Newsletter | Volume 1

SOX certainly had a rough start with frustrations for governance and compliance officers due to the hype, misguided implementation and interpretation guidance from the Securities and Exchange Commission (SEC) and the Public Company Accounting Oversight Board (PCAOB).

History of the corporate mess
The year is early 2002, Corporate America is in a terrible mess; Enron had collapsed, with an unprecedented accounting fraud that followed. Later WorldCom, Adelphia Communications, Tyco, HealthSouth and others followed suit with even more sensational accounting frauds and scandals.

Furthermore, the recession was rampant and on top of the corporate agenda was shareholder value. Politicians and grass root organisations were appalled at how quickly retirement savings and financial security could just evaporate into thin air, leaving thousands of families in utter despair without a pension.

All over the world, there was an outcry for action and in the midst of the violent and widespread corporate turbulence, legislators were scrambling to clean up the corporate air of uncertainty.

Oversight authorities in slumber
Enter into this scenario Michael Oxley, the Republican chairman of the House Financial Services Committee and his Senate counterpart, Democrat Paul Sarbanes. They unruffled the usual conflicting constituencies into a working majority and cooked up a bill based on a series of past acts that corporate America was not bothered to comply with. The notorious Sarbanes-Oxley Act was born and passed thru both houses before the end of 2002, and President Bush victoriously turned the bill into law with immediate effect.

Expensive 117 words in SOX �404
The primary departure of SOX from the mixture of a series of old and latent acts (1977; FCPA, 1985; Treadway Commission report on fraudulent reporting, 1991; S&L Failures, 1991; FDICIA Controls, etc.) was that SOX required the auditor, CEO, and CFO 'to certify' that internal controls over financial reporting throughout the organisation was in order, as stated in the 117 words in SOX �404. This detail created a gigantic financial and operations burden to all stock listed companies to comply, and auditors and consultants who were hired to document and implement SOX laughed all the way to the bank.

Fourteen years down the road or for better or worse, the Sarbanes-Oxley Act cannot be divorced from the internal controls processes of any business. It was one of the first efforts in global business operations that succeeded in making all stakeholders to take significant details like internal control over financial reporting seriously.

The million dollar question then is, has SOX served its purpose? The jury is still out. However, SOX has reduced the number of incorrect financial statements filed by publicly traded companies and accounting inconsistencies like operational and financial leasing as well as internal controls over financial reporting was fixed.

SOX has probably prevented many potential corporate failures after its implementation in 2002-4 but failed to prevent the financial crisis of 2009. However, much of the credit and trust component of the financial crisis was due to poor risk management in mortgage lending and subprime and was outside the SOX scope. To prevent future complex billion dollar governance, risk management and compliance failures of e.g. Freddie Mac (2003) AIG (2005) Leman Brothers (2008) Bernie Madoff (2009) Satyam (2010) needs a different type of SOX2 where irrational and exuberant financiers cannot banish prudent risk management with an added component of greed.

The general feeling however is that SOX legitimated some of the control challenges it was supposed to address; accountability, transparency, oversight, disclosures, shareholder protection, auditor independence are a few of the success stories. The most positive effect of SOX is that it has finally strengthened stakeholder activism and proper business oversight.

See also: Our 'tribute' to SOX on the ten year anniversary; http://www.copenhagencompliance.com/news/SOX10Years.php