Clive Fiedor CA on the A-Z of SOX compliance
ICAS speaks with Clive Fiedor CA, Regional SOX Leader at Jabil Inc. about his career journey through Silicon Valley, financial restatements and SOX compliance.
From office junior to international CA
I didn’t choose accounting as a career – the career chose me. I left high-school at 17 years old to become an office junior with Scott Oswald & Co in Edinburgh. I performed mundane tasks such as office deliveries, mail and photocopying, but being in that environment helped me get focused.
I began to excel at my office junior duties, which included reconciling the amount of coffee consumed with the pennies collected per each cup drank. I started maintaining the office billing records, which were all maintained manually, and then progressed to assisting the partners in preparing financial statements for smaller business clients.
That’s when the accounting bug hit. I took a few courses at Napier University and part one of the Chartered Association of Certified Accountants exam to get my degree equivalent. Scott Oswald then sponsored my application to ICAS. I am grateful to the senior partners that supported my application for the CA training.
A journey to Malawi (after a quick map-check)
After qualifying as a CA, my wife and I wanted to go somewhere very different. We were looking at Papua New Guinea and Africa as options. In 1984, I had an opportunity to work with Deloitte & Touche in Malawi for two and a half years.
I did some research after making the decision to go as we had never heard of Malawi and had no idea what to expect – we didn’t even know where the country was on a map.
My role was an audit supervisor, first in Blantyre and then in the capital, Lilongwe. I was exposed to audit clients spanning financial institutions, agriculture and manufacturing in Malawi, Zimbabwe and Zambia, as well as the Reserve Bank of Malawi.
The EY merger happened and all overseas transfers were cancelled... we were mentally already there and just decided to go on our own volition.
The experience was incredible. I would advise every young person to go somewhere totally different and experience working and living in different cultures.
We returned to Scotland to have our first child. I was working at Ernst & Whinney as an audit manager and started exploring opportunities to work overseas in 1989. We were working on a short-term secondment to Paramatta, Australia, but the EY merger happened and all overseas transfers were cancelled.
We had gone through the various processes for visas, passports and inoculations – we were mentally already there and just decided to go on our own volition. We moved to Adelaide, South Australia because my brother was living there.
The accounting profession in Silicon Valley couldn’t keep up with the technology boom, so accounting firms started looking globally.
The biggest surprise when we arrived in Australia was the CA designation was not a fully recognized qualification. As I wanted to remain working in the accounting profession, I signed up for a bridging course at the University of Adelaide to obtain the equivalent Australian qualifications.
I was admitted as a member of both the Association of CPA’s in Australia (March 1992) and the Institute of Chartered Accountants in Australia (July 1993) and re-joined EY as a senior audit manager.
One day at work, I saw a poster of Uncle Sam in the breakroom that said, ‘We want you in Silicon Valley’. The accounting profession in Silicon Valley, California couldn’t keep up with the technology boom, so accounting firms started looking globally to supplement local resources. After six wonderful years, we left Australia and moved to San Jose, the capital of Silicon Valley.
What were your experiences in technology as the industry was booming?
On joining the EY in San Jose office, I thought I’d be given a lot of high-tech clients, but the incumbent senior managers were offloading jobs they didn’t want. To get the high-tech experience, I joined internal audit services that all the big accounting firms were offering clients at that time.
The role switch gave me instant exposure to the high-tech audit clients, as well as license compliance, revenue assurance and other interesting projects. I spent more time travelling and in capital cities throughout Asia and Europe than in the US – I was basically only home for short periods on weekends. I did that for two years and loved that experience, but my family was not as enamoured with my travel schedule.
How do you get work-life balance? What did you have to give up, if anything?
No matter how much you enjoy your work, when your wife and children question your travel and work hours, that’s a wakeup call. The most important thing in life is your family, and in hindsight, what I did was very selfish.
Flying to different countries and experiencing culturally diverse cities is exciting and stimulating – it’s like a drug – but you don’t realize the misery you are imposing on family members in doing that.
Now, I try to maintain an appropriate work / life balance. Working less hours and spending weekends at home. To be successful at work, you must meet targets, achieve goals and over-deliver, but you also need to retain a focus on family to be successful at life.
What was your next career move in Silicon Valley?
I left EY San Jose in 2001 after four years, to set up the internal audit department of Veritas Software Corporation in Mountain View, California (now a private company owned by The Carlyle Group). The company grew from nothing to $1bn in revenue in a very short time.
In Silicon Valley, start-ups often grow quickly and play catch-up with controls and the compliance needs of the business. I heard about the Veritas opportunity through EY. However, when I joined, I didn’t know that Veritas had issues with financial reporting and not being GAAP compliant.
One of my first challenges was dealing with a financial restatement. Veritas had incorrectly inflated revenue from barter deals and this meant working with outside counsels and auditors in a manner I had never experienced before.
The Sarbanes–Oxley Act (SOX) also came along in 2002. Implementing SOX put a tremendous strain on public companies because there was little guidance available. Everything became a key control that was documented and tested.
