The impact of Sarbanes-Oxley Act on the Romanian companies
Author:
Liviu MIHĂILEANU, PwC
JEL:
DOI:
Keywords:
Sarbanes-Oxley Act, risk management, internal controls, SAS 70, outsourcing, spreadsheets internal controls
Abstract:
The Sarbanes-Oxley Act of 2002 („SOX” or „the Act”) is legislation enacted in response to Enron and WorldCom financial scandals to protect shareholders from accounting errors and fraudulent practices in the enterprise. The regulations have been established by the Securities and Exchange Commission (“SEC”) after two years of analyzing the opinions of all stakeholders. The author evaluates the benefits of the Sarbanes-Oxley Act for shareholders by studying the lobbying behaviour of investors and corporate insiders to affect the final implemented rules under the Act.\r\nRegulatory pressures have overshadowed the risk management function for the past few years with a high impact on Romanian companies as well. SOX compliance brings competitive benefits such as improved ability to prevent, quickly detect, correct, and escalate critical risk issues, reduced cost of risk management by improved sharing of risk information and integration of existing risk management functions and the ability to provide an assurance to the board and other stakeholders that the full range of risks is understood and managed.\r\nSOX compliance not only refers to financial side of corporations, but also to the IT departments considering the corporations` electronic records and access rights. The lack of controls over spreadsheets has been a contributing factor in financial reporting errors at a number of companies. In this article, the author offers examples to highlight the importance of understanding how spreadsheets are used in a company’s financial reporting process and evaluating the controls over spreadsheets as part of the company’s overall Section 404 process.\r\n