According to the Sarbanes-Oxley Center, “Without a doubt, the Sarbanes-Oxley Act is the single most important piece of legislation affecting corporate governance, financial disclosure and the practice of public accounting since the US securities laws of the early 1930s (Sarbanes-Oxley Center: The Act and Strategies for Compliance).
The Sarbanes-Oxley Act of 2002, otherwise known as the Public Company Accounting Reform and Investor Protection Act, was signed into law on July 30, 2002, in order to protect investors through enhanced accuracy and reliability of company disclosures of publicly traded companies. The law, which was named after its principal sponsors, Senator Paul Sarbanes and Representative Michael G. Oxley, came into being as a result of several financial scandals that involved public companies such as Enron, and WorldCom, and the accounting services firm Arthur Andersen.
The law includes provisions covering stricter guidelines for enhanced financial reporting and auditing, and also enforces harsher penalties for company officials, auditors, lawyers, and stock analysts found guilty of fraudulent activities. The Act mandated the creation of the Public Company Accounting Oversight Board (PCAOB) to supervise the professional services of auditing firms. In general, the legislation is intended to revive investor confidence in the capital markets in the United States and to prevent financial reporting scandals and other fraudulent securities transactions that have happened become over the past several years (Kaplan, C. 2002).
Events prior to enactment
Prior to the enactment of the Sarbanes-Oxley Act, there were quite a number of financial reporting scandals that occurred among public companies.
One of the most recent and most scandalous was the case of Enron Corp., an energy trading and communications company, whose officials were found to have committed fraudulent acts through falsified financial statements. Former Chairman and Chief Executive Kenneth L. Lay, who faced civil charges filed by the Securities and Exchange Commission in 2004, was said to have earned unlawful proceeds of more than $90 million in 2001. (U.S. Securities and Exchange Commission).
Lay made investors believe that the company was doing well and hid losses from one business segment through a reorganization scheme. Class action lawsuits have also been filed against the company by enraged investors who lost money believing that the positive outlook delivered by its former CEO was true. Implicated here was Enron’s former auditing firm, Arthur Andersen, for participating in the fraudulent activities and destroying documents as an investigation neared.
The scandal caused the bankruptcy of the company and losses in investment money among public investors (U.S. Securities and Exchange Commission).
Several other cases of falsified financial statements and securities fraud have occurred over the recent years, including the WorldCom accounting scandal, which led to the bankruptcy of the telecommunications company.
The cases of WorldCom and Enron are just some of the biggest reported scandals, but over the years, the U.S. stock market has been filled with numerous cases of so-called insider trading activities, all to the disadvantage of the investing public. These cases prompted the government to push for the enactment of the Sarbanes-Oxley Act to improve rules on auditing, disclosure of public documents, and other matters concerning public companies.
The Sarbanes-Oxley Act
The Sarbanes-Oxley Act, which is being enforced by the Securities and Exchange Commission (SEC), covers rules including the maintenance and disclosure of financial documents, compliance of auditing firms, roles played by the CEO and the CFO, and the conduct of analysts. Crucial to the public companies’ compliance with the legislation is the storing of records, thus, the IT departments will also be very much involved in the compliance process.
Part of the enforcement of the Sarbanes-Oxley legislation is the formation of the Public Company Accounting Oversight Board to oversee the auditing of listed companies. The board, which is supervised by the SEC, provides guidelines for audit reports and inspects compliance of accounting firms conducting the audit of the public companies.
Under the Act, audit firms – even the accounting firms outside the U.S. that are providing auditing services to listed companies in the U.S. – are required to register with the PCAOB and are expected to follow guidelines issued by the board on attestation standards, quality control and ethics standards in preparing audit reports for the public companies.
The formation of the board is intended to ensure that all the auditing companies will be subject to the jurisdiction of the law and will follow required guidelines. Legislators saw the need to supervise the actions of the auditing firms since several cases of securities fraud have required the involvement of the companies conducting the audit (AICPA, 2002).
With the enforcement of the Sarbanes-Oxley Act, auditing firms are mandated to be independent and are prohibited from providing auditing for the same company for more than five consecutive years.
This is to discourage the development of special relationships between the client and the contracting auditors, thus most possibly eliminating the occurrence of accounting fraud. The auditors are also prohibited from performing non-audit services for the public company while it is conducting the audit. Such non-audit services include: bookkeeping, financial information systems design and implementation, appraisal or valuation services, actuarial services, internal audit outsourcing, human resources management, legal and professional services, and other services deemed by the board as inappropriate.
The auditors are also required to report the accounting policies utilized in the audit, material written communication with the officials of the public company. The legislation also mandates that auditors are to keep records for a period of 5 years from the end of the fiscal year when such audit was concluded (AICPA, 2002).
The legislation is written in a way that chief executive officers and chief financial officers are held responsible for all periodic reports and disclosures made by the company. Section 302, for example, states that the CEO and CFO shall certify that all the financial statements are accurate and that the company has presented the real financial situation of the company.
The two company executives will also have to certify that the internal controls have been reviewed and signify if there are any significant changes in the internal controls. Section 302 also states that the extent of the law will not be hindered by reincorporation or relocation of the company to another country. The CEO and the CFO will be deprived of bonuses and compensation for the year during which the company needs to provide a restatement of its reports (AICPA, 2002).
The law also clearly states that it is unlawful for company officials to exercise improper influence over the auditors so as to manipulate the company reports. Company executives are also prohibited from selling or purchasing company stocks during pension fund blackout periods and are prohibited from obtaining personal loans from the company. The provisions covering the company officials are aimed at discouraging such officials from committing manipulative actions such as what had been done by several company officials in the previous years.
Purposes of the Act
One of the main purposes of the Sarbanes-Oxley Act is to ensure that the disclosures of the public companies are accurate and sufficient enough for use of public investors. One of the primary reasons for the growing distrust of public investors in the securities markets is the occurrence of such scandals as those with Enron and WorldCom. Title IV of the Sarbanes-Oxley Act aims to address this very issue.
Under the Sarbanes-Oxley law, listed companies shall present detailed financial reports, including all material correcting adjustments and all other information that may have an effect on the financial status of the company. Analysts’ state the law has induced executives to pay more attention to financial data and prompted board members and accounting firms to take their work more seriously (Johnson, 2005 p. Do1).
The legislation has strict provisions regarding internal controls within the company. Public companies will have to ensure that disclosures whether by financial reports submitted to the SEC or through press releases are accurate and reflective of the actual financial situation of the company. Section 404 requires public companies to include an “internal control report” to signify how the company is conducting internal control of non-public documents. In other words, the company is also required to assess the effectiveness of such internal controls and to report occurrence of any material weaknesses.
The company’s internal controls are required to protect all non-public information, including electronic information. Public companies are also expected to monitor the movement of non-public information over the Internet. Company disclosures should also be subject to thorough review by the SEC. The provisions encompassing internal controls are intended to prevent incidents of securities transactions using insider information.