Implications of SOX: Compliance is Likely to be Complex and Costly

Almost 4 years after it was passed by the US Congress, the impact of the SOX Act is still far reaching. This only means that the development and deployment of effective compliance programs are likely to be complex, depending on the status of an organization's system of internal controls. Though SOX was brought in as a measure to prevent corporate misdeeds, it cannot act in isolation. Market confidence can be restored only when the organization changes the mindset, inculcates a strong culture of ethics & values, and enforces internal controls, and transparency in operations. Under SOX, every organization is expected to openly welcome the "Spirit of the Law".

This has been explained in the following chart:

The above chart is explained further as follows:

1. Improved Regulatory Supervision Structure SOX attempts to strengthen the regulatory supervisory mechanism, and also to ensure that adequate resources and funding are available to meet supervisory responsibilities. One of the first steps was the creation of an independent corporate body, Public Company Accounting Oversight Board (PCAOB), which was intended to oversee the audit of public companies. The Act also directed the SEC Securities and Exchange Commission with the responsibility of creating rules under SOX and to oversee its Enforcement. 2. Improved Audit function: Watch Audit Mechanism and Auditor Independence SOX mandates the registration of Public Accounting firms, including foreign public accounting firms by the PCAOB. Only registered firms are allowed to carry out audit. The PCAOB issues auditing, quality control and independence standards. It also has the authority to recognize the GAAP to be used for financial reporting (Sec 103) and the formation of an audit committee of the board of directors (Sec 301). The public accounting firms will have to report critical policies and practices to the committee with any preferred treatments (Sec 204). 3. Management Responsibility for Internal Control Asignificant thrust of SOX has been on improving internal controls, disclosure and transparency levels. The CEO and CFO have to provide certification of periodic reports in the prescribed format (Sec 302).

• As per Sec 404 They are responsible for design, establishment and maintenance of the necessary internal controls to prevent financial misstatements or the omission/inclusion of material facts in reports.
• Any significant deficiencies in the design and operations of internal controls, or detection of fraud to be reported to the audit committee.
• Onus lies on them to establish a mechanism for evaluating the existence and effectiveness of internal controls within 90 days prior to the filing of the report.
• The management assertion about the existence and effectiveness of internal controls has to be attested by the independent auditor.
• It entails the periodic submission of reports along with financial statements from CEO and CFO stating that they comply with the Securities Exchange Act, 1934 (Sec 906).
• The disclosure of material changes in financial conditions or operations on real-time basis. (Sec 409).

4. Conflict of Interest SOX demands companies to restrict the role of members as per the parameters of the auditing committee only (Sec 301). No employees from public accounting firms are allowed to be appointed for senior management positions during the one year prior to the initiation or audit (Sec 206). SOX also prohibits public accounting firms from providing certain non-audit services (Sec 201). The companies have to undergo a compulsory rotation of the lead audit partner and review the partner every five years (Sec 203). Each organization has to issue a notice to its directors and executive officers about the embargo period for purchasing, selling, acquiring or transferring its equity. In case of any violations, there will be recovery of profit (Sec 305). Public appearances or research reports require disclosure of any conflict of interest by the analysts, or the organization to the extent of investment, compensation received, type of services provided and if the compensation was linked to investment banking revenues (Sec 501). 5. Stiff Penalty Structure: Heavy Penalty structure ThePCAOB is empowered to investigate and undertake disciplinary proceedings against registered public accounting firms. The action could be to the extent of permanent revocation of registration, suspension or limitation of activities and a penalty (Sec 105). Such organizations are required to recover any profits made from the sale of securities within 12 months or any bonus, incentive or equity based compensation paid to CEO or CFO (Sec 304). Every organization has to maintain audit or review documentation for five years. Any willful and knowing destruction, alteration or falsification of records in federal investigations or in the case of bankruptcy will attract an imprisonment of minimum of 10 years (Sec 801). An imprisonment of up to 25 years or more is liable for deceiving shareholders, and such an action can be initiated within two years of the discovery of facts or five years after the violation (Sec 807). It entails the periodic submission of reports along with financial statements from CEO and CFO stating that they comply with the Securities Exchange Act, 1934. Even accidental, erroneous certifications or reports attract penalty of USD one million or an imprisonment of 10 years or both. The penalties for premeditated incorrect certifications are higher (Sec 906). Moreover, employees providing evidence of fraud are protected from threat, harassment, discharge, demotion or suspension. Any person taking any retaliatory action against informants can be imprisoned for 10 years or/and be fined (Sec 806).

Conclusion

The Sarbanes Oxley Act of 2002 could be onerous and cumbersome to organizations, and in particular to small businesses. Its little surprise then that 21% of public companies surveyed by the by law firm Foley & Lardner have considered going private or selling out, as a result of the act. However, most companies do not realize that an effective SOX compliance architecture and unconventional auditing methods adopted to cope with the rising costs can help in creating a healthy compliance environment within the organization.

About Thomas and Alex

TA has in-house resource pools of legal and financial experts. We provide case-by-case advice on SOX and PCAOB compliance to public companies. You will get a complete cost-efficient analysis of your financial statements, and the practices that your company should be incorporating in order to meet SOX and PCAOB regulations. We will also provide you with easy-to-use accounting and bookkeeping software services that would provide greater security to your data and documents. By outsourcing your accounting, bookkeeping and tax return filing operations to us, you can achieve remarkable real-time efficiency in a protected and secure environment. Besides, our software applications will help you integrate information into your billing system. Thomas & Alex is committed to helping you streamline business solutions, accelerating your productivity and safeguarding financial processes, even as you keep abreast with SOX compliance. We believe in understanding your business activities, tax and filing requirements, regulatory obligations under SOX and PCAOB, and the jurisdiction of your state. Our professional team will guide you at every step to ensure a smooth transition and business continuity without increased overheads or concerns.