Sarbanes-Oxley Act has been implemented since 2002. It main purpose was to regain the confidence in the capital market by forcing mandatory standards and rules for companies. This paper studies the reasons for the
Sarbanes-Oxley Act and the positive and negative impact that Sarbanes-Oxley Act has placed on companies.
Reason for SOX
The reason for the Sarbanes-Oxley Act of 2002 came about because of Kenneth L. Lay, CEO of Enron Corp. Enron began in 1986 but originally was Houston Natural Gas a gas pipeline operator in 2001 Enron was the number one energy trader in the world. Enron direct competition was Duke Energy, El Paso, and Williams Companies to name a few. However, in 2002, Enron filed for bankruptcy and Lay was involved in one of the biggest accounting fraud crimes. Lay hide sales of the company’s shares and said that he was buying more shares (Henry, 2006). No one ever questioned Lays acts and never questioned or investigated the trading rules for someone trading within an organization. In that time, executives did not have to report their transactions with their companies the end of a company’s fiscal year and after 45 days and some times it they could take up to 12 months (2006). “Congress clamped down and directed the Securities & Exchange Commission to require reporting of transactions within two business days, effective Aug. 29, 2002. At the time, recalls then-SEC Chairman Harvey L. Pitt, regulators didn’t even know companies were backdating options grants” (Henry, 2006, pg.38).
As result of Enron’s scandal and public bankruptcy of such a well recognized corporation. Congress passed the Sarbanes-Oxley Act of 2002 known as the Sarbanes-Oxley Corporate Accountability Bill. The Sarbanes-Oxley Act requires for all public companies that have business in the United States must have an accounting framework (Nelson & Staley, 2006).
Sarbanes-Oxley Act of 2002, made it mandatory for all public companies to contain internal financial auditing controls and to present the results in annual assessment their internal financial auditing control efficiency. This must be reported to the Securities and Exchange Commission (SEC) in an annual basis. Also, the Sarbanes-Oxley Act of 2002 required for all public companies to have an external auditor and the external auditor would have audit and test on the company’s internal control reports of management and the company’s financial statement (Baker, Bealing Jr, Nelson & Staley, 2006).
Sarbanes-Oxley Act of 2002
The following provides an overview of the Sarbanes-Oxley Act in which public company are required to comply.
Title I of the Act – established the Public Company Accounting Oversight Board (PCAOB). Title I which was given broad oversight over public accounting firms who perform audits of publicly traded companies. According the Public Company Accounting Oversight Board states, section 103(a)(1) of the Sarbanes-Oxley Act of 2002 that Board establishment and their responsibilities and to establish auditing standards and rules. In addition, this Board defines the ethics standards for the audit reports that registered accounting firms must prepare and submit (Baker, Bealing Jr, Nelson & Staley, 2006).
Title II of the Act – established the Auditor Independence which pro services. The Securities and Exchange Commission adopted amendments to its existing requirements regarding auditor independence to enhance the independence of accountants that audit and review financial statements and prepare attestation reports filed with the Commission.
In addition, these rules and standards affect the foreign accounting firms that perform audits of foreign subsidiaries and affiliates of U.S. issuers, as well as of foreign private issuers. According to Baker, Bealing Jr, Nelson, & Staley:
Many of the modifications to the proposed rules, such as those limiting the scope of partner rotation and personnel subject to the “cooling off period,” have the added benefit of addressing particular concerns raised about the international implications of these requirements. Moreover, additional time is being afforded to foreign accounting firms with respect to compliance with rotation requirements. The release also provides guidance on the provision of non-audit services by foreign accounting firms, including the treatment of legal services and tax services (2006, p.5)
Title III of the Act – established the Corporate Responsibility which imposed public company audit committees. It defined the corporate responsibility for financial reports. It defined the improper influence on conduct of audits. It clearly points the penalty of certain bonuses and profits. In addition, section 302 is one the most important sections of the SOX Act. Established the Corporate Responsibility for Financial Reports it demands for CEO and CFO to review all financial reports. The financial reports must not have any fabrication or faulty information. It also directs the responsibilities to the companies CEO and CFO for the internal accounting controls. The CEO and CFO have the obligation to report any leakage in internal accounting controls. In addition, CEO and CFO must report any management of the audit committee for fraud actions or participation. They must point out any internal accounting controls information modification.
