What Are the Main Features of the Sarbanes-Oxley Act?

The Sarbanes-Oxley Act of 2002 came in the wake of several high-profile corporate accounting scandals, including those involving Enron, WorldCom and Tyco International. Confidence in publicly traded companies collapsed when the media revealed the details of unethical insider trades, corporate hubris and corruption of outside auditors. Congress enacted the Sarbanes-Oxley Act, named after Sen. Paul Sarbanes (D-Maryland) and Rep. Michael Oxley (R-Ohio), to rein in such practices.

1. Greater Oversight of Accounting Practices

o The act created the Public Company Accounting Oversight Board. The board regulates and inspects public accounting firms that deal with publicly traded companies. The act also requires CEOs and chief financial officers to establish internal accounting controls as a means to prevent fraud and malfeasance. These internal control summaries must be included in financial reports to increase corporate transparency. False statements on these internal control documents may subject company executives to criminal penalties.

Increased independence of auditors and analysts

o Sarbanes-Oxley lessens the influence companies wield over auditors and accounting firms. In previous situations of corporate reporting fraud, investigators found inappropriately close business relationships between some companies and the firms that audited them. This gave the auditors a financial incentive to portray the company in a positive light. Sarbanes-Oxley basically allows auditing of auditors as an oversight technique.

Increased Penalties for Corporate Crime

o Sarbanes-Oxley allows the Securities and Exchange Commission to penalize or bar securities professionals for inappropriate behavior, such as insider trading. The law also allows the SEC to punish executives who violate regulations. The SEC may bar executives convicted under Sarbanes-Oxley from directorships or officerships in public companies. The act increased prison sentences and fines for a number of corporate crimes. It also extended the statute of limitations for shareholders to sue for fraud or deceit perpetrated by the company.

Tighter Controls on Insider Activity

o The act places greater controls on insider activities. The SEC defines an insider as an executive officer, a director or a shareholder with at least 10 percent of outstanding shares. The act requires faster reporting of insider trades to the SEC than previously required. Any insider trades must be reported within 48 business hours of the trade. The act also bars any insider trades during retirement fund blackout periods. Blackout periods occur when the fund experiences major changes. Participants are prohibited from changing their investment options during this blackout period.

Sarbanes Oxley Explained

The Sarbanes-Oxley Act of 2002 must be complied with by all businesses. The main idea is to prevent fraud and put practices into place that protect businesses from such.

1. What is Sarbanes-Oxley?

o Sarbanes-Oxley is an Act that consists of 11 titles and 66 sections. Sarbanes-Oxley requires businesses comply with a number of controls to prevent financial loss because of fraud and unnecessary spending.

History

o Sarbanes-Oxley was drafted after the stock market disaster of the late 1990s, when investors lost trillions of dollars. During that time, a small number of individuals made billions at the expense of these investors.

Key Elements

o Sarbanes-Oxley forces business to be accountable for their actions, and to take responsibility to ensure their business practices are sound through the implementation of internal procedures and controls. These procedures and controls are then tested by auditors for compliance, and reported upon.

Cost

o The average cost of Sarbanes-Oxley compliance is $1.7 million. It is expected these costs will drop each year as companies become familiar with Sarbanes-Oxley practices and employ staff to handle it as a department.

Benefits

o The overall purpose of Sarbanes-Oxley is to reduce corporate costs and prevent fraudulent business practices. Sarbanes-Oxley improves financial practices and makes a business more efficient over time.

Sarbanes Oxley Act of 2002

The Sarbanes-Oxley Act is a law that reformed accounting requirements for public companies. Named after the main sponsors, Senator Paul Sarbanes and Representative Michael Oxley, it grew out of the corporate accounting scandals of the early 2000s.

1. Corporate Responsibility For Financial Reports

o Financial officers must sign off on all financial reports. signature image by kuhar from Fotolia.com

Section 302 of the act requires financial reports be signed by the financial officers and top executives, and not contain any untrue statements or omissions that mislead investors.

2. Off Balance Liabilities

o Off balance liabilities must be reported. balance sheet image by Darko Draskovic from Fotolia.com

Off balance liabilities must be published in periodic financial reports. Prior to the act, companies would move debt into various off balance instruments, such as transferring liabilities to a third party, that allowed firms to hide the liabilities from their balance sheets given to investors, leaving false impressions of the organizations' financial position.

