The Sarbanes-Oxley Act of 2002 (Pub.L. 107-204, 116 Stat. 745, enacted 2002-07-30), also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or Sarbox; is a United States federal law enacted on July 30, 2002 in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. The United States Statutes at Large, commonly referred to as the Statutes at Large and abbreviated Stat See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar. Events 1419 - First Defenestration of Prague. 1502 - Christopher Columbus lands at Guanaja in the Bay Islands off The law of the United States was originally largely derived from the Common law system of English law, which was in force at the time of the Revolutionary Accounting scandals, or corporate accounting scandals are political and business scandals which arise with the disclosure of misdeeds by trusted executives Enron Creditors Recovery Corporation (formerly Enron Corporation, former NYSE ticker symbol ENE was an American Energy company based in Tyco International Ltd is a highly diversified global manufacturing company incorporated in Bermuda, with United States operational headquarters in Princeton New Adelphia Communications Corporation, named after the Greek word "brothers" was the fifth largest cable company in the United States before filing for Bankruptcy Peregrine Systems Inc was an enterprise software company that sold solutions in the Enterprise asset management, Change management, and ITIL -based MCI Inc is an American Telecommunications company that is headquartered in Ashburn Virginia. These scandals, which cost investors billions of dollars when the share prices of the affected companies collapsed, shook public confidence in the nation's securities markets. The capital market is the Market for securities, where companies and Governments can raise longterm funds Named after sponsors Senator Paul Sarbanes (D-MD) and Representative Michael G. Oxley (R-OH), the Act was approved by the House by a vote of 423-3 and by the Senate 99-0. Paul Spyros Sarbanes (Παύλος Σπύρος Σαρμπάνης (born February 3, 1933) a Democrat, is a former United States Senator The Democratic Party is one of two major Political parties in the United States, the other being the Republican Party. Michael Garver "Mike" Oxley (born February 11, 1944) is an American politician of the Republican party who served as a U Ohio ( is a Midwestern state of the United States. As part of the Great Lakes region, Ohio has long been a cultural and geographical crossroads The United States House of Representatives is one of the two chambers of the United States Congress; the other is the Senate. The United States Senate is the Upper house of the bicameral United States Congress, the Lower house being the House of Representatives President George W. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt. "
The legislation establishes new or enhanced standards for all U. S. public company boards, management, and public accounting firms. A public company usually refers to a company that is permitted to offer its registered securities ( Stock, bonds, etc It does not apply to privately held companies. The Act contains 11 titles, or sections, ranging from additional Corporate Board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law. The US Securities and Exchange Commission (commonly known as the SEC) is an independent agency of the United States government which holds primary responsibility Debate continues over the perceived benefits and costs of SOX. Supporters contend that the legislation was necessary and has played a useful role in restoring public confidence in the nation's capital markets by, among other things, strengthening corporate accounting controls. Opponents of the bill claim that it has reduced America's international competitive edge against foreign financial service providers, claiming that SOX has introduced an overly complex and regulatory environment into U. S. financial markets. 
The Act establishes a new quasi-public agency, the Public Company Accounting Oversight Board, or PCAOB, which is charged with overseeing, regulating, inspecting, and disciplining accounting firms in their roles as auditors of public companies. The Public Company Accounting Oversight Board (or PCAOB) (sometimes called " Peekaboo " is a private-sector non-profit corporation created by the The Act also covers issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure. The most general definition of an audit is an evaluation of a person organization system process project or product Corporate governance is the set of Processes customs Policies, laws and institutions affecting the way a Corporation is directed administered or controlled In Accounting and Organizational theory, Internal control is defined as a process effected by an organization's structure work and authority flows people and
Sarbanes-Oxley contains 11 titles that describe specific mandates and requirements for financial reporting. Each title consists of several sections, summarized below.
