Sarbanes-Oxley Act (SOX)
The Sarbanes-Oxley Act was passed in the United States in 2002 and fundamentally transformed the way listed companies were expected to govern their financial reporting frameworks and other associated processes. The Act, more formally known as the ‘Public Company Accounting Reform and Investor Protection Act’ and abbreviated to SOx (after the two sponsors in the US Senate) and was passed after trust in the Financial Reporting of large entities and the competency of their auditors was questioned, e.g. via the collapse of Enron and the loss of Arthur Andersen. The act places a significant number of requirements on both entities and US regulators and has far reaching implications to any entity with a US Listing, US issued securities and so on. Further, key elements of the act found their way into other legislation around the world, creating a reasonably common playing field of enhanced control, governance and penalties in regards to Financial Reporting. SOX requirements are stringent and often impose significant regulatory costs to a business, for example, a well known section (404) requires significant documentation of internal controls as well as testing and the requirement for annual assurance by the external auditor over the end-to-end control framework for financial reporting.