Title IV of the Act – Established Enhanced Financial Disclosure. Section 401 Disclosures in periodic reports conflict of interest provisions. Section 402 Enhanced conflict of interest provisions. Section 403 Disclosures of transactions involving management and principal stockholders. Section 404 is another most important section of the SOX Act of Title IV. Section 404 established Management Assessment of Internal Controls this demands for management that all annual financial repots must have an Internal Control Report stating that management is responsible for an “adequate” internal control structure. Any shortcomings in these controls must also be reported. In addition, registered external auditors must attest to the accuracy of the company management’s assertion that internal accounting controls are in place, operational, and effective. Sarbanes-Oxley Section 404 (SOX 404) requires a security management process to protect against attempted or successful unauthorized access and use with system operations. Sarbanes-Oxley Section 404 also involves security management for disclosure, modification, or interference with system operations. Section 405 is defines the exemption to the TITLE IV. Section 406 is the Code of ethics for senior financial officers. Section 407 is the disclosure of audit committee financial experts. Section 408 is the enhanced review of periodic disclosures by issuers. Section 409 Real time Disclosures states that must disclose information on material changes in the financial conditions or operations of the issuer on a rapid and current basis. Section 409 is another most important section of the SOX Act of Title IV. However, section 409 is the only section that is not currently in effective. This section is Real Time Issuer Disclosures meaning companies are required to disclose on almost real-time basis information concerning material changes in its financial conditions or operations.
Title V of the Act – established the Analyst Conflicts of Interest. Section 501 the treatment of securities analysis by registered securities associations. The national securities exchanges and registered securities associations must adopt conflict of interest rules for research analysis who recommend equities in research reports.
Title VI of the Act – established the Commission Resources and Authority. Section 601 is the Authorization of appropriations. Section 602 is appearance and practice before the commission. Section 603 is Federal court authority to impose penny stock bars. Section 604 Qualifications of associated persons of brokers and dealers.
Title VII of the Act – established the Studies and Reports. In section 701 is GAO study and report regarding consolidation of public accounting firms. Section 702 is commission study and report regarding credit rating agencies. Section 703 is the Study and report on violators and violations. Section 704 is the study of enforcement actions. Section 705 is the study of investment banks.
Title VIII of the Act — Corporate and Criminal Fraud accountability. In section 802 are criminal penalties for altering documents. Section 803 Debts non-dischargeable if incurred in violation of securities fraud laws. Section 804 is Statute of limitations for securities fraud. Section 805 is review of Federal Sentencing Guidelines for obstruction of justice and extensive criminal fraud. Section 806 is Protection for employees of publicly traded companies who provide evidence of fraud. Section 807 defines the criminal penalties for defrauding shareholders of publicly traded companies.
Title IX –White-Collar Crime Penalty enhancements. Section 902 is the attempts and conspiracies to commit criminal fraud offenses this section is another of the most important section of the SOX Act. It states that any person who attempts or conspires to commit any offense under this chapter shall be subject to the same penalties as those prescribed for the offense, the commission of which was the object of the attempt or conspiracy. Section 903 states criminal penalties for mail and wire fraud. Section 904 is criminal penalties for violations of the Employee Retirement Income Security Act of 1974. Section 905 is the amendment to sentencing guidelines relation to certain white-collar offenses. Section 906 states it is corporate responsibility for financial reports.
Title X of the Act – established the corporate tax returns. Section 1001 Sense for the Senate regarding the signing of corporate tax returns by chief executive officers.
Title XI of the Act – established the corporate fraud and accountability. Section 1102 is the tampering with a record or otherwise impeding an official proceeding. Section 1103 is temporary freeze authority for the SEC. Section 1104 is the amendment to the Federal Sentencing Guidelines. Section 1105 Authority of the Commission to prohibit persons from serving as officers or directors. Section 1106 is increased criminal penalties under the Securities Exchange Act of 1934. Section 1107 protects whistler blowers section 1107 is the retaliation against informants.
The Impact of Sarbanes-Oxley Act
The Sarbanes-Oxley Act has applied positive effect to companies. The public companies are forced to compliance with the Act and ensure that their accounting operations are up to standards with SOA. However, private or non profit organizations are being exempt from this Act. “Still, many such entities are finding that certain aspects of the act can benefit their overall operations and are cherry-picking those parts that will do them the most good” (Savich, 2006, pg. 71). In addition, many private organizations are taking advantage of only select the sections of the Act that beneficial. Why would these private organization voluntary adopt SOA knowing how public companies struggle to comply with the SOA standards? One reason why private organization would want to comply with SOA standards is if the private organization is planning to merge with a public organization. Then they have advantage of preparing for the cost and sufficient time to prepare to meet those required for Sarbanes-Oxley Act. A second reason for an private organization to voluntary adopt SOA would be if the private company knows that is going to become public then they adopt the Sarbanes-Oxley Act since they know it will be mandatory (Savich, 2006). Another reason would be if a private company is forecasting a IPO within next years it would be benefit for them to start compliance with the Sarbanes-Oxley guidelines earlier than later to avoid any delay and expect cost (Savich, 2006).