A variety of complex factors created the conditions and culture in which a series of large corporate frauds occurred between 2000-2002. The spectacular, highly-publicized frauds at Enron (see Enron scandal), WorldCom, and Tyco exposed significant problems with conflicts of interest and incentive compensation practices. The Enron scandal was a financial scandal involving Enron Corporation Former ( NYSE ticker symbol ENE and its accounting firm Arthur Andersen These frauds and others resulted in over U. S. $500 billion in market value declines. The analysis of their complex and contentious root causes contributed to the passage of SOX in 2002. Specific contributing factors and events included:
The House passed Rep. Oxley's bill (H. R. 3763) on April 25, 2002, by a vote of 334 to 90. Events 1607 - Eighty Years' War: The Dutch fleet destroys the anchored Spanish fleet at Gibraltar. See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar. The House then referred the "Corporate and Auditing Accountability, Responsibility, and Transparency Act" or "CAARTA" to the Senate Banking Committee with the support of President George W. Bush and the SEC. The United States Senate is the Upper house of the bicameral United States Congress, the Lower house being the House of Representatives The United States Senate Committee on Banking Housing and Urban Affairs has jurisdiction over matters related to Banks and banking Price controls, Deposit George Walker Bush ( born July 6 1946 is the forty-third and current President of the United States. At the time, however, the Chairman of that Committee, Senator Paul Sarbanes (D-MD), was preparing his own proposal, Senate Bill 2673. Paul Spyros Sarbanes (Παύλος Σπύρος Σαρμπάνης (born February 3, 1933) a Democrat, is a former United States Senator
Senator Sarbanes’s bill passed the Senate Banking Committee on June 18, 2002, by a vote of 17 to 4. Events 618 - Coronation of the Chinese governor Li Yuan as Emperor Gaozu of Tang, the new Emperor of China, initiating three centuries See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar. On June 25, 2002, WorldCom revealed it had overstated its earnings by more than $3. Events 524 - Battle of Vézeronce, the Franks defeat the Burgundians See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar. MCI Inc is an American Telecommunications company that is headquartered in Ashburn Virginia. 8 billion during the past five quarters (15 months), primarily by improperly accounting for its operating costs. A fiscal year (or financial year, or sometimes budget year) is a period used for calculating annual ("yearly" Financial statements in Businesses Sen. Sarbanes introduced Senate Bill 2673 to the full Senate that same day, and it passed 97-0 less than three weeks later on July 15, 2002. Events 1099 - First Crusade: Christian soldiers take the Church of the Holy Sepulchre in Jerusalem after the final See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar.
The House and the Senate formed a Conference Committee to reconcile the differences between Sen. A conference committee is a committee of the Congress appointed by the House of Representatives and Senate to resolve disagreements on a particular Sarbanes's bill (S. 2673) and Rep. Oxley's bill (H. R. 3763). The conference committee relied heavily on S. 2673 and “most changes made by the conference committee strengthened the prescriptions of S. 2673 or added new prescriptions. ” (John T. Bostelman, The Sarbanes-Oxley Deskbook § 2-31. )
The Committee approved the final conference bill on July 24, 2002, and gave it the name "the Sarbanes-Oxley Act of 2002. Events 1132 - Battle of Nocera between Ranulf II of Alife and Roger II of Sicily. See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar. " The next day, both houses of Congress voted on it without change, producing an overwhelming margin of victory: 423 to 3 in the House and 99 to 0 in the Senate. The United States Congress is the bicameral Legislature of the federal government of the United States of America, consisting of two houses On July 30, 2002, President George W. Events 1419 - First Defenestration of Prague. 1502 - Christopher Columbus lands at Guanaja in the Bay Islands off See also 2002 (disambiguation Year 2002 ( MMII) was a Common year starting on Tuesday of the Gregorian calendar. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt. " 
A significant body of academic research and opinion exists regarding the costs and benefits of SOX, with significant differences in conclusions. This is due in part to the difficulty of isolating the impact of SOX from other variables affecting the stock market and corporate earnings.  Conclusions from several of these studies and related criticism are summarized below:
Some have asserted that Sarbanes-Oxley legislation has helped displace business from New York to London, where the Financial Services Authority regulates the financial sector with a lighter touch. The Financial Services Authority ( "FSA") is an independent non-governmental body Quasi-judicial body and a company limited by guarantee that regulates In the UK, the non-statutory Combined Code of Corporate Governance plays a somewhat similar role to SOX. However, a greater amount of resources are dedicated to enforcement of securities laws in the UK than in the US—see Howell E. Jackson & Mark J. Roe, “Public Enforcement of Securities Laws: Preliminary Evidence,” (Working Paper January 16, 2007). The Alternative Investment Market claims that its spectacular growth in listings almost entirely coincided with the Sarbanes Oxley legislation. The Alternative Investment Market (AIM is a sub-market of the London Stock Exchange, allowing smaller companies to float shares with a In December 2006 Michael Bloomberg, New York's mayor, and Charles Schumer, a U. Michael Rubens Bloomberg (born February 14, 1942) is an American businessman and the Mayor of New York City. Charles Ellis "Chuck" Schumer (born November 23, 1950) is the senior U S. senator, expressed their concern. 
