SOX Key Provisions
SOX Compliance
Software for SOX
Sarbanes Oxley Act - Summary of Key Provisions
Many thousands of companies face the task of ensuring their accounting operations are in compliance with the Sarbanes Oxley Act. Auditing departments typically first have a comprehensive external audit by a Sarbanes-Oxley compliance specialist performed to identify areas of risk. Next, specialized software is installed that provides the "electronic paper trails" necessary to ensure Sarbanes-Oxley compliance.
The summary highlights of the most important Sarbanes-Oxley sections for compliance are listed below. Note that certification and specific public actions are required by companies to remain in SOX compliance. Also see the Sarbanes-Oxley Act Table of Contents..
SOX Section 302 - Corporate Responsibility for Financial Reports
a) CEO and CFO must review all financial reports.
b) Financial report does not contain any misrepresentations.
c) Information in the financial report is "fairly presented".
d) CEO and CFO are responsible for the internal accounting controls.
e) CEO and CFO must report any deficiencies in internal accounting controls, or any fraud involving the management of the audit committee.
f) CEO and CFO must indicate any material changes in internal accounting controls.
SOX Section 401: Disclosures in Periodic Reports
All financial statements and their requirement to be accurate and presented in a manner that does not contain incorrect statements or admit to state material information. Such financial statements should also include all material off-balance sheet liabilities, obligations, and transactions.
SOX Section 404: Management Assessment of Internal Controls
All annual financial reports must include an Internal Control Report stating that management is responsible for an "adequate" internal control structure, and an assessment by management of the effectiveness of the control structure. Any shortcomings in these controls must also be reported. In addition, registered external auditors must attest to the accuracy of the company management’s assertion that internal accounting controls are in place, operational and effective.
SOX Section 409 - Real Time Issuer Disclosures
Companies are required to disclose on a almost real-time basis information concerning material changes in its financial condition or operations.
SOX Section 802 - Criminal Penalties for Altering Documents
This section specifies the penalties for knowingly altering documents in an ongoing legal investigation, audit, or bankruptcy proceeding.
SOX Section 806 - Protection for Employees of Publicly Traded Companies Who Provide Evidence of Fraud
This section deals with whistleblower protection.
SOX Section 902 - Attempts & Conspiracies to Commit Fraud Offenses
It is a crime for any person to corruptly alter, destroy, mutilate, or conceal any document with the intent to impair the object's integrity or availability for use in an official proceeding.
SOX Section 906 - Corporate Responsibility for Financial Reports
Section 906 addresses criminal penalties for certifying a misleading or fraudulent financial report. Under SOX 906, penalties can be upwards of $5 million in fines and 20 years in prison.