3. Internal Control Structures

o The company or its accounting firm must report on the scope and effectiveness of its internal controls, which are procedures and checks against fraud. A description of these internal controls must be included in the firm's annual report.

Urgent Updates

o Section 409 requires companies to update the public on major material changes in their financial situation. This must be done on an urgent basis and be presented in a way easy to understand, utilizing graphs and visuals when appropriate.

Criminal Penalties

o Obstructing investigations can result in imprisonment. handcuff image by Marek Kosmal from Fotolia.com

Section 802 sets the punishments for altering or destroying financial documents with the intent of obstructing an investigation. Perpetrators face fines and up to 20 years in federal prison. Accountants who willfully fail to maintain required financial records may face fines and imprisonment of up to 10 years.

What Is SOX 404 Compliance?

In order for a business to attain SOX 404 compliance, it is necessary to establish business-reporting practices in line with section 404 of the Sarbanes-Oxley Act. The Sarbanes-Oxley Act is a set of internal control reporting provisions designed by the Securities and Exchange Commission.

1. Purpose of SOX

o The Sarbanes-Oxley Act was established by the SEC to protect investors from corporate mismanagement leading to fiscal injury.

SOX 404 Compliance Requirements

o Section 404 states that public companies must include an in-house assessment of their internal control over financial reporting with their annual report. This report must be accompanied by the attestation of an auditor.

Benefits of SOX 404 Compliance

o Companies with SOX 404 compliance are often viewed as safer investments due to their demonstrated commitment to fiscal transparency.

What Are the Disadvantages of Sarbanes Oxley?

The Sarbanes-Oxley Act of 2002 (SOX) was passed to prevent companies from engaging in accounting fraud similar to that perpetrated by Enron and Worldcom. While SOX increased the accuracy and validity of financial information for outside stakeholders, it created some challenges for businesses attempting to comply with SOX guidelines.

1. Internal Controls

o SOX compliance requires companies to implement several internal controls to safeguard the financial information of a company. Internal controls are specific to each accounting operation, such as accounts payable, cash reconciliations and fixed assets.

Expanded internal controls add processing time to accounting functions, delaying the timeliness of financial information. Additionally, employees must ensure that all paperwork is accurate and approved by supervisors. Increasing the number and functions of internal controls slows the closing time for each accounting period and delays financial statement preparation.

2. Increased Personnel

o An important function of SOX guidelines is the segregation of accounting duties. This ensures that one individual does not handle certain accounting processes from start to finish, which may increase the chances of fraud or embezzlement. In order to meet the segregation of duties requirement, companies must add additional accounting personnel. Using current employees outside the accounting office is not acceptable because it breaks down the internal controls function.

Additional Audits

o SOX guidelines require publicly held companies to have an annual audit conducted by a third-party accounting firm. The public accounting firm is limited in the total accounting services that it can perform. The separating of audit functions from consulting functions under SOX helps public auditors maintain an objective opinion about a company, but may require that more than one accounting firm be hired.

Increasing the number of audits and accounting firms that must be used by a publicly held company increases business costs. Higher audit and accounting fees require companies to adjust their budgets to pay for these accounting services.

More Regulations

o The SOX legislation was enacted in 2002, less than a year after the major accounting scandals of Enron and Worldcom. While the legislation provides some needed oversight in the accounting industry, it was not determined to be a final solution for the accounting industry. Future government regulations pose increased financial burdens on companies, increasing the costs of conducting businesses. Some regulations may also limit certain business operations.

Tougher Penalties

o Penalties for accounting fraud and embezzlement were increased under the new SOX guidelines. Unfortunately, some penalties enacted focused on minimal violations, such as not signing financial statements or issuing statements to the public stating that executive management has approved of any financial information released by the company. Strict penalties on such minor infractions may limit the executive talent pool if future management employees do not wish to be liable for such actions and penalties.

Fiduciary Duties under the Sarbanes-Oxley Act

∙ Following corporate financial scandals that seriously affected the economy and consumer confidence, Sen. Paul Sarbanes and Rep. Michael Oxley developed legislation to regulate financial practice and corporate governance, which was enacted in 2002. The Sarbanes-Oxley Act, also known as the Public Company Accounting Reform and Investor Protection Act, creates standards for corporate accountability and imposes strict penalties for violations.

Audit Services

∙ The Act establishes the Public Company Accounting Oversight Board, to provide independent oversight of public accounting firms providing audit services. If these firms provide a company with audit services, they may not provide it with accounting services such as bookkeeping; accounting; financial information systems design; actuarial, appraisal or valuation services; internal audit outsourcing; investment or brokerage services; legal services and any other service that the Board determines to be prohibited.