The Sarbanes-Oxley Act's effect on Non-US companies cross-listed in the US is different on firms from developed and well regulated countries than on firms from less developed countries according to Kate Litvak. The term developed country, or advanced country, is used to categorize countries with developed Economies in which the tertiary and quaternary sectors  Companies from badly regulated countries benefit from better credit ratings by complying to regulations in a highly regulated country (USA) that is higher than the cost, but companies from developed countries only incur the cost, since transparency is adequate in their home countries as well. On the other hand, the benefit of better credit rating also comes with listing on other stock exchanges such as the London Stock Exchange. The London Stock Exchange or LSE is a Stock exchange located in London, England.
Under Sarbanes-Oxley, two separate certification sections came into effect—one civil and the other criminal. Title 15 of the United States Code outlines the role of the commerce and trade in the United States Code. Title 18 of the United States Code is the Criminal and Penal code of the Federal government of the United States.(Section 302) (civil provision); (Section 906) (criminal provision).
Section 302 of the Act mandates a set of internal procedures designed to ensure accurate financial disclosure. The signing officers must certify that they are “responsible for establishing and maintaining internal controls” and “have designed such internal controls to ensure that material information relating to the company and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared. Generally a company is a form of Business organization. The precise definition varies A subsidiary, in business matters is an entity that is controlled by a bigger and more powerful entity ” . Title 15 of the United States Code outlines the role of the commerce and trade in the United States Code. The officers must “have evaluated the effectiveness of the company’s internal controls as of a date within 90 days prior to the report” and “have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date. Generally a company is a form of Business organization. The precise definition varies ” Id. .
Under both Section 302 and Section 404, Congress directed the SEC to promulgate regulations enforcing these provisions. (See Final Rule: Management’s Report on Internal Control Over Financial Reporting and Certification of Disclosure in Exchange Act Periodic Reports, Release No. 33-8238 (June 5,2003), available at http://www.sec.gov/rules/final/33-8238.htm. )
External auditors are required to issue an opinion on whether effective internal control over financial reporting was maintained in all material respects by management. This is in addition to the financial statement opinion regarding the accuracy of the financial statements. The requirement to issue a third opinion regarding management's assessment was removed in 2007.
The most contentious aspect of SOX is Section 404, which requires management and the external auditor to report on the adequacy of the company's internal control over financial reporting (ICFR). This is the most costly aspect of the legislation for companies to implement, as documenting and testing important financial manual and automated controls requires enormous effort.
Under Section 404 of the Act, management is required to produce an “internal control report” as part of each annual Exchange Act report. See Title 15 of the United States Code outlines the role of the commerce and trade in the United States Code. The report must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting. ” . Title 15 of the United States Code outlines the role of the commerce and trade in the United States Code. The report must also “contain an assessment, as of the end of the most recent fiscal year of the Company, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting. Generally a company is a form of Business organization. The precise definition varies ” To do this, managers are generally adopting an internal control framework such as that described in COSO. Committee of Sponsoring Organizations of the Treadway Commission ( COSO) is a U.
Both management and the external auditor are responsible for performing their assessment in the context of a top-down risk assessment, which requires management to base both the scope of its assessment and evidence gathered on risk. In financial auditing of public companies in the United States, SOX 404 top-down risk assessment (TDRA is a financial Risk assessment performed In late 2006 a new audit standard was proposed by the PCAOB to help alleviate the significant costs of compliance and better focus the assessment on the most critical risk areas.
On July 25, 2007, the Public Company Accounting Oversight Board (PCAOB) approved Auditing Standard No. The Public Company Accounting Oversight Board (or PCAOB) (sometimes called " Peekaboo " is a private-sector non-profit corporation created by the The most general definition of an audit is an evaluation of a person organization system process project or product 5  (AS5), which superseded Auditing Standard No 2. (AS2), and has the following key requirements for the external auditor:
The recently released SEC guidance  is generally consistent with the PCAOB's guidance above, only intended for management.
After the release of this guidance, the SEC required smaller public companies to comply with SOX Section 404, companies with year ends after December 15, 2007. Smaller public companies performing their first management assessment under Sarbanes-Oxley Section 404 may find their first year of compliance after December 15, 2007 particularly challenging.
The cost of complying with SOX 404 impacts smaller companies disproportionately, as there is a significant fixed cost involved in completing the assessment. For example, during 2004 U. S. companies with revenues exceeding $5 billion spent . 06% of revenue on SOX compliance, while companies with less than $100 million in revenue spent 2. 55%. 
This disparity is a focal point of 2007 SEC and U. S. Senate action.  The PCAOB intends to issue further guidance to help companies scale their assessment based on company size and complexity during 2007. The SEC issued their guidance to management in June, 2007. 
