The Sarbanes-Oxley Act of 2002 ('SOX')" entrusts the management of SEC registrants with the responsibility of annually reporting the effectiveness of their internal control structure and procedures for financial reporting, and attesting the financial statements. Senior management must provide assurance on the existence, adequacy and effectiveness of internal controls - and SOX also requires each firm's external auditor to attest and report on management's assessment.
Recent corporate scandals have eroded investor trust to some extent in corporate reporting. To reduce corporate malfeasance and protect investors, Sarbanes-Oxley Act of 2002 (Sarbanes-Oxley) and Revised Clause 49 of Stock Exchange Listing Agreement were promulgated by the regulators in the Unites States and India, respectively. These legislations defined a new system of checks and balances to rebuild investor confidence.
Today’s corporate stakeholders expect greater assurance, more oversight and clear evidence of internal controls. The confidence of the investing community will only be restored after the gap between investor expectation, in terms of corporate governance and reporting, and what they have received in the past is bridged.
Sarbanes-Oxley and Clause 49 provides impetus to close the expectation gap by altering and expanding the responsibilities of key participants in the corporate reporting process. These legislations focus on improving the accuracy and reliability of corporate reporting.
IMPORTANT SECTIONS OF SOX
SECTION 302 – ‘Corporate Responsibility for Financial Reports’
This section makes it mandatory for the signing officers to certify that they have personally reviewed the statutory reports and are free from material misstatements and omissions. This has been included to bring an element of accountability on the part of top management, hence increasing the investors’ confidence in the reports. Top management also needs to certify that they have reviewed the internal controls existing in the organization and that has been done within a period of 90 days before the reporting date.
SECTION 401 – ‘Disclosures in Periodic Reports’
With the Enron Scandal, attention was drawn towards the Off Balance Sheet items and how Special Purpose Entities (SPEs) were used to inflate the stock prices. So this section comes into play and requires financial statements to present true and fair view of entity’s position. It requires financial reports to include all the off balance sheet (OBS) transactions.
SECTION 404 – ‘Assessment of Internal Controls’
This section is one of the most important sections as it speaks of the detailed assessment of internal controls in financial reporting process. As per section 404, management and external auditor are required to report about the adequacy of internal controls and its operating effectiveness over financial reporting. Based on their detailed analysis “Internal Control Report” is generated annually and produced before the shareholders. They are also required to comment upon the IT issues related to accounting matters. The costs involved with compliance of this section are very high which is justified with the long term results it brings by boosting the investors’ confidence in the entity.
SECTION 802 – ‘Criminal Penalties for Altering Documents’
SOX impose strict penalties in case of violation. Any kind of alteration of original documents can lead to imprisonment up to 10/20 years depending upon the facts of the cases. Further penalties can be levied by way of imposition of fines as well.
HOW SOX IMPACTS FINANCIAL REPORTING IN INDIA?
INDIAN SOX = Clause 49
With the coming of SOX in U.S., India also took new corporate governance norms under Clause 49 of Listing Agreement which came into effect from 31 December 2005 and is mandatory for all listed companies. Some of the important provisions are as follows-
- As per the Clause 49, it is mandatory for a company with Executive Chairman, to have 50% independent directors on Board. If the company has no Executive Chairman, 1/3rd of the directors should be independent.
- CEO/CFO’s are required to assess internal controls and take corrective measures to check the deficiencies.
- CEO/CFOs are also required to certify the Financial Statements.
- All the companies are required to submit quarterly Compliance Reports at Stock Exchanges.
- A Compliance Certificate from auditors is to be obtained and annexed with Directors’ Report.
- Establishment of an Audit Committee.
- Clause 49 was revised to incorporate wider definition of independent directors and increasing the responsibility of audit committee.
- Whistle Blower Policy is to be set out to provide security to those who retaliate against wrong doers.
- Formal Code of Conduct is to be laid down for Board of Directors and Senior Management of the organization.
- Related Party Transactions are to be disclosed separately making the financial statements more transparent.
SOX is an essential law which has brought discipline in financial reporting process. The transparency brought by this act is boosting investor’s confidence that further helps building a strong capital market in the economy.
What We Offers
We have developed solutions to help organizations reach the desired level of compliance as mandated by these legislations. Our service offerings cover the entire SOX Compliance lifecycle, including continuous monitoring and review:
- PROJECT MANAGEMENT: We can help your Project Management Office in executing a project charter, building the project team and performing an enterprise risk assessment.
- DOCUMENTATION & REVIEW: We can assist you in documenting controls, defining test cases and planning any remediation activity that may be needed. Alternatively, we can provide an independent review of existing documentation, assisting corporates to document and evaluate internal controls.
- CONTROL TESTING: Providing assistance in developing Internal Control Framework, Performing key controls testing, Providing assistance in developing Risk Management Framework And also we can carry out an independent evaluation of both the design and the operational effectiveness of internal controls, helping you to identify control gaps and assisting you in their remediation.
- ONGOING SOX COMPLIANCE: Our flexible resource pool can also help you to cope with the fluctuating resource demands of ongoing testing and certification - riding out the peaks and troughs of SOX activity with minimal impact on your business, SOX Compliance lifecycle, including continuous monitoring and review.
- TRAINING PERSONNEL: Training personnel on COSO, methods of documenting controls, etc.