The level of documentation to support the SOX program was insane – but like lemmings jumping off a cliff, everyone involved in SOX year one was pretty much following the same path.
As part of that experience, we discovered the controller organization, both in the US and at other locations globally, were operating a scheme to manage financial reporting by manipulating reserves and smoothing numbers. That turned into a second financial restatement and a dramatic plunge in the stock value for Veritas.
Because I was deemed to be part of the Veritas staff, it seemed as if I was being assumed guilty by association. All my reports, work products, email communications and data saved on my computer hard drive came under intense scrutiny.
My current role with Jabil, Inc. is my first venture outside internal audit with a total focus on SOX compliance.
This was a very traumatic situation as I was dealing with conflict and trying to fix controls – yet was under investigation along with people who were perpetrating the assessed fraud. The stress of being subpoenaed and interviewed by attorneys and the SEC is horrendous, but (in hindsight) it was a great learning experience.
Since leaving Veritas in 2005, I have led internal audit teams for seven public companies over a diverse range of industries including software, contract manufacturing, services, communications, semi-conductor and computer storage.
I’ve worked with start-ups and multinational corporations with gross revenues ranging from $100M to $20B. My current role as Regional SOX Leader with Jabil, Inc. is my first venture outside internal audit with a total focus on SOX compliance.
What did you learn from the process of financial restatement?
Today, I’m very careful about documentation and, specifically, how I write emails. Correct language is important – words matter. During various investigations throughout my career, my emails have been dissected and (mis)interpreted in unusual ways by different examiners.
I had to demonstrate good faith and prove through the email chain that I always acted with integrity and was not party to any conspiracies, collusions, cover-ups or wrongdoing.
I’ve used my investigation experiences with companies that wanted someone who had already gone through an investigation. The occurrence of an investigation can be very stressful but navigating through all the events that arise helps you to manage adversities and conflicts and other stress-related situations.
How has SOX compliance changed over the years?
When the Sarbanes-Oxley Act (SOX) legislation was passed in 2002, it was the most sweeping change to securities law since the SEC was established. Two years later Auditing Standard No.2 was published to provide guidance and then replaced by Auditing Standard No.5 (AS5) in 2007.
One of the most important differences introduced by AS5 was to emphasize risk assessment as the cornerstone for designing SOX programs. AS5 promotes a principles-based focus that seeks to eliminate unnecessary procedures and costs.
SOX remains a costly challenge for many businesses and the legislation lacks flexibility... it could be improved by introducing tiers.
I am a vociferous advocate for SOX and establishing control frameworks. Often overlooked in the debate about SOX are the contributions it has made in generating a greater focus on corporate governance and promoting stronger ethics and compliance programs - and also needed improvement in audit quality.
However, the main issue with SOX is it remains a costly challenge for many businesses and the legislation lacks flexibility. Having worked with public companies of a variety of size, I believe SOX could be improved by introducing tiers and making it easier to implement as organizations scale.
While SOX has evolved since its inception, there probably needs to be a rethink on how to structure SOX compliance for smaller companies that are disproportionately impacted by the associated costs.
Where do you see the opportunity within SOX compliance? How can a young CA get involved in your line of work?
Since its inception, various politicians, groups and individuals have called for the repeal of the Sarbanes Oxley Act, challenging the law in the courts. SOX has survived, and some say thrived despite its many critiques and adversaries.
I believe SOX compliance will be a requirement for US public companies for the foreseeable future regardless of political swings and electoral preferences. To compliment SOX, there is a growing realization that an effective enterprise risk management (ERM) program can help organizations be more competitive and help business leaders make more informed decisions. There is now a Committee of Sponsoring Organizations’ (COSO) ERM to promote risk management best practices.
I would recommend CAs wishing to come to the US should get familiar with cybersecurity and IT best practices.
With the growing dominance of cloud solutions in IT architectures, there has been much more focus on IT risk management and cybersecurity. System access & security change management and IT general controls are being given more attention by the SEC and auditors. Because of this growing focus and demand for associated skillsets, I would recommend CAs wishing to come to the US should get familiar with cybersecurity and IT best practices.
With the prominence of SOX compliance in financial reporting and importance of IT risk management, there will always be opportunities for CAs in the US.
How has ICAS helped?
Because of its perceived eminence, the CA credential is the only one I have maintained active. It’s a great investment because it opens doors and provides opportunities for professional and personal growth globally.
I am an ambassador on the West Coast and would like to mentor young CAs in Silicon Valley. Despite everything going on, California is the best place to be. It’s similar to New York except we’ve got much better weather.
About the author
Andrea Murad is a New York–based writer. Having worked on both Wall Street and Main Street, she now pursues her passion for words. She covers business and finance, and her work can be found on BBC Capital, Consumers Digest, Entrepreneur.com, FOXBusiness.com, Global Finance and InstitutionalInvestor.com.