SOX (Sarbanes-Oxley) Act

Enron, the world's seventh-largest business at the time, filed for bankruptcy on December 2, 2001, shocking the financial community, causing record-breaking layoffs, and decimating retirement savings accounts. The fall of Enron, which had assets worth more than $60 billion, continues to be a topic of fascination and considerable discussion about how to improve accounting rules and procedures. WorldCom filed for bankruptcy in the Southern District of New York, devastated by its $41 billion financial burden. With $107 billion in assets, WorldCom's bankruptcy dwarfs Enron Corp. as the biggest in American history.

Who are Sarbanes and Oxley ?

Senator Paul Sarbanes:

Paul Spyros Sarbanes was a lawyer and politician from the United States. He was a Marylander and a member of the Democratic Party who served in the House of Representatives from 1971 to 1977 and the Senate from 1977 to 2007.

Mike Oxley:

Michael Garver "Mike" Oxley was a politician from the USA. He was a Republican Party supporter. He represented Ohio's 4th congressional district in the US as a congressman. He was born in Ohio's Findlay.

What is SOX?

The Sarbanes-Oxley Act (SOX), which was passed in 2002, set regulations to safeguard the general public against deceptive or exploitative company activities. The act created a system of internal company checks and balances and promoted openness in corporate financial reporting.

In order to protect data, businesses should already be limiting access to internal financial systems. SOX compliance is a legal requirement and, generally speaking, plain good business sense. Businesses can lessen the risk of data loss from insider threats or cyberattacks by establishing SOX financial and cybersecurity controls as well.

History of SOX:

In response to many significant financial scandals, including those involving Enron, Tyco International, Adelphia, Peregrine Systems, and WorldCom, the Sarbanes-Oxley Act was passed in 2002.

When the share prices of the corporations fell, these scandals lost investors billions of dollars and damaged public trust in US securities markets.

Eleven titles in the Act cover anything from extra corporate board obligations to criminal penalties. The Securities and Exchange Commission (SEC) was assigned responsibility for enforcing and implementing these standards.

The Public Company Accounting Oversight Board (PCAOB), which is in charge of supervising, regulating, inspecting, and disciplining accounting firms in their capacities as auditors of public companies, was established by Harvey Pitt, the 26th chairman of the SEC, who also led the adoption of the rules.

Auditor independence, corporate governance, internal control evaluations, and improved financial transparency are additional topics covered by SOX.

It was passed with 423 votes in favour, 3 against, and 8 abstentions in the House and 99 votes in favour, 1 abstention, in the Senate.

President George W. Bush declared when he signed SOX into law that it was "the most extensive changes to American corporate practises since FDR's administration. There is no longer a time when boardrooms in America can operate with lax standards and fictitious earnings."

The Act bears the names of its authors, Paul Sarbanes and Michael G. Oxley

Sarbanes-Oxley Act of 2002 Goals:

1. To bring in significant level of responsibility to the senior most managers such as CEO/CIO/CFO.

2. To protect investors and increase their confidence in public companies.

3. To tighten the regulation of independent auditors.

4. To ensure proper reporting of financial results.

5. CFO, CEO & CIO should certify quarterly and annual reports.

6. He or she review the report being file.

7. To his or her knowledge the report doesn’t contain any untrue statements or omit any material facts.

8. The Financial statements and other financial information fairly present in all material aspects, the financial position, results of operations and cash flows.

SOX is compliance, Auditor has to make sure that their company is SOX compliant.

Since then, several countries have adopted their own SOX-like legislation, including Canada (2002), Germany (2002), South Africa (2002), Turkey (2002), France (2003), Australia (2004), India (2005), Japan (2006), Italy (2006), and Israel (2006).

Who Must Comply With SOX?

All publicly traded businesses that conduct business in the US, including fully owned subsidiaries and publicly traded international businesses, are required to abide by SOX.

Accounting firms that conduct public company audits are likewise subject to SOX.

The auditing function and accounting companies are separated by SOX. The company that audits a publicly traded company's books is no longer permitted to conduct the company's bookkeeping, audits, or business valuations. It is also forbidden to design or implement an information system, offer banking and investment advisory services, or consult on other management-related matters.

Private businesses, non-profits, and organisations that are not for profit are normally exempt from SOX's full requirements, although they still have to adhere to its prohibition on the intentional destruction or falsification of financial data and its associated penalties. In addition, whistle-blower protection is in effect, making it illegal to retaliate against someone who gives a law enforcement official information about a potential federal infraction that carries a maximum 10-year prison sentence.

Before going public, private enterprises who are considering an Initial Public Offering (IPO) must adhere to SOX.

Last but not least, SOX stipulates requirements for the implementation of payroll system controls. Accounting for a company's employees, wages, benefits, bonuses, paid time off, and training expenses is required, and some firms are also required to create an ethics programme with a communication strategy and code of ethics.

What if you don’t comply with SOX?

1. Failure to comply with Sarbanes-Oxley exposes senior management to possible prison time (Up to 20yrs), significant penalties (as much as $5 billion) or both.

2. External auditors will not sign their attestation of our control structure of compliance SEC investigation.

3. A minor problem may become a major issue, problems with investors, lenders and customers.

4. Brand problems- Confidence will be weakened, affecting stock price.

How Do Small Business Owners Get Affected by the Sarbanes Oxley Act of 2002?

Any publicly traded corporation, regardless of size, is subject to the Sarbanes-Oxley Act. Smaller businesses may find it difficult to ensure compliance with the Act because of the extensive financial reporting and internal auditing requirements.

According to the legislation, it is the management's responsibility to keep an auditing control system in place to guarantee the accuracy of financial accounts. Choosing a system is completely up to you. Most small businesses lack the teams of auditors and accountants that major corporations have to create their own systems. Small businesses might instead make advantage of the unrestricted framework created by the Committee of Sponsoring Organizations of the Treadway Commission.

Companies not affected by SOX:

1. Private companies and Non-Profit organizations SOX is not applicable.

2. But many private and non-profit try to comply. Reason is we attempt to meet the intent of the legislation.

3. It is important to maintain public trust as a non-profit organization.

Sarbanes Oxley compliance is a way of demonstrating due-diligence regardless of the act is actually mandatory.

Sarbanes Oxley compliance provides reasonable assurance that the organization is managed effectively and honestly.