The Sarbanes-Oxley Act of 2002 The Act, also known as the “Public Company Accounting Reform and Investor Protection Act” in the Senate and the “Corporate and Auditing Accountability and Responsibility Act” in the House of Representatives, is named after its sponsors, Senator Paul Sarbanes (D-Md) and Representative Michael Oxley (R-Ohio). The U.S. Congress passed SOX because of the Enron, WorldCom and Arthur Andersen accounting scandals among others.
The U.S. SEC enforces SOX to prevent deceptive business conduct, such as maintaining huge off-balance sheet debts, underreporting line item costs by capitalizing rather than booking, and inflating revenues with false accounting entries.
Under Section 404 of SOX, each annual financial report must include a report on internal control, which states that management is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting. Any internal control report must also contain management’s assessment of the effectiveness of the aforementioned structure and procedures and disclosure of security safeguards, violations and failures, attested to and reported by registered external auditors.
Since SOX compliance is crucial to keeping your company afloat here are the other sections of Sarbanes-Oxley that should be considered:
A company’s chief executive officer, or CEO, and chief financial officer, or CFO, are directly responsible for the accurate documentation and certification of all financial reports filed with the SEC. Creating audit, compensation and disclosure committees comprised of board members and securing good legal counsel can help strengthen internal controls and limit the company’s liability.
Since SOX Section 302 is intended to prevent faulty financial reporting, be sure to have verifiable security controls in place that prevent data manipulation, establish timelines and track access to data, periodically review for effectiveness and detect security breaches.
All company financial statements in periodic reports must be made with all liabilities, obligations or material off-balance sheet transactions audited by a registered public accounting firm and published to the public.
Any changes in a company’s financial condition or operations must be communicated in near real time using qualitative and trending information and graphical presentations to protect investors and the public interest.
Penalties of up to 20 years imprisonment await anyone who alters, destroys, mutilates, conceals, covers up, or falsifies any record, document, or tangible object with the intent to influence, obstruct, or impede a lawful investigation. An auditor who fails to maintain review documents for a period of 5 years will be fined and/or imprisoned for a period not to exceed 10 years.
All financial statements of the company included in the periodic reports must be certified by the chief executive officer and the chief financial officer with a written statement, in addition to that required by section 302, that they fully comply with the requirements and that the information contained therein fairly presents the financial condition and results of operations of the company.
