The Sarbanes-Oxley Act is the single most important piece of legislation affecting corporate governance, financial disclosure and the practice of public accounting since the USA security laws of the early 1930s. It is crystal clear that companies and the accounting profession have made tremendous progress in meeting the rigorous requirements of this legislation.
Sarbanes-Oxley establishes new and enhanced standards of all united public company boards, management, and public accounting firms. The Act is mandatory. All organizations, large and small must comply to. Among of its achievements are the introduction of major changes to the regulations of financial practice and corporate governance and setting a number of deadlines for compliance. Some of these deadlines are; most public companies must meet the financial reporting certificate mandates for any end of year financial statements filed after November 15th 2004 (amended from June 5th). Smaller companies and foreign companies must meet these mandates for any statements filed after 15th July 2005 (amended from April 15th). It is organized into 11 titles although, with respect to compliance, 304, 404, 401, 802 and 906 are the most significant. The Act was passed in response to high-profile business failures, in order to reinforce investment confidence and protect the investors by improving the accuracy and reliability of corporate disclosure. (Michael R. et al, 2006, 46-49).
Sarbanes-Oxley Act is also intended to ‘deter and punish corporate and accounting fraud and corruption, ensure justice for wrongdoers and protect the interests of workers and shareholders’ (Quote: President Bush). The Act also created a Public Company Accounting Oversight Board (PCAOB). The most remarkable aspect relates to its profile. It is very much in the public and media arena. The focus is certainly intense in this respect, creating yet another clear motivation for compliance. There is simply no escaping it. The Act’s stated objectives are to protect investors by improving the accuracy and reliability of corporate disclosure made pursuant to the securities laws. It has been instrumental in establishment of new and enhanced standards of all USA public companies, boards, management and public accounting firms. (Michael R. et al, 2006, 80-83).
Main Details of Sarbanes-Oxley Act
The Act had the responsibilities of; creation of the Public Company Accounting Oversight Board (PCAOB). It was the Act’s requirement that public companies evaluate and disclose the effectiveness of their internal control as they relate to financial reporting, and those independent auditors for such companies ‘attest’ (i.e. agree or qualify) to such disclosure. The Act is entitled to perform certification of final reports by chief executive officers and chief financial officers. The Act is also auditor independent, including outright pre-certification by the Company’s Audit Committee of all other non-audit work. The Act also has a requirement that companies listed on stock exchanges have fully independent audit committees that oversee the relationship between the company and its auditor. The Act has also a provision of accelerating reporting of insider trading and ban on most personal loans to any executive officer or district. (Michael R. et al, 2006, 101-114).
The Act is also entitled with prohibition on insider trades during pension fund, blackout periods and additional disclosure. The Act is also entitled to enhance criminal and civil penalties for violations of security laws. Another provision is significantly longer maximum jail sentences and longer fines for corporate executives who knowingly and willingly misstate financial statements. However, maximum sentences are largely irrelevant because judges generally follow the Federal Sentencing Guidelines in setting actual sentences. Lastly, the Act has the provision for employee protection allowing those corporate fraud whistle-blowers who file complaints with OSHA within 90 days to win reinstatement, back pay and benefits, compensatory damages, abatement orders, and reasonable attorney fees and costs. (Michael R. et al, 2006, 118-121).
The Sarbanes-Oxley Act also looks into the requirements for auditor attestation of control disclosure through PCAOB through the following key requirements: assessment of both the design and effectiveness of internal controls related to relevant financial statement assertions for all significant accounts and disclosures in the financial statement; understanding how significant transactions are initiated, authorized, supported, processed and reported; documenting sufficient information about the flow of transactions to identify where material misstatements due to error or fraud could occur; evaluate company level (entity-level) controls, which correspond to the components of the Committee of Sponsoring Organization of the Treadway Commission (COSO) framework; evaluate controls designed to prevent or detect fraud, including management override of controls; evaluate controls over the period-end financial reporting process; evaluate controls over the safeguarding of assets; and conclude on the adequacy of both management’s assessment and internal control over financial reporting. (Michael R. et al, 2006, 116-119).
The Act is organized into 11 titles. With respect to compliance six out of the eleven titled are the most important as highlighted below:
Section 302: Include certifications that: the signing officer has reviewed the report; the report does not contain any material, untrue statements or material omissions or be considered misleading; the financial statements and related information fairly present the financial condition and the results in all material respects; the signing officers are responsible for internal controls and have evaluated; these internal controls within the previous ninety days and have reported on their findings; a list of all deficiencies in the internal controls and information on any fraud that involves employees who are involved with internal activities; any significant changes in internal controls or related factors that could have a negative impact on the internal controls. Organizations may not attempt to avoid these requirements by reincorporating their activities or transferring their activities outside of the USA.