After the SEC and PCAOB issued their guidance, the SEC required smaller public companies (non-accelerated filers) with fiscal years ending after December 15, 2007 to document a Management Assessment of their Internal Controls over Financial Reporting (ICFR). Outside auditors of non-accelerated filers however opine or test internal controls under PCAOB (Public Company Accounting Oversight Board) Auditing Standards for years ending after December 15, 2008. Another extension was granted by the SEC for the outside auditor assessment until years ending after December 15, 2009. The reason for the timing disparity was to address the House Committee on Small Business concern that the cost of complying with Section 404 of the Sarbanes-Oxley Act of 2002 was still unknown and could therefore be disproportionately high for smaller publicly held companies. 
The financial reporting processes of many companies depend to some extent on IT systems. Therefore, Information technology controls that specifically address financial risks may be within the scope of a SOX 404 assessment. In Business and Accounting, Information technology controls (or IT controls) are specific activities performed by persons or systems designed to ensure Chief information officers are typically responsible for the IT organization and IT personnel may be directly involved in SOX compliance efforts. The chief information officer ( CIO) is a job title for the board level head of Information technology within an organization
The SOX 404 guidance requires the usage of an internal control framework, such as the COSO framework. Committee of Sponsoring Organizations of the Treadway Commission ( COSO) is a U The IT Governance Institute's "COBIT: Control Objectives of Information and Related Technology" is also used by many companies as a framework supporting IT SOX 404 efforts. The Control Objectives for Information and related Technology ( COBIT) is a set of best practices (framework for Information technology (IT management created by However, there are certain aspects of COBIT that are outside the boundaries of Sarbanes-Oxley regulation. IT application controls (i. e. , transaction processing controls) that address specific material misstatement risks are a critical part of the SOX 404 assessment. However, the extent of SOX testing to perform related to IT General Controls (ITGC) has been a topic of contention.  By its nature, ITGC has an indirect effect on financial statements. The 2007 SEC guidance states: ". . . management only needs to evaluate those ITGC that are necessary for the proper and consistent operation of other controls designed to adequately address financial reporting risks. " ITGC efforts will likely be carefully scrutinized in light of the new guidance, which encourages focus on the most critical financial risks.
Section 802(a) of the SOX,states:
|“||Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both. Title 18 of the United States Code is the Criminal and Penal code of the Federal government of the United States.||”|
Section 1107 of the SOX states:
|“||Whoever knowingly, with the intent to retaliate, takes any action harmful to any person, including interference with the lawful employment or livelihood of any person, for providing to a law enforcement officer any truthful information relating to the commission or possible commission of any federal offence, shall be fined under this title, imprisoned not more than 10 years, or both. Title 18 of the United States Code is the Criminal and Penal code of the Federal government of the United States.||”|
Detractors such as Congressman Ron Paul contend that SOX was an unnecessary and costly government intrusion into corporate management that places U. S. corporations at a competitive disadvantage with foreign firms, driving businesses out of the United States. In an April 14, 2005 speech before the U. Events 43 BC - Battle of Forum Gallorum: Mark Antony, besieging Julius Caesar 's assassin Decimus Junius Brutus in Year 2005 ( MMV) was a Common year starting on Saturday (link displays full calendar of the Gregorian calendar. S. House of Representatives, Paul stated, "These regulations are damaging American capital markets by providing an incentive for small US firms and foreign firms to deregister from US stock exchanges. According to a study by the Wharton Business School, the number of American companies deregistering from public stock exchanges nearly tripled during the year after Sarbanes-Oxley became law, while the New York Stock Exchange had only 10 new foreign listings in all of 2004. The reluctance of small businesses and foreign firms to register on American stock exchanges is easily understood when one considers the costs Sarbanes-Oxley imposes on businesses. According to a survey by Korn/Ferry International, Sarbanes-Oxley cost Fortune 500 companies an average of $5. 1 million in compliance expenses in 2004, while a study by the law firm of Foley and Lardner found the Act increased costs associated with being a publicly held company by 130 percent. " 
John C. Dvorak, well-known technology and computing journalist and broadcaster asserts that the Sarbanes-Oxley has stifled creativity in technology firms and will cause a downturn in that sector. John Charles Dvorak (born 1952 in Los Angeles, California) is an American Columnist and broadcaster in the areas of Technology  A 2005 poll by the oldest independent IBM user group, SHARE, found that "IBM users expect compliance with the Sarbanes-Oxley rules governing U. SHARE Inc is a volunteer-run user group for IBM Mainframe computers that was founded in 1955 by Los Angeles-area IBM 701 users S. public companies to prove to be the least effective or the most wasteful use of their IT resources. "