The Sarbanes-Oxley Act (the Act) which became law in the USA in July 2002 was a response to recent corporate scandals and stock market uncertainty. It has made extensive changes to the law applicable to public companies, including those incorporated outside the USA. The Act sets out to increase the reliability and accuracy of corporate reporting, accounting and audit practices and to ensure the independence of securities analysts' advice. The Act has important consequences for UK companies with a US listing and for accounting firms that play a significant role in the audit of a company that reports to the Securities and Exchange Commission (SEC).
Corporate Governance
- Revised Audit Committee Standards
A company's audit committee will have responsibility for the appointment, compensation and oversight of the work of the company's auditors and the auditors will report directly to the committee. The committee will be composed entirely of independent board members who should maintain their independence by not accepting any consulting, advisory or other compensatory fee (except directors' fees) and not being an affiliated person of the company or any of its subsidiaries. The audit committee is also charged with setting up procedures to deal with any complaints received concerning audit or accounts issues. The company must disclose in filings with the SEC whether the committee contains at least one "financial expert", i.e. someone with an understanding of GAAP and financial statements and experience in their preparation, as well as internal control experience and a good understanding of the role and purpose of the audit committee.
- Ban on loans to Directors and Officers and other executive rules
Personal loans may not be made to directors or other officers of the company on terms more favourable than those available to the general public.
If material non-compliance with the requirements of the Act leads to the need to restate the financial reports of the company, the CEO and CFO must return any bonus, incentive-based or equity-based compensation received during the previous year and any profits earned on the sale of company securities in that period.
The Act also requires all SEC reporting companies, including non-US companies, to disclose to the SEC a code of ethics for the senior "financial" officers of the company. In the absence of such a code, the company must explain its reasons for not having one.
The Act gives the SEC the power to ban, either temporarily or permanently, individuals from acting as officers of an SEC reporting company if they have breached rules prohibiting fraudulent securities transactions.
Accounting and Auditor Regulation
- Public Company Accounting Oversight Board (Oversight Board)
Under the Act, a new body, the Oversight Board is required to oversee the accounting industry. Accounting firms that audit SEC companies, including non-US firms, must register with the Board and will be inspected by it to ensure compliance with the Act. The Oversight Board may also investigate firms, conduct disciplinary hearings and enforce compliance with the Act.
Enhanced disclosure requirements
- CEOs and CFOs must certify that annual and quarterly reports filed with the SEC fully comply with the Act. Section 906 of the Act provides that CEOs and CFOs must certify that the report provides a fair picture of the financial condition of the company in all material respects. Under section 302 the officer of the company who certifies the report must confirm that he has reviewed the report and that, as far as he is aware, the report contains no untrue statements nor does it omit any material facts.
- The signing officers must also certify that they have informed the company's auditors and internal audit committee of any significant deficiencies in the internal controls of the company and any fraud involving any person involved in such internal controls. Breach of any certification requirements may result in both civil and criminal penalties (please refer to the Penalties and Enforcement section here).
Penalties and Enforcement
- If the CEO or CFO certifies a report of the company knowing that the report breaches the requirements of the Act, he may face one or both of being fined up to US$1 million or imprisoned for up to 10 years. Where the certification is classed as "wilful" the fine may be increased to US$5 million and the prison sentence to 20 years.
In addition, if any person interferes with bankruptcy proceedings or proceedings involving federal agencies, by corruptly destroying, mutilating or concealing a document or object with the intent of impairing the document's integrity or availability that person may be fined or imprisoned for up to 20 years or both.
- Increased statute of limitations
The Act extends the US statute of limitations for civil securities law violations to five years from when the offence was committed (two years previously) or two years from when it was discovered (one year previously).
- New obligations for lawyers
The Act provides that the SEC must set down minimum standards of professional conduct for legal advisers to SEC companies. In particular, a lawyer must report evidence of a material violation of securities law or breach of fiduciary duty to the company's CEO or chief legal officer and, if no action is taken, to the board of directors, the copany's audit committee or some other committee of non-executive directors.