Advertising agencies often work for companies that are publicly traded and subject to SOX (Sarbanes Oxley Act). Even if one of your clients is not publicly traded, it may do business in a highly regulated environment.
What does this mean to you and your firm? There are several potential pitfalls you need to be aware of and avoid. To stay out of trouble, you need to be informed, diligent and vigilant. You have to understand the regulatory issues your client faces and try to mitigate the risks in all areas of your work together.
The best way to stay out of trouble is to know what trouble looks like. Here are a three good examples / typical ways agencies can find themselves in hot water:
The agency doesn’t ask if the customer has a risk and compliance officer.
Larger companies (and almost all publicly traded ones) typically have a GRC (governance, risk and compliance) officer who reports to the CFO/CAO to ensure SOX is being implemented effectively throughout the organization. We know about the risks of errors or omissions in our work, but do you know what your day-to-day contact has to provide to be compliant? If you don’t, you need to ask. This can impact how you collect data, what data you can collect, what IT Governance you are required to comply with and whether you are subject to ISO (International Organization for Standardization) rules or not. Your MSA/SOW (master service agreement/statement of work) may not lay out all of the items you need to be in full compliance. You don’t want to have your client come in for their regularly scheduled, on-site audit at your office and you end up getting fined for something you omitted to provide because you didn’t realize you needed to and were out of compliance.
Unfamiliar with auditing and accounting rules, agency staff ends up being sloppy and incomplete with documenting the work performed.
For instance, if you have a purchase ordered for a SOW and you come in under budget, you cannot move time from a different SOW that is tied to another purchase order with "more budget left or room for billing." Time movement is one of the number-one ways agencies get in trouble with their clients. Several large, publicly traded ad agencies have had unfortunate press for inaccurately accounting their time and losing a major account after a client audit. This can be avoided with an effective enterprise accounting system and a solid process of controls and monitoring to ensure the accuracy of your billing.
At another firm I worked for, we moved hours between SOWs. This was with a Fortune 500 company. Even though the MSA stated they would audit annually, the client never audited for over 10 years. The daily client contacts stated in writing that we could move time between SOWs. However, they did not verify that with their own purchasing and audit people. On the 11th year of being the preferred partner, the audit team found the moved time and requested the firm to not only pay back the dollars that had been moved, but also made us go through an RFP the next year. The firm I was with lost the bid. Why? One of the main issues was the lingering issue with our previous audit. It was a significant amount of revenue and had a detrimental impact to the firm. You can never be too careful.
The agency CFO should be aware of any time anomalies and swiftly provide corrective measures. At HCB, we're very careful to provide complete transparency to our clients via our monthly financial trackers. If we are over on a piece of work, they see it. If we are under, they see it. If a client wishes to amend a purchase order to meet its budget needs, we require it in writing (and approval from our client's purchasing dept.) prior to receiving the revised purchase order. Simply assuming that finance/purchasing is aware of the change is a major audit issue risk. Never assume your day-to-day contact is in frequent communication with his or her finance/purchasing department. Agencies can avoid many headaches with documentation and follow-up. We can also help our clients.
The agency does not keep up with laws and regulation changes.
Agencies are the stewards of their clients' brands. Therefore, we must make sure all the work we deliver is compliant with any new laws and regulations. For example, new regulations have recently passed regarding ADA (Americans with Disabilities Act) compliance with accessibility of websites and other digital properties. The Supreme Court recently ruled that blind people can sue retailers if their websites are not accessible. If you work for a company, does your agency make sure the websites they create for you are compliant with ADA accessibility? Who is assigned at your company to stay on top of the everchanging regulatory / legal landscape? Keeping up with regulations can be a time-consuming task. But it can be more costly if you choose not to. Fines and penalties can add up very quickly and are steep. And, nothing hurts as much as losing a client. Especially over poor bookkeeping and compliance! Make sure you avoid this pitfall.
To summarize, as agencies functioning in a highly regulated industry, we must:
- Be diligent,
- Know the laws that impact clients and our work with them,
- Regularly assess risk,
- Determine what should be communicated and how information is shared,
- Set up control activities,
- Monitor the control activities, and
- Quickly remediate any issues that we find.
The cost-benefit relationship between having a control environment or not, depends on your agency's level of exposure and the risk you are willing to take. Be savvy and set up the proper framework now to serve your current (and future) clients for years to come.
Kathie Jones works diligently to help HCB Health and its nearly 80 employees across three offices stay informed and compliant. She has been CFO at HCB Health since 2017 and added the COO title in October of 2019. She brings more than 25 years of experience in finance and compliance working for major advertising agencies, public companies and other organizations. Kathie holds her Bachelor's Degree in Business and her CPA.
Kathie Jones is CFO at HCB Health.