After a prolonged period of corporate scandals in the United States from 2000 to 2002, the Sarbanes-Oxley Act (SOX) was enacted in July 2002 to restore investors' confidence in the financial markets and close loopholes that allowed public companies to defraud investors. The act had a profound effect on corporate governance in the U.S. The Sarbanes-Oxley Act requires public companies to strengthen audit committees, perform internal controls tests, make directors and officers personally liable for accuracy of financial statements, and strengthen disclosure. The Sarbanes-Oxley Act also establishes stricter criminal penalties for securities fraud and changes how public accounting firms operate.

What Does The Sarbanes-Oxley Act Do?

One direct effect of the Sarbanes-Oxley Act on corporate governance is the strengthening of public companies' audit committees. The audit committee receives wide leverage in overseeing the top management's accounting decisions. The audit committee members must be independent of management, and gain new responsibilities such as approving numerous audit and non-audit services, selecting and overseeing external auditors, and handling complaints regarding the management's accounting practices.

The Sarbanes-Oxley Act changes management's responsibility for financial reporting significantly. The act requires that top managers personally certify the accuracy of financial reports. If a top manager knowingly or willfully makes a false certification, he can face 10 to 20 years in prison. If the company is forced to make a required accounting restatement due to management's misconduct, top managers can be required to give up their bonuses or profits made from selling the company's stock. If the director or officer is convicted of a securities law violation, he can be prohibited from serving in the same role at the public company.

The Sarbanes-Oxley Act significantly strengthens the disclosure requirement. Public companies are required to disclose any material off-balance sheet arrangements, such as operating leases and special purposes entities. The company is also required to disclose any pro forma statements and how they would look under the generally accepted accounting principles (GAAP). Insiders must report their stock transactions to the Securities and Exchange Commission (SEC) within two business days as well.

The Sarbanes-Oxley Act imposes harsher punishment for obstructing justice and securities fraud, mail fraud and wire fraud. The maximum sentence term for securities fraud has increased to 25 years, and the maximum prison time for obstruction of justice to 20 years. The act increased the maximum penalties for mail and wire fraud from five to 20 years of prison time. Also, the Sarbanes-Oxley Act significantly increases fines for public companies committing the same offense.

The costliest part of the Sarbanes-Oxley Act is Section 404, which requires public companies to perform extensive internal control tests and include an internal control report with their annual audits. Testing and documenting manual and automated controls in financial reporting requires enormous effort and involvement of not only external accountants, but also experienced IT personnel. The compliance cost is especially burdensome for companies that heavily rely on manual controls. The Sarbanes-Oxley Act has encouraged companies to make their financial reporting more efficient, centralized and automated. Even so, some critics feel all these control makes the Act expensive to comply with, distracting personnel from the core business and discouraging growth (see How The Sarbanes-Oxley Era Affected IPOs).

Finally, the Sarbanes-Oxley Act established the Public Company Accounting Oversight Board, which promulgates standards for public accountants, limits their conflicts of interest and requires lead audit partner rotation every five years for the same public company.