What impact did the Sarbanes-Oxley Act have on corporate governance in the United States?

By Andriy Blokhin | May 28, 2015 12:11 PM EDT

A:
After a prolonged period of corporate scandals involving large public companies from 2000 to 2002,
the Sarbanes-Oxley Act was enacted in July 2002 to restore investors' confidence in markets and
close loopholes for public companies to defraud investors. The act had a profound effect on corporate
governance in the United States. The Sarbanes-Oxley Act requires public companies to strengthen audit
committees, perform internal controls tests, set personal liability of directors and officers for accuracy
of financial statements, and strengthen disclosure. The Sarbanes-Oxley Act also establishes stricter
criminal penalties for securities fraud and changes how public accounting firms operate their businesses.

One direct effect of the Sarbanes-Oxley Act on corporate governance is the strengthening of audit
committees at public companies. The audit committee receives wide leverage in overseeing the
company's top management accounting decisions. The audit committee members must be independent
of the top management and gain new responsibilities such as approving numerous audit and non-audit
services, selecting and overseeing external auditors, and handling complaints regarding the
management's accounting practices.

The costliest part of the Sarbanes-Oxley Act is Section 404, which requires public companies to perform
extensive internal control tests and include an internal control report with their annual audits. Testing and
documenting manual and automated controls in financial reporting requires enormous effort and
involvement of not only external accountants, but also experienced IT personnel. The compliance cost is
especially burdensome for companies that heavily rely on manual controls. The Sarbanes-Oxley Act
encouraged companies to make their financial reporting more efficient, centralized and automated.

The Sarbanes-Oxley Act changes management's responsibility for financial reporting significantly. The act
requires that top managers personally certify the accuracy of financial reports. If a top manager knowingly
or willfully makes a false certification, he can face 10 to 20 years in prison. If the company is forced to
make a required accounting restatement due to management's misconduct, top managers can be forced
to give up their bonuses or profits made from selling the company's stock. If the director or officer is
convicted in securities law violation, he can be prohibited from serving in the same role at the public
company.

The Sarbanes-Oxley Act significantly strengthens the disclosure requirement. Public companies are
required to disclose any material off-balance sheet arrangements, such as operating leases and special
purposes entities. The company is also required to disclose any pro forma statements and how they
would look under the generally accepted accounting principles (GAAP). Insiders must report their stock
transactions to the Securities and Exchange Commission (SEC) within two business days as well.

The Sarbanes-Oxley Act imposes harsher punishment for obstructing justice and securities fraud, mail
fraud and wire fraud. The maximum sentence term for securities fraud increased to 25 years, and the
maximum prison time for obstruction of justice increased to 20 years. The act increased the maximum
penalties for mail and wire fraud from five to 20 years of prison time. Also, the Sarbanes-Oxley Act
significantly increased fines for public companies committing the same offense.

The Sarbanes-Oxley Act affected corporate governance of public companies as well as external auditors.
The act established the Public Company Accounting Oversight Board, which promulgates standards for
public accountants, limits their conflicts of interest and requires lead audit partner rotation every five years
for the same public company.

Read more: What impact did the Sarbanes-Oxley Act have on corporate governance in the United
States? | Investopedia http://www.investopedia.com/ask/answers/052815/what-impact-did-sarbanesoxley-
act-have-corporate-governance-united-states.asp#ixzz4QAk82gn2
Follow us: Investopedia on Facebook

How did Sarbanes Oxley (SOX) affect the rules and regulations for account reconciliation?
By Sean Ross | April 23, 2015 1:21 PM EDT
A:

U.S. Congress passed the Sarbanes-Oxley Act of 2002 to shore up perceived weaknesses in accounting
regulations. Part of the resulting changes was explicitly prohibiting a company from using its external
auditor for internal control. The Act stressed the importance of account reconciliation as a form of
preventative control and fraud protection.

Banning external auditors forces companies to replace auditor consultation with other internal controls.
Since 2002, focus on account reconciliation is the chief tool for identifying and fixing accounting errors
before SEC filings. This accelerated a standardization of reconciliation processes among publicly traded
companies in the United States.

Sarbanes-Oxley Regulations
Internal control of publicly traded companies is addressed in sections 404 and 409 of the Sarbanes-Oxley
Act. These regulations stress the importance of the balance sheet and, more specifically, the quality of
information fed into the balance sheet.

The Act established the Public Company Accounting Oversight Board to register public accounting firms
that audit traded companies. This board has the authority to impose rules regarding auditing techniques,
corporate ethics and quality control.

These regulations do not only impact financial accounting; operational management is regulated even
down to the way inventory is stored and monitored. The Act infamously forbids "material weakness" in
internal control, a broad and vague term. Any instances of possible material weakness need to be publicly
disclosed along with the financial accounts.

Material weakness is identified in three major areas: segregation of duties, technology issues and
account reconciliation. Sarbanes-Oxley stresses that account reconciliation needs to include frequent
inventory counts and reviews of inventory valuation methods. Regulators also expect companies to
maintain technology capable of supporting a speedy reconciliation process.

