Chapter Twenty-One

Implementing Sarbanes-Oxley

THE SARBANES-OXLEY ACT (SOX) was enacted on July 30, 2002, in the wake of a raft of notorious corporate scandals—including Enron, Tyco, and WorldCom—as well as the dissolution of Arthur Andersen.

The enactment of SOX has resulted in profound changes in the priorities for CFOs and their financial organizations, as well as the nature of their interactions with boards of directors—especially audit committees—and external auditors. It also has caused significant changes in the financial organization's procedures.


The main provisions of SOX—which apply to public, but not private companies—include:

  • Accounting Oversight: Establishes the Public Company Accounting Oversight Board, which provides independent oversight of public accounting firms.
  • Auditor Independence: Sets forth standards for limiting conflicts of interest with external auditors.
  • Certifications: Requires that a company's CEO and CFO certify the quarterly and annual financial statements.
  • Financial Reporting Controls: Imposes new testing and reporting requirements concerning the adequacy of a company's financial controls.
  • Disclosures: Stipulates increased disclosures such as off-balance-sheet transactions, material contracts, and insider transactions.
  • Analyst Conflicts: Defines codes of conduct for securities analysts, including disclosures of conflicts of interest.
  • Whistleblower Communications and Protections: Mandates whistleblower hot lines, establishes ...

Get The Essential CFO: A Corporate Finance Playbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.