SOX Compliance

Is your company regulated by SOX Compliance Requirements?
Are you under a deadline to meet these compliance requirements?
Are you uncertain what to do?  — No problem. 

WE CAN HELP YOU. WE ARE COMPLIANCE EXPERTS.

We assist clients in meeting many regulatory compliance standards, including but not limited to SOX, PCI DSS, PCI- PA-DSS, PCI- PIN- Transaction Security, HIPAA, FISMA, GLBA, SAS 70, FDA, NIST, and ISO 17799 Security Standards, and recommend guidelines to meet client-specific security requirements in a timely manner.

Our security professionals and IT Auditors can help your organization to plan, develop, deploy, and integrate all the necessary security protocols, controls, and check points, and key business processes, procedures, and best practices required to reduce, control, transfer, and eliminate all potential security threats and vulnerabilities and keep your business operations in compliance.

We can be the Internal Auditor or Third-Party Auditor that validates your specific security requirements. Our certified, qualified, and experienced IT Auditors can assess your organization to evaluate its security posture and provide an unbiased Attestation and Certification letter, along with an IT Audit Summary Report, to comply with specific regulatory standards.

As our IT Auditors are certified, accredited, and recognized by ISACA, an audit governing body, our audit reports are recognized and accepted by most governmental and international agencies.

What is SOX Compliance? 

The Sarbanes Oxley Act of 2002 (Pub.L. 107-204), enacted July 30, 2002, also known as the “Public Company Accounting Reform and Investor Protection Act” (in the Senate) and “Corporate and Auditing Accountability and Responsibility Act” (in the House) and commonly called Sarbanes Oxley, Sarbox, or SOX, is a United States federal law enacted on July 30, 2002, which set new or enhanced standards for all U.S. public company boards, management, and public accounting firms. It is named after sponsors U.S. Senator Paul Sarbanes (D-MD) and U.S. Representative Michael G. Oxley (R-OH).

The bill was enacted as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation's securities markets.

Sarbanes–Oxley contains 11 titles that describe specific mandates and requirements for financial reporting. Each title consists of several sections, summarized below.

1. Public Company Accounting Oversight Board (PCAOB)

Title I consists of nine sections and establishes the Public Company Accounting Oversight Board, to provide independent oversight of public accounting firms providing audit services (“auditors”). It also creates a central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX.

2. Auditor Independence

Title II consists of nine sections and establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation, and auditor reporting requirements. It restricts auditing companies from providing non-audit services (e.g., consulting) for the same clients.

3. Corporate Responsibility

Title III consists of eight sections and mandates that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports. It defines the interaction of external auditors and corporate audit committees, and specifies the responsibility of corporate officers for the accuracy and validity of corporate financial reports. It enumerates specific limits on the behaviors of corporate officers and describes specific forfeitures of benefits and civil penalties for non-compliance. For example, Section 302 requires that the company’s “principal officers” (typically the Chief Executive Officer and Chief Financial Officer) certify and approve the integrity of their company financial reports quarterly. [3]

4. Enhanced Financial Disclosures

Title IV consists of nine sections. It describes enhanced reporting requirements for financial transactions, including off-balance-sheet transactions, pro-forma figures, and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures, and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports.

5. Analyst Conflicts of Interest

Title V consists of only one section, which includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest.

6. Commission Resources and Authority

Title VI consists of four sections and defines practices to restore investor confidence in securities analysts. It also defines the SEC’s authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, advisor, or dealer.

7. Studies and Reports

Title VII consists of five sections and requires the Comptroller General and the SEC to perform various studies and report their findings. Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations and enforcement actions, and whether investment banks assisted Enron, Global Crossing, and others to manipulate earnings and obfuscate true financial conditions.

8. Corporate and Criminal Fraud Accountability

Title VIII consists of seven sections and is also referred to as the “Corporate and Criminal Fraud Act of 2002”. It describes specific criminal penalties for manipulation, destruction, or alteration of financial records or other interference with investigations, while providing certain protections for whistle-blowers.

9. White Collar Crime Penalty Enhancement

Title IX consists of six sections. This section is also called the “White Collar Crime Penalty Enhancement Act of 2002”. This section increases the criminal penalties associated with white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense.

10. Corporate Tax Returns

Title X consists of one section. Section 1001 states that the Chief Executive Officer should sign the company tax return.

11. Corporate Fraud Accountability

Title XI consists of seven sections. Section 1101 recommends a name for this title as “Corporate Fraud Accountability Act of 2002”. It identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties. This enables the SEC the resort to temporarily freeze transactions or payments that have been deemed “large” or “unusual”.