Chief Financial Officers and Controllers should be familiar with the Sarbanes-Oxley Act of 2002. After some highly-publicized financial scandals, Congress passed new regulations that imposed stricter record-keeping requirements and other regulatory policies on companies. Individuals that fail to comply with the regulatory requirements for their businesses are at risk of prison time.

Controllers who wish to stay on the right side of the law should be familiar with the requirements and provisions of this act. In this post, we’ll highlight the most critical points, while also highlighting the implications that the Sarbanes-Oxley Act may have for your business.

What is the Sarbanes-Oxley Act?

The Securities and Exchange Commission (SEC) had previously established laws governing the regulation of securities, such as the Securities Exchange Act of 1934. But the Sarbanes-Oxley Act introduced sweeping revisions of these previous policies in four critical areas:

  • Corporate accountability
  • Increased criminal penalties for violators
  • Increased accounting regulation
  • New protections for investors

These shifts reflect a culture of greater transparency in which corporate conscience plays a larger role than simply enhancing the bottom line. Few could argue with the wisdom of this paradigm shift, though understanding the broader implications of this act will require greater familiarity with the act itself.

Implications of the Sarbanes-Oxley Act

Controllers should be familiar with three specific sections of the Sarbanes-Oxley Act: Section 302, Section 404, and Section 802.

Section 302

This section requires financial officers to personally certify that the financial statements of the business meet the SEC’s disclosure requirements. This means that financial officers and controllers will be held personally responsible for the accuracy and the transparency of the information contained within the company’s financial statements. 

This also means that these individuals can be penalized for omitting critical information or distorting their company’s financial performance. Violators could even face jail time for failing to comply.

Section 404

Section 404 establishes stringent internal controls and reporting methods. This may require reliance on forensic accounting practices to ensure that financial data is reported consistently and adequately, with audit systems and other safeguards in place to maintain compliance.

Admittedly, this does have a negative impact on companies who struggle to afford the costs associated with this additional layer of protection.

Section 802

Section 802 has three specific rules that impact corporate bookkeeping practices:

  • The first rule prevents the destruction and falsification of financial records
  • The second rule defines specific retention periods for record storage
  • The third rule defines the business records that companies need to maintain

These rules also apply to electronically stored financial records, a detail that is particularly important in today’s digital age.

Forensic accounting methods can be employed to ensure that a corporation complies with these increased regulations. Again, penalties can be swift and severe.

Controllers and the Sarbanes-Oxley Act

A great deal of responsibility falls on the shoulders of controllers and other senior financial officers of a business. Given the severity of these penalties, many controllers may want to find ways to stay above board—and out of prison.

One of the surest ways that controllers can ensure compliance is through the creation of compliance departments and compliance officers. These individuals can apply the latest forensic accounting techniques and other auditing systems to ensure that a company is in full legal compliance with this recent act. 

Not only can compliance departments identify areas in which a company may be in violation of regulations, but they can also uncover areas in which the company may be at greatest risk for future concerns.

Controllers as Corporate Trainers

Just because controllers bear the brunt of the responsibilities of this act doesn’t mean they bear it alone. Controllers can ensure company-wide compliance by holding training sessions and distributing data on reporting requirements, keeping the whole company abreast of the company’s legal obligations. Some divisions may even be able to perform their own audits, offering a preliminary check-up to assess the company’s overall health and legal standing.

The Sarbanes-Oxley Act and New Frontiers in Forensic Accounting

The Sarbanes-Oxley Act also opens new frontiers for those interested in forensic accounting. Given the specialized nature of these regulations, compliance can be ensured through careful, methodical analysis, the kind typically associated with forensic investigators and other professionals. 

This doesn’t always mean that a crime has been committed by a company, since forensic accounting can also be a method to ensure strict adherence to legal guidelines.

How Controllers Can Ensure Investor Confidence

The Sarbanes-Oxley Act also means that controllers have a role in protecting investors, along with the general public. The act ensures a greater level of financial transparency while also protecting the sensitive electronic data of their customers. 

In an age in which identity theft and cybersecurity are of paramount importance, adherence to these regulations is perhaps more important than ever before.

Controllers and the Future of Corporate Responsibility

While online financial services are hardly a novelty, their increasing dominance means that controllers can expect government regulations to continue to evolve. This also means that controllers should be prepared to adapt to new regulations, as well as changes in old ones. 

In the end, the flexibility of your financial officers only underscores the fact that your company’s greatest strength will always be in its people.

Looking to learn more the Sarbanes-Oxley Act? Controllers Council is a national community and platform of Controllers, Accounting and Finance professionals focused on accounting best practices, information and resources, recognition and networking. Membership has many features and benefits to propel your career and expertise, and to be an active participant in our exciting community. Discuss topics like the Sarbanes-Oxley Act and more in our forum. Become a member today.

Additional Resources

Legal Compliance Requirements for Corporate Finance

The New Certified B Corporation Explained

Looking at the Regulatory Plans for 2021

Virtual Roundtable: Controlling Employee Expenses with a Small but Mighty TeamWebinar Tuesday, September 28

Join the Controllers Council as Ram Bartov, Corporate Controller of TripActions (formerly Corporate Controller at Snowflake), reveals how small but high-performing finance teams today are embracing automated expense management technology to gain a better line of sight, control, and real-time reporting. Ram will moderate a “virtual roundtable” of Controllers and CFOs to be announced.