Even non-profit organizations are volunteering to comply with Sarbanes-Oxley provisions. “In California, for example, the Nonprofit Integrity Act of 2004 requires charitable organizations with over 2 million in gross revenues to have an audit committee, which also approves non-audit services, and audited financial statements” ( Savich, 2006 ). Private organizations are in position that they adopt the sections that they want with advantage of not having to spend excessive amounts of money to set up for an auditor’s assessments of internal controls. Instead, their company can intake the benefits of the Sarbanes-Oxley Act without incurring significant costs (Bednarz, 2006).
Congress intended for the Sarbanes-Oxley Act to apply only public companies. But a national study by Foley & Lardner LLP, showed that Sarbanes-Oxley Act took another path. It has been revealed that these private and nonprofit organization continue to adopt provisions of the act as best practices with out have obligation. The study concluded nonprofit organization was more impulsive to adopt the Sarbanes-Oxley standards, while private companies have been steadily adopting Sarbanes-Oxley standards but not as much as nonprofit organization. In addition Nonprofits organization are more likely to implement or plan to implement whistle-blower procedures, board approval of non-audit services by auditors and restrictions on executive compensation, among other changes. According to study findings of
Foley & Lardner LLP:
• Private companies tend to adopt the least expensive reforms, as opposed to more costly initiatives such as section 404 audits of internal controls.
• Some 84% of private organizations responding to the survey believed corporate governance reform was “about right,” an increase over the 78% who had responded that way in 2005.
• Survey respondents estimated an average annual price tag of $105,000 for corporate governance procedures, a 26% increase over their estimated costs before Congress Foley & Lardner surveyed 56 private entities in January 2006-20 nonprofit organizations and 36 for-profit private companies enacted Sarbanes-Oxley (Savich, 2006)
In another study named Voluntary Compliance survey conducted by CEO’s of “fast-growing” private companies.
• 27% said their companies had adopted Sarbanes-Oxley best practices in areas such as governance and transparency.
• 73% opposed any future federal or state regulations that would impose Sarbanes-Oxley provisions or entities other than public companies.
• 67% of those considering going public said the cost of Sarbanes-Oxley compliance was a potential barrier (Savieh, 2006)
Many public companies are struggling to comply with the Sarbanes-Oxley because of the high costs and implementations complexity. Even larger companies like: General Electric, Lockheed, and Emerson Electronic are struggling to meet the Act standards. In meeting held in Washington, D.C. the Executives of these corporations emphasis the challenges they face to comply with Sarbanes-Oxley Act. (Bednarz, 2006) Executives stated, that cost for comply with Sarbanes-Oxley does compensate for benefits of having Sarbanes-Oxley. The cost for implementing software that complies with Sarbanes-Oxley Act is very expensive. This is affecting smaller public companies that do not have the funds to implement these softwares. According to Robilliard, “In the recent study of IT managers in the US, the Aberdeen Group found that most companies plan to leverage their existing software tools to fill any gaps to comply with the Act,” (Ismail, 2005, p 4).
Critics of regulation argue that the Sarbanes-Oxley Act has raised the cost of being a public company so much that it is unreasonable to impose this burden on smaller public companies. The critics’ main concern is Section 404, which deals with internal control audits. These critics assert that the high cost of being a smaller public company will stifle economic growth and ultimately hurt U.S. competitiveness (Hermanson, 2006).
According to Hermanson,
For honest corporate officers, this is classic governmental over-regulation-a dagger aimed at the heart of the U.S. economy. . . . The most dangerous aspect of this regulatory overkill is a further inclination by corporations to hold onto money rather than put it into productive investment, thereby threatening to stifle economic growth. Even the SEC’s advisory committee concluded, after hearing testimony from various parties, that Section 404 is a burden for smaller public companies. In an August 18, 2005, letter to SEC Chairman Cox, The committee stated, “The costs of implementing Section 404 have been far more expensive than originally forecasted and these costs are disproportionately larger for smaller companies. (200
According CPA Journal survey by Financial Executives International reported that small companies are projected to spend $824,000 in order to comply with Sarbanes-Oxley Act. In addition, the average cost for all companies is $4.3 million estimates. However, public companies are estimated to spend $6.1 billion in order to implement Sarbanes-Oxley Act (Koehn & DelVecchio).
The Sarbanes-Oxley Act and the Security Exchange Committee rules can impact internal auditors in numerous ways. One way is internal auditors probably will be asked to expand their internal control evaluation and testing work in order to provide assurance to upper management when they attest to the relative strength of their internal control system (Aldhizer III, Cashell & Savlyor, 2003). Pricewaterhouse Coopers in a discussion document stated, that good internal controls are no longer just a best practice, but are now reinforced in the Sarbanes-Oxley Act as a critical component of good corporate governance (Aldhizer III, Cashell & Savlyor, 2003).
