The Sarbanes-Oxley Act, commonly called SOX is a law enacted in the United States of America, to protect investors from accounting and financial fraud at publicly traded corporations. It was passed in 2002 after a series of reported scandals and the dot-com bubble burst. It obligated companies to adhere to norms related to reporting, accounting, and data retention methods and to confirm quality of business practices. An accounting board was also established by the act to overlook on all these. The Sarbanes-Oxley Act has eleven titles, out of which the most significant sections are often 302, 401, 404, 409, 802 and 906.Summary
Sarbanes-Oxley Act is a result of a series of scandals. Numerous publicly dealt companies like Enron and WorldCom, used accounting scam, shell corporations and other deceitful methods to scam investors. It was done to hide business losses from community and keep stock prices hollowly in elevation. Managers and board members used this trickery to enrich themselves, leaving investors alone when stock price collapsed. These scams surfaced about same time when dot-com shares shrunk. Thus, people started believing that these internet companies executed fraud on a similar scale as Enron. Many investors were of the opinion that inflated reports of earning potential made their IPOs lucrative.
Hence, SOX forced heavy regulatory burden on all companies to prevent such exploitation. The law still aims to improve corporate conduct by making companies generate and retain precise data about finances and make data available to investors and regulators in real time. It means enormous amount of company data has to be kept accurately and safe—from internal and external threats—and made accessible to auditors and investors immediately.
Copyright © 2021 Kalkine Media Pty Ltd.
Under SOX, CEOs and CFOs will carry the responsibility for reporting and internal controls. Formal data security policies need to be drafted and enforced. Managers are to maintain “adequate internal controls for financial reporting." Auditors have to “attest” and disclose substantial loopholes. Internal controls set up under this section by the management must elaborate on technical systems to maintain data integrity and protection. Management and registered external auditors must often evaluate and document the efficacy of the systems as well. SOX also created a regulator for auditors, the Public Company Accounting Oversight Board (PCAOB). It sets principles for audit reports and all auditors of public companies are to register with PCAOB. It also forbids accounting firms from consulting companies they audit. There is also a requirement for rotation of lead audit partners after five years.
Sarbanes-Oxley Act of 2002 is mandatory for all organizations, large and small. Some provisions apply only to privately held companies, like it prohibits such companies from destroying records to hinder investigation. It also forbids retaliating against whistleblowers. However, largely the provisions apply to corporations whose shares are traded on stock exchanges, or who are to come up with an IPO. The data clarity it mandates is meant to defend investors or potential investors from misinterpreting a company's finances because of a manipulation by insiders.
Penalties under Sarbanes-Oxley Act can be quite grave. They apply mostly to persons in positions of power and influence who can directly or indirectly mislead investors. Corporate officers, managers or Board of directors who erroneously sign off on faulty reports can be punished. The worst treatments are earmarked for cautious fraud. For instance, a CEO or CFO who knowledgeably endorses a report that violates the law, can be penalized up to USD 5 million or sent to jail for up to 20 years. If any abuses are seen, CEOs could face 20 years in prison. The SEC has used Section 404 of SOX Act, 2002, to file over 200 civil cases in the past. Out of this only a few CEOs have faced criminal charges for fraud.
Though it was a very beneficial law to investors it was deemed as too costly and full of efforts for corporations. Few criticisms about the law are:
Though SOX is expensive, mainly for small firms but its emphasis on auditing quality has reinstated and fortified investor confidence.
With introduction of SOX Act, 2002 investors have profited from access to comprehensive and reliable data, being able to analyze investments, on accurate numbers.