Sarbanes-Oxley Act of 2002 (SOX)
On July 30th, 2002, President Bush signed the Sarbanes-Oxley Act (SOX) into law. The most dramatic change to federal securities laws since the 1930s, the SOX Act radically redesigned federal regulation of public company corporate governance and reporting obligations. It also significantly tightened accountability standards for directors and officers, auditors, securities analysts and legal counsel.
Sarbanes-Oxley Act (SOX) applies to publicly held companies and their audit firms, dramatically affects the accounting profession, and impacts not only the accounting firms, but also CPAs actively working as an auditor of, or for, a publicly traded company. Provisions of SOX detail criminal and civil penalties for noncompliance, certification of internal auditing and increased financial disclosure.
Section 404 requires that all annual financial reports must include an Internal Control Report, stating that management is responsible for an "adequate" internal control structure, and an assessment by management of the effectiveness of the control structure. Any shortcomings in these controls must also be included in the IRC, and must be reported to the SEC.
Section 802, Regulation SX, Rule 2-06 mandates the retention of documents used for financial audits and reporting, and requires documentation to be centrally controlled and tested to provide management-level visibility to any document retention weaknesses.
Key Takeaways
The Sarbanes-Oxley (SOX) Act of 2002 came in response to highly publicized corporate financial scandals earlier that decade.
The act created strict new rules for accountants, auditors, and corporate officers and imposed more stringent recordkeeping requirements, mandating strict reforms to existing securities regulations and imposing tough new penalties on lawbreakers.
The act also added new criminal penalties for violating securities laws.