French German Italian Portuguese Spanish

SEC gets a taste of its own medicine

Filed under
Security

Like a professor flunking part of his own test, the agency that grades corporate America on its accounting announced Thursday that it had three major flaws of its own in its internal systems for preventing financial fraud or mistakes.

The Securities and Exchange Commission got a passing grade for financial accuracy in its first-ever audited financial statements. But the Government Accountability Office found the SEC lacking in how it tracks fines and penalties collected from corporations and others, how it ensures that unauthorized people can't tamper with its computer systems, and how it prepares its financial reports.

The finding was part of the SEC's first annual Performance and Accountability report, required by a 2002 law that aimed to make government agencies account for how they spend taxpayer dollars.

That the SEC had to disclose three ``weaknesses'' will probably be a bittersweet irony for the hundreds of valley companies that file their financial reports for SEC approval. Many of them have been loudly decrying the cost and burden of new requirements to document and test such controls, while getting only minimal relief from the SEC.

``This will probably give people in public companies a lot of emotional satisfaction, seeing the SEC hoisted on its own petard,'' said Bill Sherman, a corporate lawyer with Morrison & Foerster in Palo Alto.

Asked by reporters on a conference call if it was embarrassed to have failed standards it enforces every day, the SEC reacted like many of the dozens of companies that have reported material weaknesses -- by focusing on the positive.

``We feel the process was a healthy process,'' said Peter Derby, the SEC's managing executive for operations, noting that the SEC was fixing the problems.

Other executives say they'd laugh at the irony if they weren't still crying over the multimillion-dollar cost and thousands of hours required to document and test their controls -- made mandatory in the 2002 corporate crackdown law known as Sarbanes-Oxley. ``It's amusing,'' said Bryan Stolle, chief executive of Agile Software.

``But the damage and the pain is so high, it's a shame.''

David Dunlap, chief financial officer at Socket Communications in Newark, said he's not surprised the SEC's first audit wouldn't be perfect. But he said it's ``satisfying'' that the SEC is now following its own rules.

``What's good for the goose is good for the gander.''

By Deborah Lohse
Mercury News.

More in Tux Machines

Open source Linux-on-Zynq SBC debuts new FPGA add-on standard

Opal Kelly’s “SYZYGY Brain-1” SBC, which runs Linux on a Zynq-7012S, is a proof of concept for its SYZYGY standard for FPGA-driven peripherals. FPGA development firm Opal Kelly has gone to Crowd Supply to launch a development board to showcase its SYZYGY standard for FPGA peripheral expansion. SYZYGY bridges the gap between Digilent’s low-speed Pmod connector and the higher-end VITA 57.1 FMC (FPGA Mezzanine Card) standard. The open source, 110 x 75mm SYZYGY Brain-1 SBC runs Linux on a Xilinx Zynq-7012S SoC, a member of the FPGA-enabled Zynq-7000S family, which offers single Cortex-A9 cores instead of dual dual cores on the Zynq-7000 series. Read more

Why Linux can make you feel thankful or merely stuffed

There are many reasons why I came to appreciate Unix and then Linux and why they became such an important part of my life. These operating systems provided a focus and a career specialty that I've greatly enjoyed. I appreciate Linus Torvalds and the many thousands of developers who have contributed their time and energy into building a powerful, efficient and enjoyable operating system. I appreciate the many tools and commands that make them so easy to use and get my work done. And I appreciate the chances that I've had to share what I've learned with so many others. It's been fun, and it's been very rewarding. Read more

Ubuntu-Based ExLight Linux OS Is One of the Few to Use Latest Enlightenment 0.22

ExLight Build 171121 replaces last week's Build 171112, which used the older Enlightenment 0.20 desktop from the Ubuntu 17.10 (Artful Aardvark) software repositories, to update Enlightenment to the latest 0.22 release that the developer compiled from sources. This makes ExLight one of few distros to use Enlightenment 0.22. "Version 171112 uses Enlightenment 0.20 installed from Ubuntu’s repositories. Build 171121 of ExLight uses Enlightenment 0.22 installed by me from source," said the developer in the release announcement. "Only two Linux distributions in the whole wide world (besides ExLight) use Enlightenment 0.22 as desktop environment." Read more

Ubuntu 17.10 Users Get Major Kernel Update, 20 Security Vulnerabilities Patched

If you're using the latest Ubuntu 17.10 (Artful Aardvark) operating system on your personal computer, you should know that it received it's first major kernel update since the official release back in October 19, 2017. The update addresses a total of 20 security vulnerabilities for Ubuntu 17.10's Linux 4.13 kernel packages, including the Raspberry Pi 2 one. Among the security issues patched in this update, five are related to Linux kernel's USB subsystem, including a use-after-free vulnerability, which could allow a physically proximate attacker to crash the affected system by causing a denial of service (DoS attack) or possibly execute arbitrary code. Other three are related to the ALSA subsystem, including a race condition. Read more