The Sarbanes-Oxley Act of 2002 cracks down on corporate fraud. It created the Public Company Accounting Oversight Board to oversee the accounting industry. It banned company loans to executives and gave job protection to whistleblowers. The Act strengthens the independence and financial literacy of corporate boards. It holds CEOs personally responsible for errors in accounting audits.
The Act is named after its sponsors, Senator Paul Sarbanes, D-Md., and Congressman Michael Oxley, R-Ohio. It's also called "Sarbox" or "SOX." The statute became law on July 30, 2002. The Securities and Exchange Commission (SEC) enforces it.
Many thought that Sarbanes-Oxley was too punitive and costly to put in place. They worried it would make the United States a less attractive place to do business. In retrospect, it's clear that Sarbanes-Oxley was on the right track. Deregulation in the banking industry contributed to the 2008 financial crisis and the Great Recession.
Section 404 requires corporate executives to certify the accuracy of financial statements personally. If the SEC finds violations, CEOs could face 20 years in jail. The SEC used Section 404 to file more than 200 civil cases, but only a few CEOs have faced criminal charges.
Section 404 made managers maintain “adequate internal control structure and procedures for financial reporting." Companies' auditors had to “attest” to these controls and disclose “material weaknesses."
SOX created a new auditor watchdog, the Public Company Accounting Oversight Board. It set standards for audit reports. It requires all auditors of public companies to register with them. The PCAOB inspects, investigates, and enforces the compliance of these firms. It prohibits accounting firms from doing business consulting with the companies they are auditing. They can still act as tax consultants, but the lead audit partners must rotate off the account after five years.
SOX hasn't increased the competition in the oligarchic accounting industry, which is still dominated by the so-called Big Four firms: Ernst & Young, PricewaterhouseCoopers, KPMG, and Deloitte.
SOX protects employees that report fraud and testify in court against their employers. Companies are not allowed to change the terms and conditions of their employment. They can't reprimand, fire, or blacklist the employee. SOX also protects contractors. Whistleblowers can report any corporate retaliation to the Occupational Safety and Health Administration.
Private companies must also adopt SOX-type governance and internal control structures. Otherwise, they face increased difficulties. They will have trouble raising capital. They will also face higher insurance premiums and greater civil liability. These would create a loss of status among potential customers, investors, and donors.
SOX increased audit costs. This was a greater burden for small companies than for large ones. It may have convinced some businesses to use private equity funding instead of using the stock market.
The Securities Act of 1933 regulated securities until 2002. It required companies to publish a prospectus about any publicly-traded stocks it issued. The corporation and its investment bank were legally responsible for telling the truth. That included audited financial statements.
Although the corporations were legally responsible, the CEOs were not. So, it was difficult to prosecute them. The rewards of "cooking the books" far outweighed the risks to any individual.
SOX addressed the corporate scandals at Enron, WorldCom, and Arthur Anderson. It prohibited auditors from doing consulting work for their auditing clients. That prevented the conflict of interest which led to the Enron fraud. Congress responded to the Enron media fallout, a lagging stock market, and looming reelections.
The Sarbanes-Oxley Act was passed by Congress to curb widespread fraudulence in corporate financial reports, scandals that rocked the early 2000s. The Act now holds CEOs responsible for their company’s financial statements. Whistleblowing employees are given protection. More stringent auditing standards are followed. These are just a few of the SOX stipulations.
Some critics though believe SOX is an expensive compliance, particularly for small companies, but its focus on high auditing quality has restored and strengthened investor confidence in U.S. companies.
All publicly traded companies in the U.S. must comply with SOX.
The severity of penalty for noncompliance depends on which of the 11 sections of SOX were violated. Punishment can range from paying a fine or losing an exchange listing to long prison sentences and millions of dollars in fines.
It's a compliance audit done by a neutral third party to verify financial statements of a company and how they were created. The auditor will look at financial statements and interview certain employees of the company to ensure the company is in compliance with SOX.