Sarbanes Testing
Publicly traded companies perform tests to check their readiness for a Sarbanes-Oxley audit. This is
sometimes referred to in accounting circles as "Sarbanes testing." An effective Sarbanes test includes
reconciling source documents and providing documentation for all inflows and outflows, payables and
receivables or other ledger items. This is more challenging and more necessary for firms with complex,
interrelated ledger systems and company operations.

Those conducting account reconciliation should look for material misstatements in the financial
statements. This is more difficult in practice than in theory, as the thresholds for material misstatements
and material weakness, each contributing to "lack of internal controls," are ill-defined.

Enhanced Financial Disclosures

Under Sarbanes-Oxley, a public company has to disclose several types of transactions or errors not
required under previous accounting laws. Companies with any off-balance sheet transactions, such as
those involving special-purpose vehicles, need to be reported and publicly disclosed. Any pro-
forma information must be made public as well. Companies need to establish procedures for assessing
internal controls, primarily through account reconciliation, and then disclose the reporting on
management's assessment of such controls. It is also particularly important to discover and disclose all
auditing risks in the balance sheet. All balance sheet accounts should be classified as either high-risk,
moderate-risk or low-risk.

Read more: How did Sarbanes Oxley (SOX) affect the rules and regulations for account reconciliation? |
Investopedia http://www.investopedia.com/ask/answers/042315/how-did-sarbanes-oxley-sox-affect-rules-
and-regulations-account-reconciliation.asp#ixzz4QAkSgZqL
Follow us: Investopedia on Facebook

The Sarbanes-Oxley Act and Its Aftereffects

by Dimitris N. Chorafas

The focused and effective management of exposure has been conspicuously absent among companies
who, in recent years, have become embroiled in scandals and bankruptcies. This highlights the
importance of the quality of corporate governance as a crucial consideration for all organizations, with
management ethics, internal control, and the audit function being at the kernel of an evaluation. News
items in the first years of this century highlighted the problems of poor accountability and of management
malfeasance in large listed companies. However, the underlying issues are just as prevalent in smaller
listed and unlisted firms. Moreover, because external auditors looked the other way in some of these
scams, their role came under public scrutiny.

Conflict of interest has been a particularly touchy point. In many cases, its origins were found in the fact
that, for several decades, external audit firms have been performing a variety of consultancy roles for the
same companies they audit, thereby becoming too close to the client and losing objectivity in the push for
profitability.
The aftermath of such inadequacies is magnified by the fact that companies today operate in a fast-
moving environment. Changes in terms of products, markets, and technology present both opportunities
and risks, with the result that many firms seize the opportunities but are far less sensitive to the risks,
including those of malfeasance and biased judgment.

In the decades before the Sarbanes-Oxley Act (SOX) made it untenable for an investment banker to sit
on his or her client company's board, such board seats were much sought after by bankers as a way of
gaining the most insight into the client's strategic thinking and its prevailing financial staying power. This
practice also helped to ensure that the investment bank walked away with the lion's share of the client's
business.

The cases of Enron, Adelphia Communications, and WorldCom in the United States and of Parmalat in
Europe-to name just four-are too well known to be described here in detail. The Enron scandal of
December 2001 was followed in short order by WorldCom, whose report of $7 billion in fictitious profit
dwarfed Enron's concealment of a "mere" $1.8 billion in debt. By the end of 2002, the list of companies
with questionable financial reporting included AOL, ImClone, Merck, Qwest, Tyco, Xerox, and Arthur
Andersen, a powerhouse certified public accounting firm that was severely weakened following
prosecution for its lax practices while auditing Enron and eventually went out of business.

The ripple effect of accounting scandals, auditing scams, and fake financial reporting shook the business
community and bent the resistance to tougher legislation by a myriad of lobbyists. In a climate of public
mistrust to business because of widespread creative accounting practices, the Sarbanes-Oxley Act was
passed in July 2002 by the U.S. Congress. The act established rigorous corporate governance rules and
set specific expectations on the reliability of financial statements of firms whose shares are traded on U.S.
stock exchanges.

Section 302 of the act requires CEOs and CFOs to certify the dependability of their firms' financial
statements, including whether their entities have (a) effective systems of internal control related to
external financial disclosures and (b) procedures capable of notifying both external auditors and their
audit committees when significant control deficiencies are detected in these systems. Section 404 of the
Sarbanes-Oxley Act demands that a firm's external auditor must report on the reliability of management's
assessment of internal controls. Both Sections 302 and 404, however, have raised important questions.
For instance:

How many and what type of control deficiencies can the CEO and CFO not report to external
auditors and the company's audit committee without violating the act?
What is the threshold above which the Securities and Exchange Commission, and civil courts, will
act?

There are, as well, complex technical issues connected to SOX that should be well understood to provide
a defensible legal course. For their part, certified public accounts must exercise great care in deciding on
the need to qualify statements. Lack of qualification will essentially be tantamount to agreeing with the
opinion reached by the CEO and CFO when forming the CPA's response on the issue of control
effectiveness.

