• Sarbanes-Oxley Act

    SOX act or Sarbanes-Oxley Act was introduced in 2002 to encounter certain Corporate Scandals and improve the financial reporting standards of the companies. The name came from its inventors Paul Sarbanes and Michael Oxley. The SOX Act comprises of 11 sections or titles introduced by Security and Exchange Commission which describes the Corporate Responsibilities and criminal Penalties.

    SOX Act was passed as a result of number of Corporate Accounting and Financial Scandals. It was introduced to gain back the trust of public and shareholders in the Accounting Processes and to stop fraudulent practices in enterprises.

    Main objectives behind introduction of this Act are:

    • Avoid Security Violations
    • Provide Auditor Independence
    • Introduce External Audits to handle conflict of Interest

    In US all publicly traded companies across all the sectors including all of their subsidiaries and divisions come under this Act. Any non-US MNC trading with US companies should also comply with this Act.

    Private firms can also comply with the SOX Act to gain investor confidence, though it is not mandatory for them.

    Key Features

    The key features of this act are as follows

    • This Act impacts the interactions of the Board members and the Executives and their communication with the Auditors.
    • As per the act the CEO and the CFO of a company will be held responsible for any financial statement scam of the company. They can never claim to be unaware of a situation which has led to financial hazards.
    • This Act covers varied issues like independent auditing requirements, corporate governance, internal control assessment and more transparent financial disclosure.
    • Refers to type of business records that need to be stored, including all business records and communications, even electronic communications (e-mails). The Act requires a company to store all financial records and communications for last 5 years.
    • Defines the codes of conduct for security analysts and requires disclosure of known conflicts of interest.
    • As per the act a company cannot file tax returns without the signature of the CEO of the company.
    • Act also includes new standards for accountability and criminal penalty for Corporate Management.

    How to comply?

    A company can achieve SOX compliance by achieving the below requirements:

    • The financial statements must accurately reflect business operations.
    • All financial transactions should be authorized and reviewed by the Management on regular basis.
    • All the risks should be identified and appropriate risk management process should be adopted to mitigate the risks.
    • The controls used should be universally applied and consistent across all the business verticals.
    • Public disclosure should be present for any kind of changes in the financial statements.

    SOX Internal Controls

    Controls are the policies, procedures and organizational structures that are designed to assure that the business objectives will be achieved and undesired events will either be prevented or handled.

    Certain Control Frameworks are used to achieve the business objectives. 2 main control frameworks used to achieve SOX act compliance are

    COSO – The COSO framework emphasizes on financial processes and Risk Management. It contains 8 components that together achieve the Organization mission and helps in Risk Management.

    COBIT – COBIT is an IT control framework built based on COSO. It contains a toolset that help managers to connect between control requirements, technical issues and business risks. Benefits of Information Technology are used in this Framework to gain the shareholder’s confidence.

    SOX act has the below advantages

    • Increases Investors’ confidence about the company and its financial reporting standards.
    • Management held more responsible for any kind of financial hazards or irregularity. Management becomes more serious in order to avoid any future issues.
    • Usage of Internal Controls make the system robust and error-free

    SOX act has the below disadvantages

    • The whole process is costly and time consuming
    • Sometimes, it becomes difficult to adhere to all Acts
    Post Tagged with ,

Leave a Reply

Your email address will not be published. Required fields are marked *