The Sarbanes-Oxley Act is of high importance to publicly traded companies and their external auditors. Penalties for non-compliance can be stiff if financial reporting is not transparent and accurate. As a result, CEOs, CFOs, company directors and audit committees have critical responsibilities for ensuring the integrity, completeness and accuracy of financial statements and related controls.
This act has more than 300 sections divided into 11 titles. Significant provisions of the Act are enumerated below.
Title I: PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD
The Board shall:
1. Register public accounting firms;
2. Establish, or adopt, by rule, "auditing, quality control, ethics, independence, and other standards relating to the preparation of audit reports for issuers;"
3. Conduct inspections of accounting firms;
4. Conduct investigations and disciplinary proceedings, and impose appropriate sanctions;
5. Perform such other duties or functions as necessary or appropriate;
6. Enforce compliance with the Act, the rules of the Board, professional standards, and the securities laws relating to the preparation and issuance of audit reports and the obligations and liabilities of accountants with respect thereto;
7. Set the budget and manage the operations of the Board and the staff of the Board.
The Board must require registered public accounting firms to "prepare, and maintain for a period of not less than 7 years, audit work papers, and other information related to any audit report, in sufficient detail to support the conclusions reached in such report."
The Board must require a 2nd partner review and approval of audit reports registered accounting firms must adopt quality control standards.
Section 101: Establishment; Board Membership.
Section 101 of the act envisages creation of a new independent corporate body, the Public Company Accounting Oversight Board (PCAOB) to oversee the audit of public companies. The act specifically states that PCAOB should be a non-profit making corporation and not an agency or establishment of the United States Government. It also lays down the principles for the composition, qualification and independence requirements of the PCAOB membership.
The Board will have five financially literate members, appointed for five-year terms. Two of the members must be or have been certified public accountants, and the remaining three must not be and cannot have been CPAs. The Chair may be held by one of the CPA members, provided that he or she has not been engaged as a practicing CPA for five years.
The Board's members will serve on a full-time basis.
No member may, concurrent with service on the Board, "share in any of the profits of, or receive payments from, a public accounting firm," other than "fixed continuing payments," such as retirement payments.
Members of the Board are appointed by the Commission, "after consultation with" the Chairman of the Federal Reserve Board and the Secretary of the Treasury.
Members may be removed by the Commission "for good cause."
Section 102(a): Mandatory Registration
Section 102 requires the mandatory registration of public accounting firms by PCAOB. This is also, applicable to foreign public accounting firms (Section 106). Only the firms registered with PCAOB can carry out audit and reporting assignments.
Section 103: Establish standards for auditing, quality control, ethics and Independence
Section 103 endorses PCAOB to issue auditing, quality control and independence standards. It aims to improve audit quality assurance either through mandatory concurring or a second partner review. It also mandates that audit papers and related material be documented for a period of seven years after the audit.
Section 104: Inspections of Registered Public Accounting Firms
Annual quality reviews (inspections) must be conducted for firms that audit more than 100 issues; all others must be conducted every 3 years. The SEC and/or the Board may order a special inspection of any firm at any time.
Section 105: Conduct investigations, disciplinary proceedings
Section 105Empowers PCAOB to investigate and take on disciplinary proceedings against registered public accounting firms. Any deliberate violation or negligent conduct can be penalized with a temporary or permanent revocation of registration, or suspension, or a permanent limitation on activities and a civil fine
Section 106: Foreign Public Accounting Firms
The bill would subject foreign accounting firms who audit a U.S. company to registrations with the Board. This would include foreign firms that perform some audit work, such as in a foreign subsidiary of a U.S. company that is relied on by the primary auditor.
Section 107(c): Commission Review Of Disciplinary Action Taken By The Board.
The Board must notify the SEC when it imposes "any final sanction" on any accounting firm or associated person. The Board's findings and sanctions are subject to review by the SEC.
The SEC may enhance, modify, cancel, reduce, or require remission of such sanction.
Securities and Exchange Commission (SEC) is responsible for dictating rules under SOX and ensuring its enforcement (Section107). Further, PCAOB regulations require SEC approval.
Section 108: Accounting Standards.
The SEC is authorized to "recognize, as 'generally accepted'... any accounting principles" that are established by a standard-setting body that meets the bill's criteria, which include requirements that the body:
1. Be a private entity;
2. Be governed by a board of trustees (or equivalent body), the majority of whom are not or have not been associated persons with a public accounting firm for the past 2 years;
3. Be funded in a manner similar to the Board;
4. Have adopted procedures to ensure prompt consideration of changes to accounting principles by a majority vote;
5. Consider, when adopting standards, the need to keep them current and the extent to which international convergence of standards is necessary or appropriate.
Section 109(d): Funding; Annual Accounting Support Fee For The Board.
In order to audit a public company, a public accounting firm must register with the Board. The Board shall collect "a registration fee" and "an annual fee" from each registered public accounting firm, in amounts that are "sufficient" to recover the costs of processing and reviewing applications and annual reports.
The Board shall also establish by rule a reasonable "annual accounting support fee" as may be necessary or appropriate to maintain the Board. This fee will be assessed on issuers only.
Title II: AUDITOR INDEPENDENCE
Section 201: Services Outside The Scope Of Practice Of Auditors; Prohibited Activities.
It shall be "unlawful" for a registered public accounting firm to provide any non-audit service to an issuer contemporaneously with the audit, including: (1) bookkeeping or other services related to the accounting records or financial statements of the audit client; (2) financial information systems design and implementation; (3) appraisal or valuation services, fairness opinions, or contribution-in-kind reports; (4) actuarial services; (5) internal audit outsourcing services; (6) management functions or human resources; (7) broker or dealer, investment adviser, or investment banking services; (8) legal services and expert services unrelated to the audit; (9) any other service that the Board determines, by regulation, is impermissible. The Board may, on a case-by-case basis, exempt from these prohibitions any person, issuer, public accounting firm, or transaction, subject to review by the Commission.
It will not be unlawful to provide other non-audit services if they are pre-approved by the audit committee in the following manner. The bill allows an accounting firm to "engage in any non-audit service, including tax services," that is not listed above, only if the activity is pre-approved by the audit committee of the issuer. The audit committee will disclose to investors in periodic reports its decision to pre-approve non-audit services. Statutory insurance company regulatory audits are treated as an audit service, and thus do not require pre-approval.
The pre-approval requirement is waived with respect to the provision of non-audit services for an issuer if the aggregate amount of all such non-audit services provided to the issuer constitutes less than 5 % of the total amount of revenues paid by the issuer to its auditor (calculated on the basis of revenues paid by the issuer during the fiscal year when the non-audit services are performed), such services were not recognized by the issuer at the time of the engagement to be non-audit services; and such services are promptly brought to the attention of the audit committee and approved prior to completion of the audit.
The authority to pre-approve services can be delegated to 1 or more members of the audit committee, but any decision by the delegate must be presented to the full audit committee.
Section 203: Audit Partner Rotation.
The lead audit or coordinating partner and the reviewing partner must rotate off of the audit every 5 years.
Section 204: Auditor Reports to Audit Committees.
The accounting firm must report to the audit committee all "critical accounting policies and practices to be used; all alternative treatments of financial information within GAAP that have been discussed with management officials of the issuer, ramifications of the use of such alternative disclosures and treatments, and the treatment preferred" by the firm.
Section 206: Conflicts of Interest.
The CEO, Controller, CFO, Chief Accounting Officer or person in an equivalent position cannot have been employed by the company's audit firm during the 1-year period preceding the audit.
Title III: CORPORATE RESPOSIBILITY
Section 301: Public Company Audit Committees.
Each member of the audit committee shall be a member of the board of directors of the issuer, and shall otherwise be independent.
"Independent" is defined as not receiving, other than for service on the board, any consulting, advisory, or other compensatory fee from the issuer, and as not being an affiliated person of the issuer, or any subsidiary thereof.
The SEC may make exemptions for certain individuals on a case-by-case basis.
The audit committee of an issuer shall be directly responsible for the appointment, compensation, and oversight of the work of any registered public accounting firm employed by that issuer.
The audit committee shall establish procedures for the "receipt, retention, and treatment of complaints" received by the issuer regarding accounting, internal controls, and auditing.
Each audit committee shall have the authority to engage independent counsel or other advisors, as it determines necessary to carry out its duties.
Each issuer shall provide appropriate funding to the audit committee.
Section 302: Corporate Responsibility For Financial Reports.
The CEO and CFO of each issuer shall prepare in each quarter a statement to accompany the audit report to certify the "appropriateness of the financial statements and disclosures contained in the periodic report, and that those financial statements and disclosures fairly present, in all material respects, the operations and financial condition of the issuer." A violation of this section must be knowing and intentional to give rise to liability.
Section 303: Improper Influence on Conduct of Audits
It shall be unlawful for any officer or director of an issuer to take any action to fraudulently influence, coerce, manipulate, or mislead any auditor engaged in the performance of an audit for the purpose of rendering the financial statements materially misleading.
Section 306: Blackout period
This section calls for a corporate to issue a notice to directors and executive officers about the blackout period for purchasing, selling, acquiring or transferring equity. If any transactions violate the section during blackout period, the profits realized have to be recovered by the corporate.
Section 307: Attorneys to report any violations of law
This section requires Attorneys to report any violations of law or breach of fiduciary duty by corporate or its executives, to the chief legal counsel or the CEO. if the chief legal counsel or CEO does not take any suitable remedial measures, the Attorney has to report it to the Audit Committee.
Title IV: ENHANCED FINANCIAL DISCLOSURES
Section 401(a): Disclosures In Periodic Reports; Disclosures Required.
Each financial report that is required to be prepared in accordance with GAAP shall "reflect all material correcting adjustments . . . that have been identified by a registered accounting firm . . ..”
"Each annual and quarterly financial report . . . shall disclose all material off-balance sheet transactions" and "other relationships" with "unconsolidated entities" that may have a material current or future effect on the financial condition of the issuer.
The SEC shall issue rules providing that pro forma financial information must be presented so as not to "contain an untrue statement" or omit to state a material fact necessary in order to make the pro forma financial information not misleading.
Section 402(a): Prohibition on Personal Loans to Executives.
Generally, it will be unlawful for an issuer to extend credit to any director or executive officer. Consumer credit companies may make home improvement and consumer credit loans and issue credit cards to its directors and executive officers if it is done in the ordinary course of business on the same terms and conditions made to the general public.
Section 403: Revelation of stock holdings of director or executive
This section requires the revelation of stock holdings of director or executive or principal stakeholders (i.e. person’s directly or indirectly holding more than 10% of beneficial ownership of the company) in statements filed with SEC and National Securities Exchange, well as on the corporate website. For purchase, sales or any changes in the ownership holdings, disclosure within two days is an imperative.
Section 404: Management Assessment Of Internal Controls.
Requires each annual report of an issuer to contain an "internal control report", which shall:
1. State the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and
2. Contain an assessment, as of the end of the issuer's fiscal year, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.
Each issuer's auditor shall attest to, and report on, the assessment made by the management of the issuer. An attestation made under this section shall be in accordance with standards for attestation engagements issued or adopted by the Board. An attestation engagement shall not be the subject of a separate engagement.
The language in the report of the Committee which accompanies the bill to explain the legislative intent states, "--- the Committee does not intend that the auditor's evaluation be the subject of a separate engagement or the basis for increased charges or fees."
Directs the SEC to require each issuer to disclose whether it has adopted a code of ethics for its senior financial officers and the contents of that code.
Directs the SEC to revise its regulations concerning prompt disclosure on Form 8-K to require immediate disclosure "of any change in, or waiver of," an issuer's code of ethics.
Section406: Code of ethics for Senior Management/Financial Officers
This section requires that organizations establish a code of ethics for Senior Management / Financial Officers. The institution of code of ethics, including any changes to code of ethics, has to be disclosed in SEC reports. If there is no code of ethics instituted, the reasons have to be disclosed.
Section 407: Disclosure of Audit Committee Financial Expert.
The SEC shall issue rules to require issuers to disclose whether at least 1 member of its audit committee is a "financial expert."
Section 408: SEC to review financial statements
This section requires SEC to review financial statements, and periodic reports with SEC, at least once in three years.
Section 409: Real Time Disclosure.
Issuers must disclose information on material changes in the financial condition or operations of the issuer on a rapid and current basis.
Title VI: COMMISSION RESOURCES & AUTHORITITY
Section 602(a): Appearance and Practice Before the Commission.
The SEC may censure any person, or temporarily bar or deny any person the right to appear or practice before the SEC if the person does not possess the requisite qualifications to represent others, lacks character or integrity, or has willfully violated Federal securities laws.
Section 602(c): Study and Report.
SEC is to conduct a study of "securities professionals" (public accountants, public accounting firms, investment bankers, investment advisors, brokers, dealers, attorneys) who have been found to have aided and abetted a violation of Federal securities laws.
Section 602(d): Rules of Professional Responsibility for Attorneys.
The SEC shall establish rules setting minimum standards for professional conduct for attorneys practicing before it.
Title VII: STUDIES & REPORTS
Section 701: GAO Study and Report Regarding Consolidation of Public Accounting Firms.
The GAO shall conduct a study regarding the consolidation of public accounting firms since 1989, including the present and future impact of the consolidation, and the solutions to any problems discovered.
Title VIII: CORPORATE AND CRIMINAL FRAUD ACCOUNTABILITY
It is a felony to "knowingly" destroy or create documents to "impede, obstruct or influence" any existing or contemplated federal investigation.
Section 802: Auditors are required to maintain "all audit or review work papers" for five years. Any knowing and willful violations will attract imprisonment for 10 years or more. Cases of deliberate destruction, alteration or falsification of records in federal probe attract an imprisonment of 10 years, or more.
The statute of limitations on securities fraud claims is extended to the earlier of five years from the fraud, or two years after the fraud was discovered, from three years and one year, respectively.
Section806: Employees of issuers and accounting firms are extended "whistleblower protection" that would prohibit the employer from taking certain actions against employees who lawfully disclose private employer information to, among others, parties in a judicial proceeding involving a fraud claim. Whistle blowers are also granted a remedy of special damages and attorney's fees. Those who retaliate against these informants are liable to be imprisoned for 10years or/and pay heavy fines.
Fraudulent activities against shareholders can lead to a 25-year imprisonment under Section 807.This action can be initiated within 2years of the discovery of these activities or 5 years after such a violation.
Section 807: Fraudulent activities against shareholders can lead to a 25-year imprisonment under Section 807. This action can be initiated within 2years of the discovery of these activities or 5 years after such a violation.
Title IX: WHITE COLLAR CRIME PENALTY ENHANCEMENTS
Maximum penalty for mail and wire fraud increased from 5 to 10 years.
Creates a crime for tampering with a record or otherwise impeding any official proceeding.
SEC given authority to seek court freeze of extraordinary payments to directors, offices, partners, controlling persons, agents of employees.
US Sentencing Commission to review sentencing guidelines for securities and accounting fraud.
SEC may prohibit anyone convicted of securities fraud from being an officer or director of any publicly traded company.
Section 902, 903 & 904: Any attempt to commit criminal fraud is equivalent to a fraud actually being committee and can be penalized. Section 903 and 904 lays down criminal penalties for mail and wire fraud and violation of the Employee Retirement Security Act, 1954.
Section 906: Financial Statements filed with the SEC must be certified by the CEO and CFO. The certification must state that the financial statements and disclosures fully comply with provisions of the Securities Exchange Act and that they fairly present, in all material respects, the operations and financial condition of the issuer. Any unintentional wrong certification attracts penalty of not more than USD 1 million or an imprisonment of not more than 10 years, or both, while the penalties for deliberate acts are even higher at not more than USD 5 million or an imprisonment of not more than 20 years, or both.
TITLE X: CORPORATE TAX RETURNS
Section 1001: Sense of Congress Regarding Corporate Tax Returns
It is the sense of Congress that the Federal income tax return of a corporation should be signed by the chief executive officer of such corporation.
TITLE XI: CORPORATE FRAUD ACCOUNTABILITY
Section 1102: Tampering With a Record or Otherwise Impeding an Official Proceeding
Makes it a crime for any person to corruptly alter, destroy, mutilate, or conceal any document with the intent to impair the object's integrity or availability for use in an official proceeding or to otherwise obstruct, influence or impede any official proceeding is liable for up to 20 years in prison and a fine.
Section 1103: Temporary Freeze Authority
The SEC is authorized to freeze the payment of an extraordinary payment to any director, officer, partner, controlling person, agent, or employee of a company during an investigation of possible violations of securities laws.
Section 1105: SEC Authority to Prohibit Persons from Serving as Officers or Directors
The SEC may prohibit a person from serving as an officer or director of a public company if the person has committed securities fraud.
Section 1106: Criminal penalties under Securities Act, 1934
Section 1106 lays down criminal penalties under Securities Act, 1934 of USD 1 million or imprisonment of 10 years, or both, or USD 5 million or imprisonment of 20 years, or both.