SOX

Sarbanes-Oxly Act ⌘

• Response to Enron and Worldcom
• Protests shareholders by putting more restrictions on the management and transparency on financial reporting
• Effects only Publicly traded companies
• More rule-based (as oppose to principles-based

SOX three key principles ⌘

• Integrity
  • Integrity in finacial records (complete and representative)
• Reliability
  • Information reported is reliable and accurate
• Accountability
  • Corporate executives are answerable for breaches of information integrity and reliability.

SOX Compliance ⌘

• all publicly traded companies in the US
• whole-owned subsidiaries of a US corporation
• Non-US companies publicly traded on US markets through American Depository Receipts (ADR)

Compliance requirements ⌘

• information is valid and truthful
• CEO and CFO verify the data and accept accountability for any errors
• companies maintain accoutting framework (includes internal control)
• executives assume responsibility for the establishment and maintainance of the framework

Consequences of noncomplainace ⌘

• CEO is responsible
• CEO and CFO are liable to financial penalties and potential incarceration
• Not wilful deceit: 1mln and up-to 10 years in prison
• Intentional wrongdoing: $5mln, up to 20 years in prison

SOX of 2002 Sections ⌘

Section 201 - Audit Firm Conflict of Interest, No Consulting Except Tax

• Consulting was more profitable than auditing services
• Response to Arthur Andersen
• PWC sold consulting division to IBM

Section 203 - Five-Year Rotation of Audit Forms

One company checks the accounts of another

Section 204 - Auditor Reports to Audit Committee of Board

Auditors finding should not be buried at lower levels of an organization

Section 206 - CXO Conflict of Interest, One Year Removed from Audit Firm

Removed a common practise of auditors jumping to their clients

SOX of 2002 Sections ⌘

Section 302 - CEO and CFO Liable for Certifying Financial Results

CEO cannot use ignorance as an excuse

Section 306 - No Insider Trading During Blackout Period

prevents executives from trading shares based on insider information not available to other shareholders

Section 401 - Off-Balance-Sheet (OBS) Obligations and special Purpose Entities (SPEs)

prevents companies to hide financial losses

Section 402 - No Personal Loans to Executives

Personal Loans are not tax (it is not an income)

Section 403 - 48-Hour Notice of Executive Stock Transactions

prevents backdating stock options

before, companies did not have to declare option grants for weeks

SOX of 2002 Sections ⌘

Section 404 - Internal Control Attestation

most controversial

controversy comes with interpretation (see Audit Standard Number 2 - PCAOB AS2)

AS2 has been created as a part of SOX

see more TODO put link here

Section 409 - Real-Time Disclosure of Material Changes

timely notification of material events

Section 806 - Whistle-Blower Protection

removes excuses for remaining silent when fraud is dectected

Title VIII and Title IV - Five-Year Data Retention by Auditors and Hard Jail Time ==

destroying data can result in jail term

Section 401 Requirements ⌘

1. "Listing of off-balance-sheet (OBS) arrangements, transation and obligations (including contingent obligations) that may have a material effect, current or future on:
   • Financial conditions
   • Changes in financial results in operations
   • Liquidity capital expenditures
   • Capital resources
   • Significant components
   • Revenues
   • Expenses
2. Disclosure of "the nature and business purpose of the OBS arrangements, why and how they are needed in running a business"

Section 404 ⌘

• Internal controls include:
  • policies
  • procedures
  • training programs
  • other processes beyond financial control
• Internal controls also include:
  • "the safeguarding of assets against unauthorized acquisition, use, or disposition"
  • companies need to document and test the adequacy of these internal process controls as well
• SEC used COSO for understanding of internal controls
• COSO defines internal control as 2 a process, affected by and entity's BoD, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the categories:
  • Effectiveness and efficiency of operations
  • Reliability of financial reporting
  • Compliance with applicable laws and regulations
• Some claim that COSO ERM framework is outdated

Section 409 Details ⌘

• "real-time issuer disclosure.. on a rapid and current basis"
• reporting of material events, which affects financials reporting
• timely and real-time = four days
• uses 8-K form via EDGAR

Events requiring reporting

• change in control, significant acquisition or a bankruptcy
• entry or termination of a material agreement not made in the ordinary course of business
• termination or reduction of a business relationship with a customer that constitutes a specified amount of the revenues
• creation of a direct or contingent financial obligation material to the company
• events triggering a direct or contingent financial obligation material to the company (including default or acceleration of an obligation)
• exit activities (including material write-off or restructuring)
• any material impairment
• change in a rating agency decision, issuance of a credit watch, or change in a company outlook
• changing listing status (moving exchange, de-listing, etc...)
• changes in the status of previously issued audit report
• material limitations, restrictions or prohibitions (lockout periods, employee benefit, retirement and stock ownership plans)