The Sarbanes–Oxley Act of 2002 is a US federal law legislated on July 30, 2002, which set novel or improved standards for every U.S. public company board, administration and public accounting corporations. The Act is named after its backers U.S. Senator and Representative Paul Sarbanes and Michael G. Oxley respectively. The Sarbanes–Oxley Act of 2002 was legislated as a response to a number of key corporate and accounting outrages such as those involved Peregrine Systems, Enron, WorldCom, Adelphia, and Tyco International. These outrages cost the perspective companies’ investors billions of dollars especially when the share prices of their companies crumbled. They thence shook public assurance in the country's securities markets.
The Sarbanes–Oxley Act of 2002 is not applicable to privately held companies. It comprises of 11 titles, or divisions, running from extra corporate board obligations to criminal punishments, and calls for the Securities and Exchange Commission (SEC) to enforce rulings on prerequisites to abide by the new law. The Sarbanes–Oxley Act of 2002 was sanctioned by the House by a ballot count of 423–3 and by the Senate’s ballot count of 99–0. The act was ratified it into law by President George W. Bush, saying it comprised of the most extensive reorganizations of the American business patterns since the reign of Franklin D. Roosevelt.
Section 404: Assessment of internal control
The most controversial part of The Sarbanes–Oxley Act of 2002 (SOX) is Section 404. Section 404 of the Act directs the SEC to adopt rules requiring annual reports of public companies to include an assessment, as of the end of the fiscal year, of the effectiveness of internal controls and procedures for financial reporting. This report must acknowledge that it is management's responsibility for establishing and mainaining adequate internal control over financial reporting and include an assessment of the effectiveness of the company's internal control over financial reporting.
Section 404 also requires the company’s independent auditors to attest to and report on management’s assessment. The section also directs that management must disclose any material weakness and will be unable to conclude that the company's internal control over financial reporting is effective if there are one or more material weaknesses in such control. Furthermore, the framework on which management's evaluation is based will have to be a suitable, recognized control framework that is established by a body or group that has followed due-process procedures, including the broad distribution of the framework for public comment (SEC, 2003).
To help corporations reduce the cost of compliance, The Public Company Accounting Oversight Board (PCAOB), approved two standards (auditing standards no. 2 and 5). The two standards required management to;
- Assess the design and operating effectiveness of some selected internal controls (Wikipedia, 2010).
- Understand transaction flow and identify points at which a misstatement may arise.
- Conduct assessment of fraud risk and evaluate the controls design to detect and prevent fraud (Wikipedia, 2010).
- Conclude on the adequacy of internal control over financial reporting
Section 404 compliance cost has encouraged companies to centralize and automate their financial reporting. The cost however, was found to disproportionate for small public companies. For example, during 2004, companies with revenue above $5 billion spent 0.06 percent of revenue on SOX compliance, while those with less than $100 million in revenue spent over 2 percent on the same (Wikipedia, 2010). PCAOB and SEC have tried to proovide guidelines for small public companies to solve this problem.
Some of the benefits of SOX are:
- It provides the internal audit profession with a prime opportunity to be a cornerstone of business (Jared, 2003).
- Audit committee will be very active in the audit process from reviewing and contributing to oversight of the risk management process to the review of status reports of control deficiencies. Also, each member of the audit committee will be independent (Jared, 2003).
- Enhancement of the risk management process which will include audit plan support of the business plan and input from planning committee (Jared, 2003).
- A greater level of coordination between the internal and external audit functions in order to provide greater organizational audit coverage (Jared, 2003).
SOX has also received criticism. According to white Collar Crime Prof Blog (2005), “One CEO who was openly critical of Sarbanes-Oxley was Maurice Greenberg, the former CEO of AIG who may ultimately run afoul of its provisions, and few CEOs appear willing to be lumped together with him.” In April, 2006, Washington D.C.-based lobbying group The Free Enterprise Fund joined hands with the small Nevada-based accounting firm Beckstead & Watts to sue the Public Company Accounting Oversight Board (PCAOB) -- the five-member oversight board that was created as part of the Sarbanes-Oxley Act of 2002, which monitors and disciplines accounting firms that audit public companies (Shaheen, 2006). Some scholars have cited that due to the enactment of SOX investor are more likely to invest in the U.K stock market rather than the U.S stock market. These are only of the few criticisms that SOX has faced.
Although the enactment of SOX has faced many criticism many people and business groups have come to appreciate its importance.