The Sarbanes Oxley Act of 2002 was enacted to safeguard the interests of investors in publicly traded corporations by enhancing the dependability and accuracy of financial reports and disclosures. We’d like to emphasise six critical provisions of the Act.
To begin, the Act requires both the CEO and CFO to certify in writing that their company’s financial statements and supporting disclosures correctly represent its operating results—with potential jail time for a CEO or CFO who certifies figures they know are fraudulent. This generates extremely strong incentives for the CEO and CFO to ensure that financial statements are free of material misstatements.
Second, the Act established the Public Company Accounting Oversight Board to oversee the audit profession more closely. The Act empowers the Board to undertake investigations, discipline audit companies, and set a variety of standards and rules governing the creation of audit reports.
Third, the Act vests the audit committee of the board of directors with authority to appoint, compensate and terminate the public accounting firm that audits a company’s financial reports. Previously, management frequently retained the authority to employ and fire auditors. Additionally, the Act requires that all members of the audit committee be independent, which means they have no financial ties to the company they are supervising and do not receive consulting or advisory fees from the company.
Fourth, the Act imposes significant limitations on audit companies. Historically, public accounting firms derived a significant portion of their revenue from advisory services provided to the companies they audited. This created the perception of lack of independence, as a client displeased with an auditor’s position on an accounting problem may threaten to terminate the auditor’s services as a consultant. To minimise this potential conflict of interest, the Act forbids public accounting firms from providing a broad range of non-audit services to audit clients.
Fifth, the Act mandates an internal control report to be included in a company’s annual report. Management establishes internal controls to reassure investors about the reliability of financial reports. The report must say that management is responsible for establishing and maintaining adequate internal controls and must include an assessment of management’s internal control structure’s effectiveness. The internal control report is accompanied by an opinion from the company’s audit firm regarding management’s effectiveness in controlling its financial reporting process.
Finally, the Act imposes severe penalties of up to 20 years in prison for altering or destroying documents that may be used in an official proceeding, as well as up to ten years in prison for managers who retaliate against a so-called whistle-blower who reports misconduct outside the chain of command. Taken together, these six provisions of the 2002 Sarbanes-Oxley Act should help reduce the frequency of financial reporting fraud.