To achieve this purpose, the Act established the PCAOB to oversee external auditing and corporate governance issues that potentially affect the reliability of financial reports. Further, SOX increased the responsibilities of corporate managers for producing reliable financial reports and specified restrictions on the activities of external auditors to increase their independence from their audit clients. Though there are many provisions in the legislation and subsequent regulations, three issues are of primary importance for accounting.
These involve the financial reporting responsibilities of the PCAOB, corporations (including their boards of directors and managers), and external auditors. Responsibilities of the Public Companies Accounting Oversight Board The PCAOB (www. pcaob. com) reports to the Securities and Exchange Commission (SEC), which appoints members of the Board. The Board has five full-time members. The Board establishes auditing standards for external audits of publicly traded companies and oversees the accounting firms that provide these audits.
Accounting firms that provide external audits of companies that report to the SEC must register with the PCAOB and report to the PCAOB information about their audit clients, audit fees, and the services provided to clients. As part of its oversight responsibilities for accounting firms, the PCAOB issues standards for accounting firms that provide guidance concerning auditor ethics and independence; supervision, hiring, and development of audit personnel; and client acceptance and continuation.
Also, the PCAOB is responsible for inspecting auditing firms to ensure their compliance with SOX regulations and professional auditing standards. The PCAOB is responsible for investigating potential violations of SOX regulations, the Board’s rules, and professional accounting standards. The Board may impose sanctions on accounting firms, including suspension from auditing public companies and civil penalties. The Board may refer these matters to the SEC and the Department of Justice for further legal action if it believes such action is needed.
Responsibilities of Corporations The Sarbanes-Oxley Act affects corporations that are required to report financial information to the Securities and Exchange Commission (SEC). These corporations must provide a certification from the Chief Executive Officer (CEO) and Chief Financial Officer (CFO) along with their financial reports. The officers certify that the financial reports comply with requirements of the Securities Exchange Act of 1934 and contain information that fairly presents, in all material respects, the financial condition and results of operations of the issuer.
A company’s balance sheet reports its financial condition 2 and its income statement and statement of cash flows report its results of operations. Consequently, the officers are required to confirm that the corporation’s financial statements reliably represent its economic activities. These provisions affect a company’s annual report (10-K) and quarterly reports (10-Q) that must be filed with the SEC. The penalty for falsely certifying the financial statements is a fine of up to $5 million and imprisonment for up to 20 years.
The reports signed by the CEO and CFO must state that: • they have reviewed the financial reports • the reports are not misleading • the reports fairly present the company’s financial condition and results of operations • the officers are responsible (1) for establishing and maintaining an adequate system of internal controls sufficient to ensure reliable financial reporting and (2) for assessing the effectiveness of those controls the officers have disclosed to the company’s audit committee and external auditors (1) significant deficiencies in the company’s controls identified in their assessment and any significant changes in the controls and (2) any fraud involving management or employees who have a significant role with respect to internal controls. SOX also effectively mandates that corporations create audit committees as part of their boards of directors. Members of the audit committee must be independent of corporate management, meaning that managers of a corporation cannot serve on the audit committee.
The audit committee is responsible for selection, compensation, and oversight of the corporation’s external auditor. Thus, the audit committee, rather than corporate management, is the primary contact for a corporation’s external auditor. The audit committee must include a member who is a financial expert. A financial expert is defined as someone who has an understanding of generally accepted accounting principles, internal controls, financial statements, and audit committees and who has experience preparing, auditing, analyzing, or evaluating financial statements.
The audit committee must approve of any services provided by the external auditor, particularly those that are not directly related to the financial audit. These services must be disclosed in reports to the SEC. A corporation’s financial reports must disclose all material off-balance sheet transactions and activities that have a material effect on the corporation’s current or future financial condition. Off-balance sheet items usually involve obligations that do not fit the definition of liabilities that must be reported on the balance sheet.
Corporations also must disclose on a rapid and current basis material changes in their financial conditions and operations. A corporation also must disclose whether it has a code of ethics for its top managers. Among other things, a code of ethics should promote honest behavior, accurate and timely disclosure of financial information, and compliance with laws and regulations. A corporation is required to make its code of ethics available to the public. 3 Responsibilities of External Auditors
A corporation’s external auditor must provide timely information to the audit committee about important accounting practices and policies adopted by corporate management and any discussion between the auditor and management about alternative practices or policies. Any disagreements between the auditor and management about these matters also must be disclosed to the audit committee. SOX prohibits external auditors are from providing certain services to a client corporation. These include: • bookkeeping or other services relating to the accounting records or financial statements of the audit client; financial information systems design and implementation; • appraisal or evaluation services, fairness opinions or contribution-in-kind reports; • actuarial services; • internal audit outsourcing services; • management functions or human resources; • broker or dealer, investment advisor, or investment banking services; • legal services and expert services unrelated to the audit; • and any other service that the accounting board (PCAOB) determines, by regulation, is impermissible. The auditor must attest to and report on management’s assessment of a corporation’s internal controls.
The auditor is responsible for examining the client firm’s internal control system and verifying that the system is adequate to provide reasonable assurance of reliable financial reporting information. The auditor expresses an opinion concerning management’s assertions about its internal control system. This opinion is based on the results of the auditor’s assessment and appears in a report that accompanies the company’s audited financial statements. This report is in addition to the auditor’s attestation concerning the financial statements themselves.
The external auditor must be independent of management in fact and appearance. As part of this requirement, Sox mandates that the CEO, CFO, and Chief Accounting Officer cannot have been employed by the company’s external auditor during the one-year period preceding the audit. It is not uncommon for employees of audit firms to take positions with client corporations. SOX limits the ability of corporations to hire employees from their external audit firms. Conclusion The Sarbanes-Oxley Act has had profound effects on financial accounting and auditing practices.
Some provisions of the Act and related regulations are still being implemented, and we will undoubtedly see revisions and additions to some of these provisions. The extent to which these provisions are successful in increasing the reliability of financial reporting remains to be seen. However, there is no question that the way that boards of directors, corporate managers, and external auditors approach their responsibilities has changed and that greater efforts are being made to ensure that timely and accurate financial information is