Sarbanes-Oxley Act of 2002 (SOX)

Introduction and jurisdiction

The Sarbanes-Oxley Act of 2002 (SOX) is more formally the Public Company Accounting Reform and Investor Protection Act of 2002.

It is a United States federal law made in response to a number of widely publicised corporate and accounting scandals including those involving Enron and WorldCom.

It applies to all public companies which operate in the USA. Companies which have a parent company in the USA also need to comply along those seeking a listing in the US. When SOX was introduced a number of other countries also implemented similar laws. Therefore, it is highly likely that an organisation operating globally is going to be required to comply with SOX, or with similar rules.

Description of SOX

SOX contains 11 sections:

1. Public Company Accounting Oversight Board – this provides oversight of public accounting firms which provide audit services, and attempts to strengthen audit procedures
2. auditor independence – establishes standards for external auditor independence, to limit conflicts of interest
3. corporate responsibility – mandates that senior executives take personal responsibility for the contents of financial statements
4. enhanced financial disclosures – describes enhanced reporting requirements for financial transactions
5. commission resources and authority – defines the authority of the US Securities and Exchange Commission (SEC) to censure or bar securities professionals from practice, and defines conditions under which a person can be barred from practicing as a broker, advisor or dealer
6. studies and reports – requires the US Comptroller General and the SEC to perform various studies and report their findings
7. corporate and criminal fraud accountability – describes specific criminal penalties for manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistle-blowers, i.e. someone who informs on a person or organisation which he believes is engaging in illegal or immoral activity
8. white-collar crime penalty enhancement – increases the criminal penalties associated with white-collar crimes and conspiracies
9. corporate tax returns – states that the chief executive officer should sign the company tax return
10. corporate fraud accountability – identifies corporate fraud and records tampering as criminal offences
11. analyst conflicts of interest – describes a code of conduct for securities analysts.

Treasury’s role in relation to Sarbanes-Oxley

While not explicitly focused on treasury operations, the implication of SOX for treasury is in terms of control procedures, identification and management of risk, and transparency of reporting. To ensure compliance, those responsible for providing information are held accountable (through sub-certification) for its accuracy and completeness.

Treasury should specifically look to improve operations in response to the requirements of SOX by:

• identifying the areas where there are risk or control issues inherent in treasury functions. These include dealing activities such as foreign exchange, cash transactions, technology, risk management and use of specialised cash management vehicles and techniques
• ensuring that there are policies, procedures and preventative measures in place to adequately control the treasury processes. These might include segregation of duties, transaction limits, security of transaction origination systems, technology security and mandatory job rotation
• assisting ‘global governance’ by providing effective information, reporting and transparency, for the financial reporting process. Treasury should ensure compliance with regulatory requirements, even in a decentralised environment.