The regulatory landscape has rarely been more uncertain for American business. Corporate governance scandals, an activist culture in state executive and legislative branches, new scientific discoveries, and other factors are combining to usher in a new era of government regulation. For a company that doesn’t anticipate the potential effects of upcoming legislation and regulatory guidelines, the costs of compliance could be just as debilitating as those of non-compliance.

Corporate Governance
For many years, government agencies like the Securities and Exchange Commission (SEC) delegated much of their regulatory duties to industry bodies, like the New York Stock Exchange (NYSE) and the American Institute of Certified Public Accountants (AICPA). Now, following the corporate malfeasance episodes that started hitting the news in 2001, the trend pendulum has swung back toward direct government oversight.

The SEC, for example, is committed to increased ownership of its regulatory duties. The commission has announced that it will be mandating accelerated and more comprehensive disclosure of financial information to investors, outlining further protections for investors, and enforcing SEC rules and regulations more swiftly and aggressively. Public companies also face a new set of rules governing how they get listed on U.S. stock exchanges, following the late 2002 compensation scandal at the NYSE.

But the most concrete development has been on the legislative front. June 1, 2004 is the deadline for compliance with most significant aspects of the Sarbanes-Oxley Act (the Act). Companies large and small currently are scrambling to take stock of their internal controls, find independent directors to sit on audit and compensation committees, and understand the full scope of the Act.

The Act, regarded as the most comprehensive and demanding corporate governance law in U.S. history, threatens serious sanctions for corporate officers, directors, lawyers, and outside accountants who violate accounting and reporting rules. For example, the maximum punishment for a CEO or CFO who falsely certifies financial statements submitted to the SEC or misleads outside auditors is 20 years in jail and $5 million in fines.

As alarming as the personal risks are in not complying with the Act, causing even more concern among executive teams is managing the enormous monetary and man-hour costs of complying with it. Due to the broad array of issues addressed in the Act — from establishing a whistle blower hotline to presenting detailed accounting information in highly specific ways — many companies are estimating that full compliance may require, annually, thousands of man-hours and millions of dollars.

In fact, some public companies view compliance with the Act as containing so many risks to profitability that they have taken the unusual step of removing their stock from the public markets. Similarly, some private companies with revenues under $500 million have decided that it’s not in their best interests to take the company public and operate under the Act.

Activism at the State Level
It isn’t just the federal government that is embracing regulation anew. From New York State Attorney General Elliot Spitzer’s investigation into conflicts of interest at investment banks to attempts by several states to outlaw different forms of aggressive corporate income tax planning, state regulators are taking their cue from the federal push for greater oversight of business.

Other Forms of Regulatory Compliance
Since September 11, 2001, regulatory compliance has become a critical risk issue for the companies that provide a nation’s vital infrastructure. For example, the EPA has issued new guidelines on how companies need to respond to disasters that could affect air and water quality, and airlines are still adjusting to new security guidelines.

Currently, the EPA is considering a major expansion in its air toxics program, through which the agency has issued 77 standards since 1990. New rules currently being considered would set higher clean air standards for institutional/commercial boilers, wood manufacturing, reciprocating engines, and combustion turbines, and automobile painting operations. Other federal and state agencies routinely issue new regulations that affect virtually every aspect of commerce.

What Will You Say When They Ask What Happened?
To better understand and manage the risks posed by ever-increasing regulation, you need to consider these questions:

• Is our board aware of new SEC proposed regulations, including one that will better allow shareholders to replace board members by a vote?
• What is my exposure if my auditors and lawyers don’t fully comply with the Act?
• Am I confident enough in my company’s financial statements and internal controls that I can personally vouch for them?
• Does my executive team fully understand the scope of Sarbanes-Oxley, and which parts of our business it affects?
• Should we forego our plans to go public and avoid meeting the requirements of the Act?
• Do our new audit committee members satisfy the Act’s mandate that they understand how to read corporate financial statements?
• Have I properly budgeted for the staff hours that it will take to comply with the Act?
• How can I better monitor developments at the federal level, so our organization can better anticipate new regulations?
• Do I have a team in place to influence policy at the legislative and regulatory level?
• Does my firm use aggressive tax planning techniques that are drawing the attention of the SEC, the IRS, and state regulators?
• How should I handle regulatory inquiries about how our company responded to various disruptions in our business, whether they are blackouts, power failures, natural disasters, or other disruptions?
• How can I best educate our board of directors that investing in a safe and healthy work place adds value to the organization?
• Should we hire lobbyists to advocate for legislation and federal regulations that would benefit our company?
• Are our plants as safe as they reasonably can be?
• How can we monitor all of our operations to ensure that we are in compliance with federal and state regulations?