Against the backdrop of boy-band ballads and pop-punk hits, corporate America of the early aughts was unravelling to whistleblower alarms. One scandal followed another, exposing widespread accounting fraud. In its aftermath, investors lost money, employees lost jobs, and the public lost confidence in capital markets.
Enter the Sarbanes-Oxley Act (SOX) of 2002. Designed as an immediate response to the subsequent crisis in corporate accountability, the SOX Act enforces strict regulations on companies’ financial reporting, corporate disclosures, and internal structures.
Two decades later, SOX serves as a safeguard for regulatory transparency and integrity. Below, we break down the Act’s origin, key provisions, and its impact on the accounting industry.
Cheating Chiefs and the Birth of SOX
Enron: The Collapse of an Energy Giant
Enron’s story began as a 1985 merger between two natural gas transmission companies. Under the leadership of Kenneth Lay and Jeffrey Skilling, Enron grew into an energy-trading powerhouse, ranking seventh in revenue among US companies.
Beneath the glossy facade, however, lay a web of accounting fraud. Through mark-to-market (MTM) accounting, which values assets by their current market price instead of historical cost, Enron recorded projected future profits as current income. Effectively, they could report massive profits years before actually earning them.
The reality? Many of their deals would never yield cash flows. Enron then hid losses in special purpose entities (SPEs)—essentially off-the-books companies—managed by its executives.
When the truth surfaced in late 2001, Enron’s executives had already secured their fortunes. Meanwhile, investors and employees were left with worthless stock.
WorldCom: A Case of Record-Breaking Fraud
Soon after Enron, WorldCom dropped an even bigger bombshell. The telecommunications giant, led by CEO Bernard Ebbers, grew aggressively through acquisitions throughout the 1990s.
But by 1999, WorldCom’s revenue growth slowed. As its stocks fell, the company turned to fraud: They misclassified ordinary operating expenses as capital investments in financial reports, spreading costs over years instead of reporting them immediately.
WorldCom’s manipulation of financial statements, orchestrated by CFO Scott Sullivan with Ebbers’ knowledge, went undetected for years. By the time the internal audit committee uncovered the scheme, WorldCom had already inflated assets by $11 billion—the largest accounting fraud in American history at that time.
Arthur Andersen: The Watchdog That Failed
Beyond fraudulent financial reporting, a common thread connected Enron and WorldCom: Arthur Andersen LLP.
As Enron’s auditor, Andersen didn’t just miss the fraud; it enabled it. The firm signed off on misleading financial statements and later shredded thousands of audit documents once investigations began.
Andersen’s involvement in the WorldCom scandal, although less publicised, further damaged its reputation. While the Securities and Exchange Commission couldn’t prove Andersen knew of WorldCom’s fraud, investigators found the firm had missed multiple red flags that should have exposed the accounting irregularities.
In 2002, Arthur Andersen surrendered its CPA licenses. Once upon a time, the firm was among the “Big Five” accounting firms. Today, it’s a cautionary tale in corporate ethics.
The Urgent Passing of the Sarbanes-Oxley Act
With chiefs cutting ethical corners and auditors turning a blind eye, existing regulations were exposed as insufficient to prevent corporate accounting fraud. In response, Congress passed the Public Company Accounting Reform and Investor Protection Act, or simply the Sarbanes-Oxley Act, in 2002.
The SOX Act, named after bill sponsors Senator Paul Sarbanes and Representative Michael Oxley, imposes enhanced executive accountability and stricter internal controls against fraudulent financial reporting.
Ultimately, the SOX Act aims to restore and maintain public faith in American financial markets. All eleven provisions apply to publicly traded companies and public accounting firms, and the Public Company Accounting Oversight Board (PCAOB) aids in its enforcement.
What is SOX in Accounting?
Section 302: Corporate Responsibility for Financial Reports
This section directly imposes financial accountability on the C-suite. The CEO and CFO, in particular, must certify in writing the accuracy and completeness of quarterly and annual financial reports.
Senior corporate officers are likewise responsible for establishing and maintaining an adequate internal control structure and must disclose any deficiencies to auditors. Those who knowingly sign inaccurate financial statements will face fines, imprisonment, or both.
Section 404: Management Assessment of Internal Controls
Perhaps the most demanding and costly provision, Sec. 404 requires management to conduct an annual assessment of internal controls and reporting methods, testing them for effectiveness.
External auditors will then follow with an independent audit, which includes a report on the management’s assessment.
Put another way, 404 is a company’s annual financial health check-up, complete with self-assessment and professional diagnosis.
