Sarbanes-Oxley act

Sarbanes-Oxley (SOX) became a law in July 2002. The law, enacted largely in response to the Enron and WorldCom scandals, has been described as the most sweeping and significant change in securities law since 1930s. Sarbanes-Oxley is a wide ranging, complex statues that amended the US securities law in significant ways. It established new law, made changes to existing laws, and affected the Securities and Exchange Commission rule making and stock market listing standard. Although SOX applies only to companies whose stock is traded on public exchanges, it has highlighted the need to assess the financial controls and reporting of all companies. The SOX purpose is to restore public confidence and trust in the financial statements of companies. Thus, SOX emphasizes the importance of effective internal control; it requires companies to maintain strong and effective internal controls over the recording of transactions and the preparing of financial statements.

The accounting profession was largely self-regulating prior to the adoption of SOX. This era ended when the SOX was enacted in July 2002. The first of these reforms is the creation of the PCAOB (Public Company Accounting Oversight Board). The PCAOB is a new federal oversight board that is charged with: (1) registering and disciplining accounting firms that prepare audit reports on public companies; (2) establishing audit and accounting standards; and (3) conducting inspections and investigations of registered accounting firms that audit public companies. Also, the lack of auditor independence is viewed as significant contributor to major corporate scandals. Thus, SOX clearly focuses on the issue about constraining potential auditor conflicts through measures intended to enhance auditor independence. This is accomplished by forbidding auditors of public firms from providing to their audit clients most non-audit consulting services. Accounting firms are permitted to provide tax services to audit clients; however, the audit committee of the company must approve the services in advance. This approval requirement is an important example of the increased importance, influence, and potential for liability that the audit committee has received because of SOX. Furthermore, SOX mandates the rotation of audit partners in charge of audit clients. Lead audit partners and audit partners who are responsible for review of the audit must be rotated off after five years. In addition, these partners are subject to a five-year time-out period. Other audit partners, not including lead or concurring partners, are subject to a seven-year rotation and a two-year time-out period. The SOX act also requires CEO's and CFO's to certify that the company's SEC filings are accurate. CEO's and CFO's must sign two separate certifications in their companies' periodic reports to the SEC.

Primary concerns and criticism about the SOX act are increased regulation, professional conflicts, increased compliance costs, corporate federalism, and lack of clarity. Some people argue that the new regulations are too strict or misdirected, and others propose amending the law for greater clarification of information and ease of the public obtaining such information. It is understood that the new regulations have resulted in increased expense, time, and liability of auditing companies. It is further believed that the loss of consulting fees will be offset by the increase in auditing fees. Also, another overriding concern identified is that of the loss of corporate autonomy and the rise of "federalization" of corporate law. With the enactment of Sarbanes-Oxley, the Federal government has stepped into many areas that were previously controlled in-house or traditionally regulated by state legislatures and state courts. The loss of corporate autonomy is perceived through limitations placed on officer and director appointments; requirements for proper corporate governance, including of codes of conduct for senior financial officers; board member qualifications; restrictions on executive compensation and loans and restrictions on audit and consulting services.

Besides complaint on SOX, there are also recommendations to improve the SOX act, especially section 404 (about financial risk assessment). Some of these recommendations are: (1) regulation should allow for different size companies to phase in their implementation of 404; (2) The financial statement audit and all internal control procedures should be integrated so that only one audit is performed with one audit opinion issued and one engagement letter agreed upon; (3) The PCAOB rule making process should be more transparent in a manner similar to the FASB's process; (4) Only significant financial statement assertions should receive a full annual review.