Senator Paul Sarbanes and Representative Michael Oxley drafted the Sarbanes-Oxley Act or “SOX” in 2002 in order to curb the incidence of corporate fraud. The “Act” was signed into law on July 30th 2002 by President George W. Bush with the express purpose of restoring public confidence in the financial markets; and after enacting “the Act”, neither Sarbanes or Oxley would run for re-election in the 2006 elections (Jahmani & Dowling, 2008).
The intent of the SOX Act was to protect investors, and any other stakeholders in a company, by improving the validity and reliability of corporate disclosures, such as financial statements and earnings reports, pursuant to existing securities laws and regulations governing publically traded companies (Kessel, 2011). The SOX Act holds corporate Chief Executive Officer’s (CEO’s) and Chief Financial Officers (CFO’s) responsible for any information released to the public concerning their company that illustrates or impacts the company’s financial position.
SOX set new standards for public accounting firms, corporate management, and corporate boards of directors (Orin, 2008). It created new standards of accountability for corporations as well as penalties if those standards are not adhered too. The Act requires all financial reports to include an internal control report. This is designed to show that, not only are the company’s financial reports accurate, but the company has confidence in them because adequate controls are in place to safeguard the data (Jahmani et al. , 2008).
Year-end financial reports must contain an assessment of the effectiveness of the internal controls. An outside auditing firm is required to attest to that assessment. The auditing firm does this by reviewing controls, policies, and procedures during a Section 4040 audit, conducted along with a traditional financial audit (Orin, 2008). The act was in direct response to the public outrage over a series of financial scandals that lead to the collapse of large firms, as best exemplified by Enron and WorldCom. However, Enron and WorldCom are by no means the only culprits, although they may have been the most egregious.
These failed companies engaged in massive accounting frauds that undermined the antifraud and mandatory disclosure provisions of federal securities laws. To put the issue in perspective, the savings and loan crisis of the 1980s cost investors and taxpayers less than $5 billion. As a direct result of the 30 largest accounting fraud cases from 1997 to 2004, investors lost an estimated $900 billion (The Economist, 2005; Jahmani et al. , 2008). The accounting profession as a whole absorbed a great deal of the blame for these newest scandals.
Auditors were specifically blamed for having compromised their independence. Investigation revealed that auditors were generating more income from consulting services than they were from actually conducting audits on the firms that hired them (The Economist, 2005). SOX represented the initial foray of governmental oversight into the accounting industry. A quasi-governmental agency called the Public Company Accounting Oversight Board (PCAOB) was created and charged with direct oversight and regulation of the accounting industry (ahmani et al. , 2008).
PCAOB works in conjunction with the Securities and Exchange Commission (SEC) to provide oversight of all public accounting firms and publically traded companies with the expressed purpose of protecting” the interests of investors and further the public interest in the preparation of informative, fair and independent audit report” (PCAOB 2002) Two key components of SOX are 1) a requirement to develop a Code of Ethics for senior financial officers, including enforcement mechanisms and 2) a requirement that outside auditors be rotated every five years (Orin, 2008).
Other key components are the criteria for director independence, composition and responsibility of the audit, establishment of compensation and nominating committees, written codes of conduct and ethics, disclosures pertinent to controls and procedures, internal control over financial reporting, and whistle-blowing (Kessel, 2011). With respect to the code of ethics required by SOX, the Security and Exchange Commission’s code pertains only to employees of public companies who have financial disclosure-related responsibilities.
Item 406 defines a code of ethics as “written standards that are reasonably designed to deter wrongdoing and to promote: Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships; full, fair, accurate, timely, and understandable disclosure in reports and documents that a company files with, or submits to, the commission and in other public communications made by the [company]; compliance with applicable governmental laws, rules and regulations; the prompt internal reporting of violations of the code to an appropriate person or persons identified in the code; and, Accountability for adherence to the code” (Securities and Exchange Commission, 2003). Because prior actions by corrupt corporate officers harmed not only the reputations of their companies but also hurt investors and employees, SOX regulation was aimed at preventing management from harming society in the future.
A decade after passage of SOX, critics complain that the disclosure mandate drains U. S. competitiveness. Supporters, however, argue that the law contributes to a more holistic awareness of corporate responsibility across big businesses (Clancy, 2012). Mandatory publication of corporate codes of ethics helps an organization avoid situations where unethical behavior affects the operation and development of the company. Mandatory publication of corporate ethics also helps firms operate in a socially responsible aspect; company executives may say one thing, and what they are actually doing is totally different than what they may have publically stated.
Evidence shows that companies can be engaging in socially responsible activities and at the same time have unethical pursuits (Clancy, 2012); it is for this reason that SOX makes it mandatory for companies to define what is the right thing to do in the course of providing its services. Sarbanes-Oxley has fundamentally transformed the basic structure of the public accounting profession in the United States. One of the most publicized aspects of the act is that CEOs, and CFOs are required to certify that quarterly and annual reports are compliant with applicable securities laws and present a fair and accurate picture of the financial situation of the company (Jahmani & Dowling, 2008). This socially responsible behavior protects investors by defining some of the key practices that should be followed when handling financial matters within the organization.
There is little doubt that implementation of SOX presents an unfair burden on small organizations as compared to larger organizations. Small firms could not obtain or generate the funds required in order to establish some of the necessary controls that SOX requires (Kessel, 2011). Implementation of SOX can have significant costs associated with it that financially drains many smaller firms. There is no doubt that investor trust in the public markets needed to be regained after the devastation caused by the violations of the securities laws by Enron, Tyco, and others, but SOX has not produced the governance improvements that offset the burden placed on small and mid-sized public companies (Kessel, 2011).
I personally agree that SOX is burdensome to smaller firms due to the increased auditing and reporting regulations as well as the costs to implement and sustain these practices. These regulations, which intend to protect the public from the fraudulent conduct of several large companies, represent a considerable burden for smaller companies. According to Kessel (2011) “they are part of the reason that fewer biotech companies are going public and instead selling out to larger companies as a means to provide exits for investors”. It is clear that the SOX act does not provide any provisions or distinction between the small and large cap billion dollar firms, thus making it difficult for small firm’s the acquire the necessary capital they need to establish the required controls and sustain growth (Reidy, 2006).
According to the act, public companies both small and large, should comply with the set rules and regulations, which is quite a challenge for the small firms. The Sarbanes-Oxley Act of 2002 has functioned as it was designed to since it implementation. However, as stated earlier it has proven to be quite burdensome to smaller public companies. If I were given the opportunity to make a suggestion to the President and Congressional leaders, I would suggest removing the section 404 requirements for small-cap companies. The Jumpstart Our Business Startups Act (JOBS Act), passed by Congress and signed by President Obama April 5, 2012 solved this problem for firms classified as emerging growth.
Aside from requiring management’s assertions and the auditor’s attestation, SOX Section 404 also requires public companies to disclose whether or not they have adopted a code of ethics applicable to their senior financial officers (Clancy, 2012). For companies listed on the New York Stock Exchange (NYSE), this requirement has been expanded to require listed companies to adopt and disclose on their websites a code of business conduct and ethics for directors, officers, and employees and to promptly disclose any waivers of the code for directors or executive officers. In that since, most of what | would suggest has been taken care of by President Obama.
