Adoption of SOX framework can improve Corporate Governance and Financial Reporting
The Sarbanes-Oxley Act, 2002, called SOX ACT, is an US Law to build public confidence in the financial system and protect investors. All US and foreign public companies listed in US markets are required to comply with SOX.
The principal goal of SOX is to ensure the reliability of financial disclosures. This is the responsibility of the Board and Senior Management. SOX Compliance requires the CEO and the CFO to certify, that their financial disclosures are accurate (Sec 302) and the Internal Controls over Financial Reporting (ICOFR) have been assessed for effectiveness (Sec 404). The Statutory Auditor must certify the Management’s effectiveness assessment. There is a provision for severe penalties for false certifications.
A Company must undergo a metamorphosis to be able obtain certification under SOX.
Reliable Financial reporting must start with Corporate Governance or Entity Level Controls. Some of the most important Entity level controls include Role of Audit Committee, the functioning of independent directors, self-assessment by Board Directors, separation of powers between CEO and CFO, Code of Conduct, and implementation of Whistle-blower protection. The Auditor also cannot offer advisory services. Another important entity level control is the adoption of a Disclosure Policy for immediate disclosure of material events.
Sox Compliance requires adoption of COSO Framework with five elements-Control Environment, Risk Assessment, Control Activities, Information and Communication and Monitoring Activities. Some important controls include, documentation, safeguarding of assets, segregation of duties, reconciliation, vendors/partners risk assessment, EXCEL worksheet controls, IT General controls, and IT application controls. The main vulnerability in financial reporting occurs when data transfer takes place between subsidiary systems and core financial system and in making provisions for bad debts and depreciation.
Foreign jurisdictions can adopt Sox provisions to improve the integrity of their financial systems.