Section 802: Criminal Penalties for Altering Documents
This section is about document integrity. Firms and their accountants must retain accurate, detailed audit files for five years.
Examples of these files are:
- Workpapers
- Audit documents, including electronic records that form the basis of an audit or review
- Memoranda
- Correspondence
Section 806: Protection for Employees of Publicly Traded Companies Who Provide Evidence of Fraud
The Sarbanes-Oxley Act recognises that employees are often the first to spot fraud. This was true of Sherron Watkins, Vice President of Corporate Development at Enron, and Cynthia Cooper, Vice President of Internal Audit at WorldCom, who blew the whistles on the fraudulent schemes within their companies.
Aptly named, Sec. 806 requires publicly traded companies to establish confidential channels for employees to report financial misconduct, with protections and compensation for whistleblowers facing retaliation.
The Independent Auditor’s Role
The Sarbanes-Oxley Act also dedicates a title to auditor independence—a lesson drawn from Andersen’s failures.
At Enron, the firm served both as an auditor and consultant. The conflict of interest between these dual roles likely influenced Andersen to issue clean audit opinions year after year despite Enron’s schemes.
To prevent such conflicts, Congress established the PCAOB to enforce SOX compliance in accounting among public companies and firms. Specifically, the PCAOB restricts accounting firms from providing certain consulting services to the companies they audit unless expressly approved by that client’s audit committee.
These services are:
- Bookkeeping services
- Financial information systems design
- Appraisals
- Actuarial services
- Investment banking
- Legal services
Read More: Top 8 Advisory Services Offered by CPA Firms
Challenges of SOX Compliance
On paper, the Sarbanes-Oxley Act is a step in the right direction. However, critics argue compliance, particularly with Sec. 404, has become increasingly burdensome.
Initial implementation means significant investment, from setting up internal control frameworks to engaging external auditors. For smaller publicly traded companies, these activities can strain resources.
While it wouldn’t be wrong to expect compliance expenses to diminish after initial setup, surveys indicate an upward trend driven by factors like growing organisational complexity. The adaptation of remote work has also called for additional oversight.
Average annual SOX compliance cost across company size is
$1.6 million
Over
11,800 hours
devoted to SOX compliance activities
60%
of internal audit budgets allocated to SOX testing
Source: 2023 KPMG SOX Report
Accounting firms have likewise had to expand their capabilities to meet the evolving demands of comprehensive financial statement audits under the SOX Act.
Experts point to automation as the key to cost reduction, but that, too, is costly. Yet despite the mounting expenses, accurate financial reporting and preserved investor confidence remain invaluable.
The Impact of SOX in Accounting
Despite its limitations, the Sarbanes-Oxley Act has arguably accomplished its foundational goal of restoring public trust and investor confidence through intense scrutiny of internal controls over financial reporting.
SOX’s immediate impact was evident in the surge of financial restatements— corrections of a company’s published financial statements—as companies addressed previously undetected errors or inaccuracies.
According to a 20-year review by Audit Analytics, 17% of companies needed to revise prior statements in 2006. However, as companies adjusted, this number declined in subsequent years, suggesting an improvement in the quality of financial statements and corporate disclosures due to SOX compliance.
The Act’s influence extends well beyond the US. In 2012, former PCAOB board member Steven B. Harris shared that 44 countries adopted similar regulatory frameworks. Examples include Japan’s Financial Instruments and Exchange Law (J-SOX) and the Canadian SOX or Bill 198.
More Than a Number Cruncher
The Sarbanes-Oxley Act has evolved two decades since its inception from a response to a safeguard against corporate scandals. It has birthed a generation of executives who view attestation and internal controls not as regulatory burdens but as fundamental responsibilities.
For the accounting industry, SOX means transformation. Today’s accountants are strategic risk managers and control specialists. They design internal control frameworks, evaluate process effectiveness, and collaborate with IT teams on system requirements, among other things.
The combination of engaged leadership and empowered accountants has made strong financial reporting and accountability part of business, not something separate and apart.
Streamline SOX Compliance with Expert Accounting Support
As compliance with the Sarbanes-Oxley Act continues to shape financial reporting and auditing, investing in outsourcing will equip your business with the robust accounting support it needs to uphold financial reporting integrity.
At TOA Global, our outsourced accounting team brings practical experience in financial reporting, bookkeeping, and internal controls—essentials in maintaining compliance in today’s regulatory environment. With outsourcing, you’re doing more with less.
Ready to strengthen your accounting capabilities? Book a chat with us today.