The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those affecting Enron, Arthur Andersen, and WorldCom. The law is named after Senator Paul Sarbanes and Representative Michael G. Oxley. It was approved by the House by a vote of 423-3 and by the Senate 99-0.

Provisions

Its major provisions include:

• Certification of financial reports by CEOs and CFOs
• Ban on personal loans to Executive Officers and Directors
• Accelerated reporting of trades by insiders
• Prohibition on insider trades during pension fund blackout periods
• Public reporting of CEO and CFO compensation and profits
• Additional disclosure
• Auditor independence, including outright bans on certain types of work and pre-certification by the company's Audit Committee of all other non-audit work
• Criminal and civil penalties for securities violations
• US companies are now obliged to have an internal audit function, which will need to be certified by external auditors.
• Significantly longer jail sentences and larger fines for corporate executives who knowingly and willfully misstate financial statements.
• Prohibition on audit firms providing extra "value-added" services to their clients including actuarial services, legal and extra services (such as consulting) unrelated to their audit work.
• A requirement that publicly traded companies furnish independent annual audit reports on the existence and condition (i.e., reliability) of internal controls as they relate to financial reporting.

Internal controls

Next to this the company's CEO and CFO should report on Internal Control Over Financial Reporting and Certification of Disclosure in Exchange Act Periodic Reports as stated in section 404 of the act. The Public Company Accounting Oversight Board (PCAOB) ([1] (http://www.pcaob.com)) has issued some guidelines on how management should render their opinion.

The main point is that management should use a risk management approach such as COSO (which descibes how to assess the control environment, determine control objectives, perform risk assesments, and identify controls).

Criticism

Whilst addressing a number of domestic concerns, the Act has been criticised by foreign regulators for seeking jurisdiction over their national affairs.

Smaller companies may be affected by Sarbanes-Oxley if trading with a large company subject to it. In addition to this a large number of them are requiring their smaller suppliers to register with the ISN.

Legislative Information

• House: 107 H.R. 3763, H. Rept. 107-414, H. Rept. 107-610
• Senate: 107 S. 2673, S. Rept. 107-205
• Law: Pub. L. 107-204, 116 Stat. 745

External links

• Summary of Sarbanes-Oxley Act of 2002 (http://www.aicpa.org/info/sarbanes_oxley_summary.htm) AICPA
• A Laymen's Summary of All 11 Titles (http://www.csbs.org/government/legislative/misc/2002_sarbanes-oxley_summary.htm)
• The text of the law (PDF) (http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_bills&docid=f:h3763enr.tst.pdf) U.S. Government Printing Office
• The full text of the act in HTML format (http://www.legalarchiver.org/soa.htm)
• An overview of major points in the act (http://www.cpeonline.com/cpenew/sarox.asp)
• Signing Statement of George W. Bush (http://www.whitehouse.gov/news/releases/2002/07/20020730.html)

Forums

• An interactive forum dedicated to the Sarbanes-Oxley Act (http://www.sarbanes-oxley-forum.com)