The Sarbanes-Oxley Act (SOX) at 14

The Sarbanes-Oxley Act (SOX) at 14

In 2002, the Sarbanes-Oxley Act was passed by Congress. The Act was the government’s response to the anger and uncertainty following the frauds at WorldCom and Enron, and had the aim of restoring the public’s confidence in auditing and financial reporting. While SOX has its detractors, the Act has been of significant benefit to investors, and largely fulfilled its aims. This article will look at how the four main components of SOX have helped to improve the reliability of financial reporting and safeguard investor confidence.

How has SOX improved the reliability of financial reporting and auditing?

SOX is made up of four main components, each of which addresses specific problems in the way businesses were audited:

1. SOX ended self-regulation and established an independent oversight of the auditing process

SOX ended self-regulation by the audit profession, setting up the Public Company Accounting Oversight Board, or PCAOB, to oversee the auditing of public companies. The PCAOB has the power to establish industry standards, conduct inspections, investigate allegations of falsehood, and regulate auditing firms.

The PCAOB currently lists 2,018 audit firms from more than 90 countries as registered. Its creation appears to have had a positive effect: a review of more than 120 papers by a team from Harvard concluded that the quality of financial reporting appears to have improved after the implementation of SOX.2

2. SOX strengthened and expanded audit committees

SOX aims to improve corporate governance through greater regulation of internal audit committees. SOX stipulates that all listed companies must have an audit committee, and that the members of that committee must be independent of management, contain at least one financial expert, and be directly responsible for appointing auditors and ensuring their company’s financial reporting is correct.

Before SOX, just 51% of public companies had auditing committees that were completely independent of management. After the new rules came into effect in 2004, not only were all public companies required to rely on independent audit committees, but almost half of all audit committee members are now financial experts.3 Internal audit committees are now better equipped to provide accurate and truthful financial reports.

3. SOX made executives more accountable and protected investors

One of the key aims of SOX was to ensure that CEOs and CFOs demonstrated ownership of their companies’ financial statements. SOX requires these executives to personally certify financial reports, and enforces significant penalties in place for executives who are found to have acted fraudulently. SOX also protects whistleblowers and, through the “Fair Funds” program, helps compensate victims of fraud.

4. SOX enhanced auditor independence

SOX ensures that auditors remain independent by prohibiting them from providing services such as bookkeeping, actuarial services, or management functions to the companies they audit. The Act also enforces a five-year mandatory rotation policy for the lead engagement partner (previously seven years).

Has SOX been a success?

SOX has successfully provided a deterrent to businesses and individuals tempted to mislead the market. It has done this by establishing independent oversight and significantly increasing compliance requirements and standards.

And, although the high cost of meeting SOX requirements is unpopular, businesses are seeing benefits too. The 2015 Sarbanes-Oxley Compliance Survey, carried out by global consulting firm Protiviti, revealed that 78% of organizations reported leveraging their SOX compliance to drive improvement of the business processes affecting financial reporting.4

Of course, improvement should be a process, not a single action. The PCAOB must continue to work with auditors to improve the quality of audits and ensure investors have confidence in the reporting system. Software such as AuditBoard is helping auditors streamline their SOX programs, improve auditing efficiency, and promote quality in their audit programs. To learn more, visit our Customer Success page to see how AuditBoard helps its clients.


John Kim, CPA was a SOX Subject Matter Expert and Technical Sales Director at AuditBoard. He has over 10 years of experience in Internal Audit, first as a Risk Assurance Manager at PricewaterhouseCoopers and then as the Senior Manager of Internal Audit for Zynga.