Transparency

∙ The Act calls for greater transparency and requires financial reports that contain financial statements to be prepared in accordance with the accounting principles set down in the Act. It also calls for disclosure of fiduciary transactions by every person who is "directly or indirectly the beneficial owner of more than 10 percent of any class of any equity security", including directors, officers, stockholders and family members.

Executives

∙ To ensure that executives do not claim that they were not responsible for financial reports and statements, periodic financial reports and statements must be accompanied by a written certification statement by the chief executive officer and chief financial officer or their equivalents.

Penalties

∙ The Act imposes fines and up to 20 years imprisonment for "altering, destroying, mutilating, concealing, falsifying records, documents or tangible objects" and fines and up to 10 years imprisonment "on any accountant who knowingly and wilfully violates the requirements of maintenance of all audit or review papers."

Changes to the Guidelines in 2007 for the Sarbanes-Oxley Act

The Sarbanes-Oxley Act of 2002 is an extensive piece of United States legislation that reformed the standards for company boards and accounting firms in the wake of the Enron scandal. However, one aspect of the act became somewhat controversial and was changed in 2007.

1. Section 404

o Section 404 of the Sarbanes-Oxley Act required companies to have internal oversight on their financial reporting. Additionally, companies had to have external auditors report on the strength of said oversights. Pro-business activists companies complained this section was too expensive for too little benefit for companies.

SEC

o The Securities Exchange Commission (SEC) agreed that the section was too prohibitive on business. The SEC voted in May, 2007, to pass new guidelines to help businesses deal with the expenses of Section 404.

Congress

o However, the SEC does not have the power to repeal Section 404. In 2007, there were various attempts to repeal or modify Section 404 in Congress, including the Compete Act of 2007 proposed by Rep. Gregory Meeks of New York. However, the section was not changed by Congress in 2007.

Sarbanes Oxley Audit Requirements

∙ The Sarbanes-Oxley Act of 2002 (SOX) was designed as a response to the accounting scandals of the early 2000s. In many of these scandals, a particular problem was that auditors had an interest in the companies on which they were performing the audit, leading to fraudulent audits which were more positive than they deserved to be. SOX, which came into force in 2004, addressed this problem by creating an auditing oversight board, the PCAOB, and instituting a new set of requirements on auditors intended to separate the interests of auditors from their clients, reduce the opportunities for fraud, and raise the overall level of accountability. It should be noted that SOX applies only to public companies.

Conflicts of Interest

∙ SOX requires that auditors may not perform any consulting work for the companies they are auditing. Such work includes bookkeeping, IT design, and legal, management, or investment banking services. The idea behind this legislation is that an auditor providing such services would, in effect, be auditing his own work for the company. In addition, auditors may not advise clients about performing their own internal audits. To comply with these regulations, auditors must provide the PCAOB with a list of their clients as well as a description of services provided and fees collected from each client. To avoid auditors creating close relationships with their clients, they cannot audit the same company more than five years in a row.

Internal Controls

∙ One of the most contentious parts of SOX is section 404, which requires that auditors conduct a top-down risk assessment of a company’s internal controls. This requirement means that auditors must not only examine the validity of a company’s financial reports, but also the ways in which the company generates its figures. This element was put into place to identify any weaknesses in a company’s accounting system which could be compromised and lead to fraud. Many companies object to the high costs involved with documenting and testing the numerous parts of these systems in anticipation of an outside audit, and in fact recent rulings have tried to alleviate these burdens.

Information Technology

∙ As accounting systems are under increased scrutiny with SOX, it is no surprise that audits of IT systems are now required as well. Auditors must examine how financial transactions are recorded and compiled, as well as which employees are able to input and access information. In general, the SOX legislation advocates for centrally automated systems, as these are viewed as being less prone to manipulation. IT security considerations such as data backup, firewalls, and server placement are also subject to auditing, and in the case of an IT-dependent company email systems may also be audited.

Internal Audits and Committees

∙ In addition to the requirements on outside auditors, SOX requires that companies perform their own thorough internal audits. These audits are designed to diagnose and address any problems before the outside auditors begin, and are also evaluated for their effectiveness. Companies are also required to form auditing committees made up of people not directly employed by the firm, although board members are allowed. These committees are held personally responsible for the results of the outside audit so that poor results cannot be blamed on the auditors.