What is Sarbanes-Oxley Act (SOX)?

2. SOX provision examples – part one

Public Company Accounting Oversight Board (PCAOB): the SOX Act establishes PCAOB, an independent board with standard setting and disciplinary authority. The Board consists of five (5) members: two (2) CPAs and three (3) non-CPAs.

Auditor Independence: the Act addresses auditor independence-related issues. It prohibits auditors of public companies from performing contemporaneously (i.e., at the same time) such non-audit services as:

  • Actuarial
  • Appraisal and valuation
  • Bookkeeping
  • Expert and legal services unrelated to the audit
  • Financial information system design and implementation
  • Human resources function
  • Internal audit outsourcing
  • Investment banking and advising by a broker/dealer
  • Management function

Registered public accounting firms are required to rotate audit lead and review partners every five (5) years, or earlier. Audit partners are also not allowed to return, after rotation, to audit services with the same client within five (5) years.  To avoid conflict of interest, the Act prohibits an audit of a company if its executive (e.g., CEO, CFO, controller, etc.) was employed by the auditing firm and participated in the audit of the firm during the one (1) year period before the start of the audit.

Corporate Responsibility: in accordance with the Act, in order to be listed on national securities exchanges (e.g., NYSE, AMEX, NASDAQ) and national securities associations, public companies are required to comply with audit committee requirements, which include the following:

  • Each member of the audit committee of the public company must be independent.
  • The audit committee must be directly responsible for the appointment, compensation, retention, and oversight of the public accounting firm performing the audit. The auditors must directly report to the audit committee.
  • The audit committee must establish procedures for receiving and processing complaints regarding auditing matters, including accounting and internal controls.
  • The audit committee must have the authority to engage independent counsel.
  • The public company must fund the audit committee.

If a public company doesn’t have an audit committee, the board of directors can perform the function of an audit committee, provided the board meets all the requirements. Also, the Act has some exemptions from the audit committee requirement: parent-subsidiary, multiple listing, IPO, and foreign private issuer (e.g., foreign government, board of auditors, shareholder representative, and non-management employee).

The Act prohibits directors and officers and any person acting under the direction of an officer or director to influence the auditor though coercion, manipulation, misleading actions, or fraud - if that person knew or should have known that such actions could make the financial statements materially misleading. An individual can be considered a director or officer regardless of his or her title: it depends on the function of the individual in the organization.

Not a member?
See why people join our
online accounting course: