Skip to content

Insights

Sarbanes-Oxley Act, 22 Years Later

The Sarbanes-Oxley Act of 2002 (SOX) was enacted in response to major corporate scandals, including those involving Enron, WorldCom, and Tyco International. The act aimed to protect investors by improving the accuracy and reliability of corporate disclosures, combat fraud, and restore investor confidence. Twenty-two years later, the impact of SOX is significant and multifaceted.

Sarbanes-Oxley Positive Impacts

The Sarbanes-Oxley Act has had significant and varied impacts on the corporate world, regulatory environment, and overall financial markets over the past 22 years.

1. Enhanced Corporate Governance

SOX has led to stronger corporate governance practices. Boards of directors are more independent and active in overseeing management. Audit committees are more diligent in their oversight of financial reporting and auditing processes.

2. Improved Financial Reporting and Transparency

Financial statements have become more reliable and transparent, giving investors greater confidence in the accuracy of reported financial information. The requirement for management and auditors to assess and report on internal controls, SOX 404, has improved the quality of financial reporting.

3. Restored Investor Confidence

By addressing corporate fraud and enhancing the accuracy of financial reporting, SOX has helped restore and maintain investor confidence in the capital markets.

4. Increased Accountability

Senior executives are held personally accountable for the accuracy of financial statements, reducing the likelihood of fraudulent reporting. The penalties can include large personal fines and jail time resulting in a cultural shift towards greater integrity and responsibility in corporate management.

5. Strengthened Internal Controls

Companies have invested significantly in improving their internal control systems. Strengthening Sarbanes-Oxley internal controls has reduced the risk of fraud and financial misstatements resulting in increased investor confidence.

6. Establishment of PCAOB

The creation of the Public Company Accounting Oversight Board (PCAOB) has improved the quality of audits. PCAOB’s oversight has held public accounting firms accountable to a higher audit standard backed by enforcement actions for regulatory non-compliance. This has resulted in more consistent audits with the reduced risk of inadequate audits, errors and misstatements, and fraudulent reporting.

Sarbanes-Oxley Negative Impacts

Just like any other regulation, SOX has some notable, negative impacts. The key ones include:

1. Increased Compliance Costs

Sarbanes-Oxley compliance, particularly SOX 404 controls, has been costly for companies, especially smaller firms. Larger companies may incur costs in the range of millions of dollars, and smaller companies often spend hundreds of thousands annually maintaining compliance. The need to implement and maintain robust internal controls, conduct internal assessments, and undergo external audits has resulted in significant financial and resource expenditures.

2. Administrative Burden

The complex administrative burden of SOX compliance has been challenging for companies, leading to increased workloads for management and staff. This has sometimes diverted attention and resources away from other strategic business activities.

3. Impact on Smaller Companies

Smaller companies have faced disproportionate challenges in complying with SOX 404 due to their limited resources and less sophisticated internal control systems. This has led to calls for differentiated or scaled requirements for smaller firms.

4. Potential for Reduced Risk-Taking

The stringent requirements and heightened scrutiny under SOX may have led companies to become more risk-averse, potentially reducing innovation and entrepreneurial activities.

The Future of SOX

The future of SOX will be shaped by the evolving business environment. Some trends include:

  • Technological Advancements: Increased dependence on technology and the automation of financial reporting introduces new risks.
  • Focus on Cybersecurity: Increasing cybersecurity threats has resulted in an emphasis on cybersecurity controls within the SOX 404 requirements. Organizations need to enhance IT security measures to reduce the risk of breaches and data theft.
  • Regulatory Updates: Periodic updates to the regulations to address new challenges and evolving market conditions.
  • Global Harmonization: Continued efforts towards harmonizing international regulations to create a more unified global financial market.
  • Focus on ESG: Investors, stakeholders, and consumers are paying increased attention to environmental, governance, and social (ESG) actions of organizations. The Security and Exchange Commission (SEC) has adopted ESG disclosure rules, referred to as the “SOXification” of ESG. These ESG disclosures require assessment of the ESG controls to provide management assurance that the ESG reporting is accurate.

In summary, the Sarbanes-Oxley Act of 2002 has been instrumental in shaping the corporate governance landscape over the past two decades. While it has faced challenges and criticisms, its role in enhancing transparency, accountability, and investor confidence remains undeniable.

To learn more about McKonly & Asbury’s SOX services, contact Elaine Nissley, Director, or Victor Kong, Senior Manager, who have been providing SOX 404 services for over twenty years. We would love to discuss how we can assist you with your SOX challenges.

About the Authors

Victor Kong

Victor joined McKonly & Asbury in 2023 and is currently a Senior Manager with the firm. He is a member of the firm’s Audit & Assurance Segment. Victor is a Certified Internal Auditor (CIA) and Certified Fraud Examiner (CFE), and hol… Read more

Elaine Nissley

Elaine is a Director with McKonly & Asbury. Her primary responsibilities include management of the Internal Audit Services group. Elaine handles client relationships and is accountable for the delivery of high quality and timely d… Read more

Subscribe to Our Newsletter