Early history and defining the Sarbanes Oxley Act
The Sarbanes-Oxley Act of 2002 (also known as the SOX act) – is a regulatory compliance regulation in the US that affects financial practice. It is essentially a legislation that protects investors from fraudulent activity. It was brought about as a preventative measure after two key corporate giant collapses by Enron - who saw a massive loss in employees due to substandard decision making. It has become an imperative part of business world-wide, as lack of compliance can cost a corporation to decease.
What does it entail?
SOX compliance entails processes revolved around financial audits, measures of accuracy and control of these financial assets. It also outlines specific requirements to protect electronic records, which are detailed in the SOX act as sections 302 and 404:
This section of the SOX Act appertains towards corporate responsibility:
- The designated employees/shareholders must have reviewed and signed the report.
- This report must be 100% accurate to the best of their knowledge with no fraudulent or false data.
- All financial data must be recorded and presented fairly to reflect the financial condition and material items of the business
- Said designated employees/shareholders must uphold and be responsible for all internal operations.
- These internal operations must have been reviewed in the previous 90 days and reported on for improvement purposes
- A list must be contained of all fraudulent activity of employees involved with internal operations.
- Any significant changes must be recorded as to not negatively impact internal operations.
Section 404 details that companies must establish operations and protocols for financial reporting. They must also document, test and maintain these protocols to ensure clarity, ethics and effectiveness.
- An ‘issuer ’is required to publish information in their annual reporting schedule surrounding the effectiveness of all internal operations and protocols
- They must also detail in the same report an assessment of said procedures for financial reporting (which can also detail improvements and implementation strategies to increase effectiveness)
- Evaluate the following
- Controls over a period-end financial report procedure
- Fraud risk assessments
- Evaluate company level protocols
- The adequacy of internal operations over financial reporting
How it affects UK businesses
UK Banking and financial markets have undergone (and continue to undergo) very similar levels of regulation with SOX compliance.
Many UK businesses have listings in the US due to business expansion, hence the SOX Act having a significant effect on UK businesses. With online connectivity and shared IT systems across the pond then it is imperative that accounting is thorough and transparent in all financial reporting. All in all, it is imperative that if your business is a subsidiary of a US-listed company based in another country it will need to adopt SOX compliance.
As Section 404 details – businesses must document and provide clear evidence of all operational evidence in conjunction to financial reporting that complies with the SOX Act. Such operations include providing details on accounts payable, receivables and other movements of financial assets (including customer funds).
Why you should comply
There are a number of provisions within the SOX Act that entail the consequences of non-compliant businesses:
Section 802 Alteration of documents
Should documents be altered or destroyed for the benefit of hiding crucial information, then penalties can include imprisonment of up to 20 years.
- Should a designated accountant commit any falsities along similar lines for a period of 5 years then imprisonment can be implemented up to 10 years if they violate any or all audits.
Section 906 Corporate responsibility
CEOs have responsibility of submitting financial reports followed by written statements.
- Any reports which do not follow SOX compliance regulations can be imprisoned for up to 10 years and/or fined up to $1 million.
Section 1107 – Whistleblower retaliation
You are unable to retaliate against a whistleblower that makes use of law enforcements and present correct information relating to a SOX procedure or investigation.
- Any interference made to the opposing party (within employment or personally) can lead to prosecution including a fine and/or imprisonment of up to 10 years.