The Sarbanes-Oxley Act of 2002 (SOX) was enacted in response to the Enron and WorldCom monetary scandals. SOX imposes monetary reporting necessities on all publicly traded firms and any firm that registers with the Securities and Change Fee (SEC).
The Sarbanes-Oxley Act doesn’t explicitly require non-public firms to bear a SOX audit for Sox certification. Nevertheless, many non-public firms select to take action to instill investor confidence and reveal their dedication to good governance. Moreover, some lenders might require a SOX audit to supply financing.
What Is a SOX Audit?
As we talked about, a SOX audit is an annual audit of a public firm’s monetary statements. The auditor will assessment the corporate’s inside controls and procedures to make sure they’re ample and efficient. The auditor may also ask whether or not the monetary statements are free of fabric misstatement.
SOX audits are typically performed in two phases:
Part 1: Within the first part of the audit, the auditor will assess the design of the corporate’s inside controls over monetary reporting. The auditor may also take a look at the effectiveness of these controls.
Part 2: Within the second part of the audit, the auditor will take a look at chosen transactions to find out whether or not they had been accurately recorded within the monetary statements.
Required Monetary Reporting for Public Corporations
To adjust to SOX, public firms should file monetary studies with the SEC quarterly and yearly. These studies should embody an auditor’s opinion on the equity of the monetary statements and whether or not they had been ready by Usually Accepted Accounting Rules (GAAP).
Along with the monetary studies, public firms should additionally set up inside controls over monetary reporting and disclose any materials weaknesses in these controls. Lastly, public firms should keep correct documentation of their monetary information.
Sorts of SOX Audits
Two SOX audits are inside management over monetary reporting (ICFR) and monetary assertion audits. ICFR audits are centered on an organization’s inside controls, whereas monetary assertion audits give attention to the veracity of the monetary statements.
ICFR audits are usually performed yearly, whereas monetary assertion audits are performed quarterly. Nevertheless, firms might choose to have their ICFR audit and monetary assertion audit performed on the similar time in the event that they really feel it might be extra environment friendly and cost-effective to take action.
PCAOB Requirements for SOX Audits
To make sure that SOX audits are adequately carried out, the PCAOB has issued a number of requirements that auditors should comply with. These requirements tackle planning, audit efficiency, and audit outcomes reporting.
To plan and carry out the audit successfully, auditors should have understanding of the corporate’s enterprise and its inside controls. They have to additionally determine and assess the dangers of fabric misstatement, whether or not as a consequence of error or fraud. After figuring out and evaluating these dangers, auditors should develop an acceptable audit technique designed to mitigate them.
As soon as the audit is full, auditors should difficulty a report on their findings. This report should embody an opinion on whether or not or not the monetary statements are offered pretty in accordance with GAAP. If there are any materials weaknesses in inside controls, these should even be reported.
Voluntary Monetary Reporting for Non-public Corporations
Though non-public firms will not be required by legislation to bear a SOX audit, many select to take action to enhance investor confidence and present their dedication to good company governance. A SOX audit also can assist entice new traders and safe financing from lenders.
Why Adjust to SOX?
So why undergo the trouble of compliance in the event you’re not required to? For one factor, it may make your organization extra engaging to traders. Publicly traded firms are topic to extra scrutiny, so by voluntarily complying with SOX certification requirements, you sign that your organization is dedicated to excessive governance requirements. This might give potential traders extra confidence in your organization and make them extra more likely to make investments.
Moreover, compliance can assist forestall fraud earlier than it occurs. The procedures and controls put in place by SOX are designed to discourage and detect fraudulent exercise. By implementing these procedures, you possibly can create a tradition of transparency and accountability that may assist cut back the chance of fraud at your organization.
What Does Compliance Look Like?
If your organization is topic to SOX compliance, there are some things you should do. First, you’ll must appoint a Chief Govt Officer (CEO) and Chief Monetary Officer (CFO). These officers will certify that your monetary statements are correct and full. You’ll additionally want to determine inside controls over monetary reporting and keep documentation of these controls. Lastly, you’ll want an impartial auditor to assessment your monetary statements and make sure their accuracy.
The Sarbanes-Oxley Act of 2002 protects traders from fraud and deception by requiring publicly traded firms to submit correct and dependable monetary studies. Whereas non-public firms will not be required by legislation to bear a SOX audit, many select to take action voluntarily to enhance investor confidence and reveal their dedication to good company governance. In the end, whether or not or to not topic a non-public firm to a SOX audit is a call that must be made on a case-by-case foundation.