Regulations have been a part of the corporate world for long, but, perhaps the emphasis on compliance has never been as great as today. The severe penalties that could be levied to the top management, including board members, and the organization as a whole have made regulatory compliance a top corporate priority.
The main aim of regulatory compliance is to ensure transparency, accuracy, and accountability in the financial information maintained by companies.The Sarbanes-Oxley Act in the U.S, and the International Accounting Standards Board (IASB) in Europe and the Asia-Pacific region are the main drivers of corporate regulatory compliance. There are many other regulations and legislations governing regulatory compliance for specific accounting entities, such as Governmental Funds and Financial Services.
The benefits of compliance are threefold. First, by providing transparency to financial and operational aspects, the companies develop trust among their stakeholders, including shareholders, suppliers, and customers, and regulatory authorities. Second, the companies show that they are meeting their legal requirements. Third, and perhaps the most important benefit to the companies themselves, is that by adopting regulatory compliance, the companies strengthen their operational controls and performance standards.
Let us have a look at the main compliance provisions of Sarbanes-Oxley Act—by far the most important set of regulations affecting U.S. companies. Section 302 of the act mandates the companies to design a set of internal procedures to ensure accurate financial disclosure. It also makes the officers signing the financial information responsible for establishing and maintaining internal controls. The officers must also evaluate the effectiveness of the company’s internal controls and report their conclusions. This essentially translates into the CEO and CFO of the company certifying that they have reviewed the financial reports and that the reports ‘fairly represent’ the company’s financial position. This makes the top management of the companies responsible for the accuracy of financial information. Failure to perform this responsibility could lead to legal penalties and risk to reputation of the management personnel.
Section 404 of the act states that each annual report must include an “internal control report.” The report should affirm the responsibility of the management for establishing and maintaining an adequate internal control structure and procedures for financial reporting. The report should also contain an assessment of the effectiveness of the internal control structure and financial reporting procedures certified by external auditors.
Section 409 of the act presses for real-time issues disclosures. The issuers are required to disclose material changes in the financial and operational condition of the company to the public on a current basis. The act warrants that these disclosures be in simple English and may include trends and qualitative information. Some examples of material changes include end of a business relationship with a significant customer, a change in a rating agency’s assessment, or a large restructuring charge.
Besides these three main sections, there are numerous others, such as establishing a public company accounting oversight board, and ensuring auditor independence and corporate responsibility.However, over the years companies have found these three sections most difficult in terms of compliance. This is partially because of the high costs of implementation for complying with these sections. However, as companies migrate more to IT based systems and procedures evolve, even smaller companies are starting to adopt the Sarbanes-Oxley Act in totality.