In: Finance
The Sarbanes-Oxley Act of 2002 is a U.S. federal legislation that seeks to ensure that companies with public shareholders accurately represent their financial state so that investors better understand risks. To achieve this, Sarbanes-Oxley (SOX) mandated greater auditor independence, increased corporate governance and documentation of corporate internal controls, and enhanced financial disclosures.
The Sarbanes-Oxley Act is a U.S. law that encourages transparency in financial reporting and corporate governance in public companies with the intention to protect investors and the public against corporate financial fraud and mismanagement. The law, also known as SOX or Sarbox, closes loopholes in accounting practices that in the past permitted misstatements of company value. The law also holds corporate management accountable; this includes CEOs, CFOs, boards of directors, and the public accounting firms that may work with and conduct audits for public companies.
To ensure higher standards of governance, companies must establish and comply with internal controls on financial reporting. These controls are intended to protect the integrity of the data that builds financial records and the integrity of the annual report.
Components of SOX
The key points of Sarbanes-Oxley are as follows, with the section number noted:
Reasons lead to passing this legislation by Congress
Multiple instances of questionable financial practices in large U.S. companies and accounting firms in the late 1990s and early 2000s precipitated the creation of Sarbanes-Oxley. In companies such as WorldCom, Tyco, and Peregrine Industries, misleading financial reports resulted in artificially-inflated stock values.
Revelations of corporate financial misconduct culminated with the bankruptcy of Enron. As one of the top-ten largest corporations in the U.S. at the time, Enron managed a diversified portfolio of oil and gas development, energy sales, and telecommunications. However, undisclosed partnerships hid failing aspects of the company — this allowed earnings to be overstated, which generated increased stock prices.
Enron employee pension funds and individual 401Ks were heavily invested in Enron stock. When the company failed, millions of investors found their stock portfolios devalued and depleted. In the case of Enron, reallocations to other stock choices were unavailable during the time when the stock was losing market value. Many individuals lost as much as ninety-four percent of the value of their retirement plan. By contrast, some C-suite employees had significant financial gains in preceding years by exercising stock options that were valued at less than the current price.
The financial controversies also raised questions about practices in large accounting firms, such as Arthur Andersen. Among other activities, some Arthur Andersen employees were accused of destroying paper and electronic documents while the SEC conducted a review of Enron.
With the 2001 bankruptcy of Enron, Senator Paul Sarbanes and Congressman Michael Oxley drafted new legislation to strengthen existing SEC legislation and to create new laws. The full formal name is Sarbanes–Oxley Act of 2002, and was known in the Senate as the Public Company Accounting Reform and Investor Protection Act, and in the House of Representatives as the Corporate and Auditing Accountability, Responsibility, and Transparency Act. SOX aimed to provide greater oversight over public accounting firms, increase executive accountability for the content and accuracy of company financial reports, and escalate penalties for not adhering to the new legislation.
When signed into law, President George W. Bush called it "The most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt. The era of low standards and false profits is over; no boardroom in America is above or beyond the law."
The Securities Exchange Commission (SEC) administers
Sarbanes-Oxley. Established in the wake of the stock crash of 1929,
the formation of the SEC followed the 1933 Securities Act, which
required that brokers provide, at a minimum, a detailed stock
prospectus to potential investors. The creation of the commission
in 1934 is considered the most important U.S. financial security
legislation of the 20th century.
Analysis on the effectiveness of the
legislation
While some commentators see SOX legislation as forward-looking and anticipatory of later financial problems in 2008-2011, others see it as precipitating the Great Recession by adding unattractive costs to doing business in the U.S. compared with other countries.
Originally, some thought that SOX would limit capitalization for new IPOs and stifle innovators, but other opinions point to evidence that the law increases investor and fund manager confidence, and that the pricing of IPOs is therefore more accurate. In addition, SEC Rule 144a now allows trading entities (stock exchanges) to trade among themselves securities considered risky for the general public. In this way, companies can avoid SEC registration and the requirements of SOX, yet still find capital.
The true costs of Sarbanes-Oxley to business may also be difficult to quantify. Smaller companies (fewer than 100 people) may be more susceptible to fraud because smaller teams can mean fewer segregations of duties. Compliance to section 404, in which the auditor attests to the effectiveness of internal controls, can be costly. However, these smaller companies were never required to complete the auditor’s report on internal controls. In addition, Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 permanently exempts companies with under $75 million in public float, or offered shares, from the auditor report.
Adhering to SOX does add expenses for legal advice, an external auditor, and directors and officers (D&O) insurance, as well as lost productivity while preparing for the many audits. Some suggest that although entities pay considerable initial setup costs, once implemented, SOX becomes more efficient and thereby less expensive to maintain. Nevertheless, a popular 2008 SEC survey showed that costs to administer SOX average $2.3 million, more than the projected annual costs of $91,000.
Sarbox was supposed to force executives to return any bonuses awarded within a year of malfeasance. However, it seems that in most cases, companies have established policies requiring individuals to return benefits before the SEC sanctions them. However, in over 10 years since enactment, Sarbanes-Oxley has been directly responsible for few corporate fraud prosecutions. Instead, SOX has effectively forced companies to layer certification. Rather than CEOs following the day-to-day work of middle-level employees, managers now certify controls and reports and pass those certifications up to the C-suite.