“Should we transition to the COSO 2013 framework?” Even for companies not mandated to adopt it, this has become an increasingly common question throughout the business world since May 2013, when the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released the much-discussed update to its internal controls framework.*
COSO’s original version, released in 1992, was accepted by the U.S. Securities and Exchange Commission (SEC) as a framework for verifying internal control over financial reporting (ICFR). However, the updated framework takes into account major global shifts that have occurred in the past two decades, including the explosion of the Internet and the passage of the Sarbanes-Oxley Act of 2002.
Should your company adopt the COSO 2013 framework? Although small private businesses are not typically required to adopt, embracing the updated framework can create valuable benefits for companies of all sizes. Consider these four benefits your business could experience by making the transition.
Benefit #1: Improved internal controls
Over the past 20 years, countless organizations have failed because of ineffective risk management and related internal controls. According to the COSO board, the updated framework offers companies more effective internal controls, which will allow organizations to better mitigate risks and have the data necessary to support sound decision-making. As an executive, you could tap into the 2013 framework to evaluate how to improve the effectiveness of your internal controls as well as your company’s overall efficiency.
Benefit #2: Enhanced cybersecurity
In today’s digital age, companies face an onslaught of fraudulent activity, cybersecurity threats and other risks. “There is growing concern at all levels of industry about the challenges posed by cybercrime,” said Bob Hirth, COSO chairman and senior managing director for Protiviti. “This new [framework] helps put organizations on the right path toward confronting and managing the frightening number of cyberattacks.”
Benefit #3: Major cost savings
In a benchmarking study from Robert Half and Financial Executives Research Foundation, the research affiliate of Financial Executives International (FEI), more than 95 percent of executives in the United States and Canada who were surveyed said they expect their organization’s regulatory compliance costs to rise or stay the same over time.
According to COSO, if organizations implement the 2013 framework correctly, it will allow them to streamline processes, establish more effective internal controls and manage compliance costs.
Benefit #4: More (positive) attention from investors
Investors are scrutinizing the performance of public companies more than ever before. If your company adopts the 2013 COSO framework, you’ll have a more effective set of risk management controls in place, making your organization more attractive to potential investors and better prepared for an IPO.
A COSO report notes: “For a public company, stronger corporate governance should translate into stronger business results and increased shareowner value.” When organizations transition to the 2013 framework, they can tout their commitment to integrity and ethical values and effective internal control to potential investors.
*COSO, a joint initiative of five private sector organizations, develops frameworks and guidance on enterprise risk management, regulatory compliance, internal control and fraud deterrence.
This blog post is for informational purposes only. Please consult a professional for advice about your particular company.