There are good reasons to believe that the accuracy in reporting huge losses for 2007 by Citigroup,
Merrill Lynch, Bear Stearns, MBIA, Ambac, and many other well-known financial companies can be found
in the rigorous requirements imposed by the Sarbanes-Oxley Act. The act made it mandatory that the
CEO and CFO sign the entity's annual financial statements and assume full personal accountability for
their figures and contents.

Indeed, no better example of the Sarbanes-Oxley impact can be found than the financial reporting on the
aftereffects of the 2007 crisis in the subprime mortgage market, which created a torrent of red ink and
brought many of the world's bigger banks against the wall. This was a crisis created single-handedly by
the banking industry, rather than being due to an external event like sovereign bankruptcies in emerging
markets.

When the bubble of the subprime mortgages blew in July/August 2007, it was revealed that the chief
executives of Citigroup, Bear Stearns, Merrill Lynch, Morgan Stanley, UBS, and many others had

Assumed an excessive amount of credit risk,

Used irrelevant credit ratings for their judgments,
Overleveraged their institutions with an inordinate amount of debt, and
Employed a shamefully low level of risk management.

Through their policies with subprime, "no doc," and "Alt-As" lenders, they also practically brought to
bankruptcy millions of U.S. homeowners while also spoiling the capital of their own institutions to the tune
of billions of dollars. In the aftermath, the U.S. Supreme Court considered extending liability for corporate
fraud to any company that did business with a U.S. corporation that defrauded its investors.

Back in 2002, many persons suggested that compliance with SOX would be a costly enterprise, although
few openly expressed the opinion that business pressure would eventually be instrumental in changing
some of the Sarbanes-Oxley provisions. Yet this is exactly what happened in mid-2007, under fire from
lawmakers and business groups, who blamed the Sarbanes-Oxley Act for driving the costs of compliance
higher and pushing firms to relocate to less-regulated markets overseas.

In May 2007, the Securities and Exchange Commission announced new guidelines along with a revised
auditing standard from the Public Company Accounting Oversight Board (PCAOB). These guidelines and
standards have aimed at ending more than a year of debate over whether the law's costs outweigh its
benefits.

The PCAOB is an independent panel formed under the Sarbanes-Oxley Act. Its recent guidelines aim to
reduce auditor testing by encouraging accountants to rely on work that companies have already done.
Established in 2003 in the United States as a regulator to oversee the auditors of publicly listed
companies, the PCAOB is one of the items mandated by the Sarbanes-Oxley Act, with the authority of
revising standards that CPAs should use when auditing a company's internal controls over financial
reporting. In this capacity, PCAOB oversees the U.S. accounting profession.

One of the new PCAOB auditing standards (AS) established by SOX, specifically AS5, was aimed to
ease the burden of Sarbanes-Oxley compliance by making it less prescriptive and more scalable
according to size of the company. The SEC, which oversees the PCAOB, wants AS5 to make life easier
for the roughly 6,000 smaller companies with market capitalizations of less than $75 million, while most
large, publicly listed companies are required to comply with Sarbanes-Oxley. These large companies
have learned how to live with SOX and absorbed the law's initial implementation costs.

To maintain uniformity in the application of the law and fence off efforts to create loopholes, Christopher
Cox, SEC's chairman, has resisted demands from members of Congress to exempt small companies
from the law. Instead, he tried to reduce corporate audit fees by eliminating a requirement that
accountants assess how companies review their internal control.

While undoubtedly greater rigor on auditing does not come free of cost, it would be wrong to judge
Sarbanes-Oxley in a unilateral way. "What was going on was so twisted and so perverse that more than
five months after WorldCom went bankrupt several analysts expressed the opinion that the company
would not survive independently in the long term," said a senior executive of an investment firm. "It will
probably be spring or summer before it has its books in order."
WorldCom's huge fraud made use of the fact that there are gray areas in accounting standards on how to
capitalize expenses for the different financial outlays. Its case, however, is neither the first nor will it be
the last case of that nature. Accounting literature lists numerous events of aggressive and improper
capitalization of expenses. Among experts, the majority opinion has been that, on two counts, there was
no doubt that WorldCom broke the spirit and the letter of the law on accounting principles.

The Sarbanes-Oxley Act not only improved the reliability of financial reporting, but also made it much
harder for firms to get private securities fraud claims thrown out of the bankruptcy courts, as used to
happen routinely. External auditors are now required to provide opinions on the effectiveness of internal
control in a company's financial statement, and had better get more efficient in internal control
assessment by employing individuals with a wide range of experience, helping the client company to
identify key exposures in the armory of internal controls.

To deal with potential management malfeasance, there is no alternative to critically reviewing the control
environment, including organizational and governance issues; human resources; monitoring procedures;
and more-covering not only financial, but also operational matters such as authorization procedures and
segregation of duties, internal auditing information practices, and information technology policies able to
assist management in decision making and in internal control.