ESPINO, JOANNIE G.

Sarbanes-Oxley Act of 2002

Four Ways Sarbanes-Oxley Stops Corporate Fraud BY KIMBERLY AMADEO August 15, 2018

The Sarbanes-Oxley Act of 2002 cracks down on corporate fraud. It created the Public
Company Accounting Oversight Board to oversee the accounting industry. It banned company
loans to executives and gave job protection to whistleblowers. The Act strengthens the
independence and financial literacy of corporate boards. It holds CEOs personally responsible
for errors in accounting audits.

The Act is named after its sponsors, Senator Paul Sarbanes, D-Md., and Congressman Michael
Oxley, R-Ohio. It's also called Sarbox or SOX. It became law on July 30, 2002. The Securities
and Exchange Commission enforces it.

The Sarbanes-Oxley Act of 2002 came in response to financial scandals in the early 2000s
involving publicly traded companies such as Enron Corporation, Tyco International plc,
and WorldCom. The high-profile frauds shook investor confidence in the trustworthiness of
corporate financial statements and led many to demand an overhaul of decades-old regulatory
standards.

Many thought that Sarbanes-Oxley was too punitive and costly to put in place. They worried it
would make the United States a less attractive place to do business. In retrospect, it's clear that
Sarbanes-Oxley was on the right track. Deregulation in the banking industry contributed to the
2008 financial crisis and the Great Recession.

Understanding the Sarbanes-Oxley (SOX) Act

The rules and enforcement policies outlined in the Sarbanes-Oxley Act of 2002 amended or
supplemented existing laws dealing with security regulation, including the Securities Exchange
Act of 1934 and other laws enforced by the Securities and Exchange Commission (SEC). The
new law set out reforms and additions in four principal areas:

 Corporate responsibility
 Increased criminal punishment
 Accounting regulation
 New protections

Major Provisions of the Sarbanes-Oxley (SOX) Act of 2002

 The Sarbanes-Oxley Act of 2002 is a complex and lengthy piece of legislation. Three of
its key provisions are commonly referred to by their section numbers: Section 302,
Section 404, and Section 802.
 [Important: Because of the Sarbanes-Oxley Act of 2002, corporate officers who
knowingly certify false financial statements can go to prison.]
 Section 302 of the SOX Act of 2002 mandates that senior corporate officers personally
certify in writing that the company's financial statements "comply with SEC disclosure
requirements and fairly present in all material aspects the operations and financial
condition of the issuer." Officers who sign off on financial statements that they know to
be inaccurate are subject to criminal penalties, including prison terms.
 Section 802 of the SOX Act of 2002 contains the three rules that affect recordkeeping.
The first deals with destruction and falsification of records. The second strictly defines
the retention period for storing records. The third rule outlines the specific business
records that companies need to store, which includes electronic communications.
 Section 404 of the SOX Act of 2002 requires that management and auditors
establish internal controls and reporting methods to ensure the adequacy of those
controls. Some critics of the law have complained that the requirements in Section 404
can have a negative impact on publicly traded companies because it's often expensive
to establish and maintain the necessary internal controls.
 Besides the financial side of a business, such as audits, accuracy and controls, the SOX
Act of 2002 also outlines requirements for information technology (IT) departments
regarding electronic records. The act does not specify a set of business practices in this
regard, but instead defines which company records need to be kept on file and for how
 long. The standards outlined in the SOX Act of 2002 do not specify how a business
should store its records, just that it's the company IT department's responsibility to store
themSection 404 and Certification

Section 404 requires corporate executives to certify the accuracy of financial statements
personally. If the SEC finds violations, CEOs could face 20 years in jail. The SEC used Section
404 to file more than 200 civil cases. But only a few CEOs have faced criminal charges.

Section 404 made managers maintain “adequate internal control structure and procedures for
financial reporting." Companies' auditors had to “attest” to these controls and disclose “material
weaknesses."

Requirements

SOX created a new auditor watchdog, the Public Company Accounting Oversight Board. It set
standards for audit reports. It requires all auditors of public companies to register with them. The
PCAOB inspects, investigates, and enforces compliance of these firms. It prohibits accounting
firms from doing business consulting with the companies they are auditing. They can still act as
tax consultants. But the lead audit partners must rotate off the account after five years.

But SOX hasn't increased the competition in the oligarchic accounting audit industry. It's still
dominated by the so-called Big Four firms. They are Ernst & Young, PricewaterhouseCoopers,
KPMG, and Deloitte.

Internal Controls

Public corporations must hire an independent auditor to review their accounting practices. It
deferred this rule for small-cap companies, those with a market capitalization of less than $75
million. Most or 83 percent of large corporations agreed that SOX increased investor
confidence. A third said it reduced fraud.

Whistleblower

SOX protects employees that report fraud and testify in court against their employers.
Companies are not allowed to change the terms and conditions of their employment. They can't
reprimand, fire, or blacklist the employee. SOX also protects contractors. Whistleblowers can
report any corporate retaliation to the SEC.

Effect on the U.S. Economy

Private companies must also adopt SOX-type governance and internal control structures.
Otherwise, they face increased difficulties. They will have trouble raising capital. They will also
face higher insurance premiums and greater civil liability. These would create a loss of status
among potential customers, investors, and donors.

SOX increased audit costs. This was a greater burden for small companies than for large ones.
It may have convinced some businesses to use private equity funding instead of using the stock
market.

Why Congress Passed Sarbanes-Oxley

The Securities Act of 1933 regulated securities until 2002. It required companies to publish a
prospectus about any publicly-traded stocks it issued. The corporation and its investment bank
were legally responsible for telling the truth. That included audited financial statements.

Although the corporations were legally responsible, the CEOs were not. So, it was difficult to
prosecute them. The rewards of "cooking the books" far outweighed the risks to any individual.

SOX addressed the corporate scandals at Enron, WorldCom, and Arthur Anderson. It prohibited
auditors from doing consulting work for their auditing clients. That prevented the conflict of
interest which led to the Enron fraud. Congress responded to the Enron media fallout, a lagging
stock market, and looming re-elections.

REFERENCE: https://www.investopedia.com/terms/s/sarbanesoxleyact.asp

https://www.thebalance.com/sarbanes-oxley-act-of-2002-3306254