Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

The recent WeWork IPO debacle is only the latest in a string of initial public offerings that have failed to deliver the desired result for their parent companies. Put simply, investors and employees wanted a big exit. Instead, the company faces the prospect of bankruptcy.

The company’s failed IPO serves as a “canary in the coal mine” for other unicorn ventures with no profitability in sight. Namely Peloton, Uber, Lyft, Sunnova, and SmileDirectClub, all of which have seen their stock prices drop relative to their debut, should be worried that deep staff cuts and a rocky future could follow.

The failure of WeWork and other tech IPOs begs an important question: Why are private companies struggling so badly with their internal controls? Specifically, they’re failing to give adequate attention to data quality, audits, regulatory compliance, and necessary financial practices.

WeWork’s internal control problems

With WeWork, issues related to the company’s internal controls became apparent from the time the company first filed its S-1 documentation. These documents revealed the company had given CEO Adam Neumann a questionable level of control over business operations, while WeWork was also rapidly burning through its cash supplies, despite ever-increasing revenue.

Neumann’s voting shares and business practices (including the stipulation that significant power pass to his wife in the event of his death) raised significant concerns.

This caused the company’s valuation to plunge from an estimated $47 billion in January to as little as $10 billion after the S-1 was filed. Continued pushback eventually resulted in Neumann resigning and giving up his majority voting control. This was all too little, too late for the IPO, which has now been withdrawn and delayed indefinitely.

A widespread concern

WeWork is hardly unique in the tech world with its issues in implementing sound internal controls. Many of the issues facing tech startups stem from differences in how private and public companies are affected by the Sarbanes-Oxley Act. Section 404 of the Act requires that public companies provide internal control reports that affirm the ethical and responsible management of their finances.

Many private companies willingly comply with these directives, but the Act does not legally require that private organizations submit these reports. And because internal control policies can affect the bottom line, many companies neglect this area to focus on profitability. This is especially true of smaller companies, which studies have found are disproportionately affected by assessment costs. For example, at all six companies I founded or co-founded, we didn’t even think about promulgating internal control reports due to the time and cost they involved.

But you can bet that I advocate for them strongly now at the startups I advise. Startups should lay those first building blocks of control infrastructure right at the outset — even if they’re as simple as triggering an expenditure review for items over $1,000 or automating an email that reminds the team to change passwords monthly. More often than not, these mild “costs” pay dividends later on.

Startup culture can also play a role in developing poor internal controls. Working with a small team and in a constantly shifting environment can make it more difficult to enact basic internal control procedures, such as separating financial responsibilities like bookkeeping and auditing, having standardized financial documentation, or requiring additional approvals to perform certain transactions.

At my first, third, and fourth companies, we merged accounting and auditing early on in order to save on costs. And at every pre-Series-A startup I’ve consulted for, requiring additional approvals for spending limits was an afterthought that leadership saw as “bureacracy” and an affront to startup speed. That cavalier approach ended with my most recent startup, where, from its inception, we designed systems around checks and balances: Internal documents have clear custodianship, we have monthly financial and intellectual property audits, run daily bank reconciliations against expenses, and our reimbursement processes require original receipts.

“Speed is king” is a mantra you can live by in the short run, but it can have disastrous long-term effects. A focus on profits can cause internal controls to take a backseat. A lack of organization can also very easily cause tech startups to lose track of their cash flow, something SmallBizTrends estimates plays a role in as many as 82% of business failures.

Worse still, poor internal control can increase the risk of fraud.

As Nathan Edwards writes for The Innovation Enterprise, the hazards of poor internal control “range from the risk of encouraging unethical behavior, and the fines levied as a result, to basic accounting mistakes that arise from overly complex spreadsheets, which could lead to exaggerated profits or losses and overpayment of taxes. Lack of controls over transactions can result in inappropriate recording of revenue, theft of inventory and cash, and excess inventory purchases …” To Edwards’ point: At least one executive ended up in jail and two others were sanctioned by a court at startups I’ve been involved with — and the nucleus of the offending behavior was unchecked by but could have easily been halted by even modest internal controls.

What you can do

The example of WeWork and other recent failed IPOs should serve as a cautionary tale — regardless of whether or not your startup is considering an IPO. Without proper internal controls in place, your company is putting its long-term prosperity at risk.

Management should use both detective and preventative measures to protect a company’s finances. I can say from first-hand experience, an independent auditor — unrelated to the company’s financial controller — is a must. And executives from day one should take a hands-on approach to understanding quarterly financial audits.

Even basic steps like backing up computer data or requiring password entry to complete a transaction can reduce fraud and error. Implementing a written code of conduct will encourage ethical behavior and lay out consequences for fraud. Detective controls like internal auditing will help uncover any errors, while also ensuring procedures are in place to correct any issues in a timely manner.

If you’re a private company, regardless of your size, you need to take a look at what internal controls you currently have in place. At my current company, we examined the paper trail around expenses, reimbursements, revenues, and intellectual property to find our own “gaps” and fill them — much as you’d apply “SWOT analysis” to find gaps in an executive team’s skills. Recognizing deficiencies will prove vital not only for any future plans for going public but also for keeping finances in the black and establishing credibility.

It doesn’t take a failed IPO for poor internal controls to rear their ugly head. The unfortunate truth is that many private companies don’t have adequate procedures in place. Unless decision makers in these organizations step up to improve their processes, expect to see even more tech IPO failures in the future.

Jordan French is the Founder and Executive Editor at Grit Daily News — his sixth startup.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.