The study comes on the heels of actions by the SEC and PCAOB to require smaller public companies to comply with SOX this year.

In summarizing the results, Lord & Benoit suggests this list should be used by CFOs as a starting point for a macro-level risk assessment at smaller public companies. Identifying potential concerns, developing action plans to remediate these risks, and taking quick action can minimize the likelihood of an adverse Section 404 report at the end of the first year of compliance.

The Lord & Benoit study reveals that the first year of SOX compliance may be particularly challenging for smaller public companies as they transition from entrepreneurial to corporate growth. The top 10 threats to SOX compliance for smaller public companies appear to be:

(1) accounting and disclosure controls; (2) treasury; (3) competency and training of accounting personnel; (4) control environment; (5) design of controls or lack of effective compensating controls; (6) revenue recognition; (7) financial closing process; (8) inadequate account reconciliations; (9) information technology; and (10) consolidations, mergers, and intercompany accounts.

The Lord & Benoit study describes each of these 10 threats in greater detail. The study is based on the results of 148 public companies with evidence of material weaknesses and revenues under $100 million during their first management assessment under Sarbanes-Oxley Section 404. Using Audit Analytics data, companies with clean internal controls were excluded from the study.

10 Threats to SOX Compliance for Smaller Public Companies is available free of charge at www.Section404.org on the "Research" page.