In 2002, the United States Congress passed the Sarbanes-Oxley Act, or SOX.
It was introduced to protect shareholders and the general public from accounting errors and fraudulent practices.
Although compliance with the measures introduced by SOX may pose challenges to companies, the security, accountability, and rigour it demanded promised to protect employers, employees, and the general public from the dangers of misconduct.
Why was SOX introduced?
The act was introduced following a series of high-profile financial scandals in 2002, notably those involving Enron, WorldCom, and Tyco.
The damage experienced by the firms involved, from both a reputational and profitability standpoint, was significant. Furthermore, investor confidence was shaken by these high profile cases of fraud.
The trustworthiness of corporate financial statements and institutions was brought into question. Existing regulatory standards were no longer deemed sufficient to protect investors, professionals and the general public. Congressional hearings helped identify the structural and cultural causes of the issues that had been exposed in the financial industry, including: inadequate corporate governance practices; limited disclosure obligations; and lack of protections for whistleblowers. An overhaul was needed.
Congressmen Paul Sarbanes and Michael Oxley drafted SOX with the goal of improving corporate governance and accountability.
The act was designed to:
- Combat fraud
- Improve the reliability of financial reporting
- Restore investor confidence
What does SOX mandate?
The Sarbanes-Oxley Act of 2002 requires all publicly traded companies to report their internal accounting controls to the Securities and Exchange Commission (SEC).
CEOs and CFOs of each company must personally attest to the accuracy of their financial statements and confirm they have been completed to the standard outlined by the act. Senior executives are held accountable. Failure to comply with Sarbanes-Oxley is punishable by both personal fines and/or jail time.
SOX compliance also demands that IT departments establish and maintain an archive of corporate records.
Three rules of SOX affect the management of electronic records.
- First rule: concerns the destruction, alteration, or falsification of records and the resulting penalties.
- Second rule: strictly defines the retention period for storing records.
- Third rule: outlines the type of business records that need to be stored.1
To incentivise individuals to report conduct which contravenes the standards set by SOX, the act also enhanced protections for those who speak up against illegal activities. Sarbanes Oxley sought to cultivate a culture of transparency and accountability, encouraging whistleblowers to come forward, and offering assurances to their security and professional position.
SOX mandates that listed companies must have stringent whistle-blowing policies in place. Employers must provide anonymous avenues for employees to report suspected misconduct. Furthermore, employers cannot retaliate against or vilify employees who disclose information which is in the interest of the public, or assists a legal investigation.
The act promises accountability in the right places. SOX protects whistleblowers from retaliation and affords the U.S Department of Justice the authority to charge employers who seek to punish their employees for reporting illegal activity.
The Successes of SOX
Establishing an ethical culture
The measures implemented by Sarbanes-Oxley have successfully helped to cultivate a more ethical culture within the financial markets.
The introduction of SOX led to increased public and investor confidence in the integrity and reliability of companies and their financial statements. The fallout of the high profile scandals that inspired the act, and the legislative accountability introduced by SOX, sparked a corporate responsibility movement.
The comprehensiveness of SOX, and the rigour it demands at all stages of financial reporting and auditing, has led to a noticeable impact on conduct and culture in finance.
An ethical culture attracts the most qualified employees who are committed to maintaining and complying with the established values of a company. Retaining such valuable employees becomes easier when a firm is demonstrably committed to ethical practices. The reputation of a firm, which is accentuated by having the best personnel, also resonates with their consumer base. An ethical culture can have material effects, with more customers wishing to patronize a company with a strong social, corporate and ethical position in the market.
Ensuring employees can confidentially report any conduct which contravenes the measures mandated by SOX, through a compliant whistleblowing service, is a significant contributing factor to the maintenance of an ethical culture.
If their employees know they are able to detect, report and prevent malpractice without fear of reprieve, they will be more inclined to do so. This is even more effective if education and training is provided to employees – raising awareness of the specific whistleblowing policy and process their firm has in place.
The assurances and protections introduced by SOX have been undoubtedly successful in this regard.
An ethical culture is ineffective if unethical or illegal behaviours are not met with appropriate measures.
The increased accountability of senior executives for the financial behaviours and conduct of their firms introduced by SOX has been a successful measure in deterring corruption or lax processes.
Sarbanes-Oxley holds CEOs and CFOs responsible for the financial statements and related controls of their firms. This accountability at the highest level encourages a top-down demand for compliance and rigour. Knowing they may personally face financial penalties or criminal sentencing incentivises the most senior professionals to ensure that their firm is not engaging in fraudulent accounting practices or misconduct.
Empowering employees by ensuring they have access to an anonymous whistleblowing hotline to report fraudulent practices is a necessity for the wellbeing of a company as a whole, but also for protecting those accountable for financial statements.
This has lead to more accurate financial reporting, which has in turn improved investor confidence, and increased levels of trust from the general public.
Improved integrity and auditor engagement
The requirements introduced by SOX with regards to internal auditing were instrumental in the restoration of investor confidence.
Under SOX, no person in the company may improperly influence auditors in connection with their financial statements
In a "Main Street Investor Survey" from the Center for Audit Quality, it was found that from 2011 to 2019:
- Confidence in independent auditors who audit public companies rose from 67% to 83%.
- Confidence in independent audit committees of publicly traded companies rose from 63% to 81%.
- Confidence in government regulators and oversight rose from 39% to 63%.
- Investors named independent auditors as the most effective entity in their investor protection roles, with 83% of investors expressing confidence.
SOX has increased professionalism and engagement on the part of corporate audit committees.
Sox has its critics; for example, its efficacy was brought into question in the wake of the 2008 financial crisis. However, it has many vocal supporters within its enforcing bodies who attest to its success:
"Sarbanes-Oxley is, by far, one of the most important pieces of legislation that has ever happened in the financial securities arena" - Mary Jo White, former chair of the U.S. Securities and Exchange Commission (SEC)
"We're in much better shape today than we were prior to Sarbanes-Oxley. The markets were in turmoil, corporations were in disrepute. There was a real fear that the lack of trust in the markets could create long-term problems." - Harvey Goldschmid, former SEC commissioner
"Sarbanes-Oxley helped restore trust in U.S. markets by increasing accountability, speeding up reporting, and making audits more independent." - Christopher Cox, former SEC chairman
So, let's return to our opening question: has SOX been successful?
In short, yes.
Although the strength of its enforcement has occasionally been brought into question, the far reaching cultural impact its implementation had, and the restoration of investor confidence it encouraged, demonstrate its value to the financial market.
Compliance with SOX requires extra effort from companies, but the rigour and processes it mandates improve the accuracy and integrity of financial statements.
Sarbanes-Oxley ensures accountability at the highest level and offers security to anyone seeking to prevent or stop malpractice.
Its contribution not only to corporate governance, but to the protection of whistleblowers - ensuring public companies have effective and anonymous employee whistleblowing services – has been undeniable.
To find out how you can get compliant with SOX, visit our page for more information.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.