Upper management and the audit committee are depending on internal auditors to help them comprehend difficult financial reporting issues and their impact on the quarterly and annual report (Aldhizer III, Cashell & Savlyor, 2003).
If the Sarbanes-Oxley Act increase internal auditors’ responsibilities companies take the risk of this having an impact on the current level of services provided by internal auditors. Many organizations may be unwilling to increase internal audit resources to the level required to completely fulfill both existing and new responsibilities. If this occurs, internal audit departments will have to decide either which services to cut or how to continue providing the same level of service with fewer resources (Aldhizer III, Cashell & Savlyor, 2003).
Audit fees are arise because of the need to present more in depth audit work in order to gain the necessary information and the loss of income from higher-margin consulting work are affect the higher costs. Eventually, it will affect the relatively few companies that were involved in the accounting frauds, but all companies and consumers (Gifford & Howe, 2004). According to a recent Financial Executives International (FEI) survey conducted, it reported that the first-year compliance costs ranging from $2 million to $5 million. (Gifford & Howe, 2004) consulting firm The Johnsson Group has estimated total 2004 costs to run upwards of $15 billion, with many large companies seeing thousands of hours diverted from staff support and research activities to compliance work. Many of the smaller companies are affected by this because they do not have money to obtain staff support and necessary requirements.
Another provision that may notably increase audit fees relies in the Sarbanes-Oxley Act’s to far-reach authority. The act affects any firm that audits a publicly traded U.S. company (Gifford & Howe, 2004)). For example, any foreign subsidiaries or affiliates of public accounting firms may conclude that they do not want be involved with a client’s operations in its native country because of U.S. regulations. Therefore, U.S. firms would have to conduct the audit for client’s foreign subsidiaries, at the client’s expense. This sufficiently require more time and cost. “In addition, the move by U.S. regulators to review the work of foreign accounting firms could prompt retaliation by other countries in the form of reviewing the work of U.S. firms that audit U.S. subsidiaries of foreign multinationals” (Gifford & Howe, 2004, p. 7)
Another reason for fees to arise can the fact that auditor have the obligation to include in the audit report the effectiveness of internal controls over financial reporting and management’s assessment of it (Gifford & Howe, 2004). Although Sarbanes-Oxley Act is not intended for increase of charge fees be based on the auditor’s evaluation be the basis given the increased political costs and potential legal liability associated with such an assertion, audit firms and management will probably need to spend significantly more time evaluating controls, particularly for engagements or audit areas with low reliance on controls (Gifford & Howe, 2004). The expectation that audit firms would accept additional risk without doing additional work, and that they would perform the additional work without increased compensation.
The Sarbanes-Oxley act has provided negative and positive impacts to companies regardless of the size of the company. However, small companies are definitely being more deeply affected by the Sarbanes-Oxley Act in their pockets. The positive impact of compiling with Sarbanes-Oxley Act has provided standards and rules for organization that needed them. Even though Sarbanes-Oxley Act is not mandatory for private and non-profit organizations many are adopt Sarbanes-Oxley Act because of its positive benefits to the organization.
Aldhizer, G.R., III, Cashell, J.D., & Saylor, J. D. (2003) Ten months later: Internal audit directors assess the impact of the Sarbanes-Oxley Act. Internal Auditing, 18(3), 3.
Baker, R. L., Bealing, W. E., Jr., Nelson, D. A., & Staley, B. A. (2006). An institutional perspective of the Sarbanes-Oxley Act. Emerald. Retrieved from May 15, 2006, from http://www.emeraldinsight.com/0268-6902.htm
Bednarz, Ann. (2006, May 15). Sarbanes-Oxley: Too much for too little?
Network World, 23(19) 1-2.
Gifford, R. H., & Howe, H. (2004). Regulation and unintended sequences: Thoughts on Sarbanes-Oxley. The CPA Journal, 74(6), 6-10.
Hermanson, D. R. (2006). What to do about smaller public companies’ internal controls? Internal Auditing, 21(1), 41-43.
Henry, D. (2006, June 12). A SarbOx Surprise. Business Week. Retrieved May 22, 2006, from http://0-proquest.umi.com.novacat.nova.edu/pqdweb?did=1051235551&sid=1&Fmt=3&clientId=17038&RQT=309&VName=PQD
Ismail, I. (2005, April 7). Raising awareness of Sarbanes-Oxley Act. New Straits Times, pp.04.
Koehn, J. L., & DelVecchio, S. C. (2006). Revisiting the ripple effects of the Sarbanes-Oxley Act. The CPA Journal,76(5),3.
Savich, R. S. (2006). Cherry-Picking Sarbanes-Oxley. Journal of Accountancy, 201(6), 71-74).