Sarbanes-Oxley compliance is required by the Public Company Accounting Reform and Investor Protection Act of 2002 to prevent corporate fraud. It involves documenting internal controls, codes of ethics, and audit committee reports. Compliance requires attention to various clauses and legal changes, with penalties for fraud and whistleblower protection. Large financial institutions spend less than small businesses, and all companies are required to comply.
Sarbanes-Oxley compliance refers to compliance with the Public Company Accounting Reform and Investor Protection Act of 2002, also known as Sarbanes-Oxley. Sponsored by Senator Paul Sarbanes of Maryland and Representative Michael Oxley of Ohio, the law was a response to a spate of corporate fraud scandals, such as the Enron case. Compliance requires financial institutions to carefully document and disclose their internal controls, codes of ethics to which employees are subject, and audit committee reports.
The law is quite complicated and attempts to prevent corporate fraud. To that end, Sarbanes-Oxley compliance requires attention to many different clauses. For example, Section 402(a) limits the terms under which companies may make loans or extend credit to their executives, and Section 404 mandates the compilation of self-assessment reports, which address the effectiveness of the internal controls used by the company.
Sarbanes-Oxley compliance also requires law officers to adhere to legal changes made by law. For example, Title VIII, the Corporate and Criminal Fraud Accountability Act of 2002, makes fraud a riskier business and expands the government’s ability to prosecute fraud cases. The law makes it illegal to forge or destroy documents, requires auditors to keep records for at least five years after an audit, extends statute of limitations for prosecuting fraud, and contains a “whistleblower protection” provision for employees. who comply with the law against the will of their company. Similarly, Title IX increases penalties for fraud and gives the Securities and Exchange Commission more authority when dealing with fraud cases.
Sarbanes-Oxley compliance studies have shown that, proportionally, large financial institutions spend significantly less to achieve compliance than small businesses. In fact, complying with the law is often so expensive that many small public companies have gone private to avoid the expense. Originally, only companies with a market capitalization of US$75 million (USD) or more were required to comply with internal control ratios, but after several years all companies of all sizes were required to comply.
Protect your devices with Threat Protection by NordVPN