Section 401 of Sarbanes-Oxley Act 2002 holds that; financial statements are published by issuers are required to be accurate and presented in a manner that does not contain incorrect statements or admit to state material information. These financial statements shall also include all material off-balance sheet, liabilities, obligations or transactions. The commission was required to study and report on the extent of off-balance transactions resulting transparent reporting. The commission is also required to determine whether generally accepted accounting principles or other regulations result in open and meaningful reporting by issuers.
Section 404 of Sarbanes-Oxley Act 2002 details that; the registered accounting firm shall, in the same report, attest to and report on the assessment on the effectiveness of the internal control structure and procedures for financial reporting.
Section 409 of Sarbanes-Oxley Act 2002 details that; issuers are required to disclose to the public on urgent basis information on material changes in their financial conditions. These disclosures are to be presented in terms that are easy to understand supported by trend and qualitative information of graphic presentations as appropriate.
Section 802 of the Sarbanes-Oxley Act 2002 imposes penalties of fines and/or upto 20 years imprisonment for altering, destroying, mutilating, concealing, falsifying records, documents or tangible objects with the intent to obstruct, impede or influence a legal investigation. This section also imposes penalties of fines and/or imprisonment upto 10 years on any accountant who knowingly and willfully violates the requirements of maintenance of all audit or review papers for a period of 5 years.
Act 906 is the leading provider of governance, compliance and risk management solutions for Sarbanes-Oxley compliance, financial controls management, general compliance management, operation risk management and Information Technology governance. The company’s solutions provide the visibility, decision support and control to improve accountability, better manage risk, achieve compliance with numerous regulations, improve operational performance and align strategies to ensure results. (Michael R. et al, 2006, 117-270).
Sustainable governance, risk and compliance management is one key qualification enabling well governed business dealing with market leading corporations in financial services, manufacturing, telecommunications, media/entertainment, retail/consumer, energy, high technology, health services and life sciences.
Impact on the Accounting Profession
There are abuses of charity that principally rely on the tax advantages conferred by the deductibility of contributions to those organizations if these abuses are left unchecked there is the risk that the Americans not only will lose faith in and reduce support for charitable organizations but also shall the integrity of the tax system be compromised.
The need for sustainable compliance is encouraged. Leveraging lessons learned are a good aid to shift to a long-term strategy. The compliance section (404) of the Act was treated as a discrete project with a clearly defined ending point; significant infusion of resources i.e. budget and headcount would undergo significant infusion to accommodate the additional workload will be needed if management continues to utilize internal audit for intensive 404 and 403 compliance related work. (Michael R. et al, 2006, 55-62).
Great clarity and integration going forward will be required for internal control-related roles and responsibilities, often poorly defined and segregated from the day-to-day routing of employees during the first year. The goals of the Act will be achieved and the impact and implications of technology are widely regarded as significant and pervasive. In many years one projects, organizations focused heavily on business processes and did not consider the broader role that it plays in managing financial information and enabling controls. A huge impact is expected on compliance going forward. At a minimum, technology investments will be necessary to support sustainable compliance in several areas, including repository, work flow, and audit trial functionally. Technology will also be used to enable the integration of financial and internal control monitoring and reporting a critical requirement at most large and complex enterprises.
Effective internal control is predictable on risk the controls themselves exist expressly for the purpose of minimizing the risk of financial reporting errors in year one, risk assessment was treated as an afterthought if addressed at all.
The ability of businesses to respond to the areas noted above is crucial to the future of SOX 404 by making it a part of every day business. (Michael R. et al, 2006, 64-68).
Impact on Business
Effective and efficient processes for evaluating testing, remediating, monitoring, and reporting on controls; integrated financial and internal control processes; technology to enable compliance; clearly articulated roles and responsibilities and assigned accountability; education and training to reinforce the ‘control environment’ and adaptability and flexibility to respond to organizational and regulatory change. Significant revenue will be generated from these elaborate exercises. (Michael R. et al, 2006, 134-146).
Internal control over financial reporting plays a critical role in the USA marketplace. A good internal control system is one of the most effective deterrents to fraud and a key factor in preventing financial misstatements. In the near future, investors will begin to see new types of reports from managements and auditors about whether adequate internal control over financial reporting is in place. For these reasons and in order to give investors tools to improve their comprehension of the new internal control reporting.
Taking a few basic steps to enhance the current business scenario is far much of importance than, even considering using external legal expert or consultant for help. This is significant for demonstrating due diligence and reduce the overall consultancy costs themselves. However, the most certainly common approach is compliance in which case all necessary precautions are important in that nothing is left to chance.
One area that falls into self-help category is perhaps security. In many respects, security underplays some of the requirements of the Sarbanes-Oxley Act. It is therefore, important to quickly establish a credible and detailed security policy, which can often be done readily via off the shelf packages. (Michael R. et al, 2006, 324-360).
To become time conscious and oriented to work through personal will is of crucial importance in determining the extent of out to clients and even building satisfaction in the marketplace. Each individual should be driven by motive towards accomplishing the immediate job at the shortest time interval possible. This is of crucial importance towards protecting investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws.