1 Sarbanes-Oxley Overview. 2 Sarbanes-Oxley Act Summary The Sarbanes-Oxley Act of 2002 §201Prohibited Non-Audit Services §202Audit Committee Pre-Approval.

Slides:



Advertisements
Similar presentations
Building on Our Core Values Building on Our Core Values © 2003 by the AICPA The Sarbanes-Oxley Act.
Advertisements

© 2007 PROSKAUER ROSE LLP® SARBANES-OXLEY ACT OF 2002 Presented by: Julie M. Allen
Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
1 4 th session: Corporate Governance – Sarbanes Oxley Performance Evaluation IMSc in Business Administration October-November 2009.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Certifying the Accuracy of SEC Filings and Update on the Sarbanes-Oxley Act of 2002, NYSE and Nasdaq Proposals.
Sarbanes-Oxley Act of Benefits of Act Three quarters of the financial executives in the Oversight Systems survey said that their company had realized.
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
1 Introduction of Panel Members Sarbanes-Oxley Section 404 Overview Insert Worlds Image / Client Specific Image Here Scott Henderson
1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
Fraud and SOX Compliance McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Sarbanes Oxley Act. WHY? Public Company Accounting Reform and Investor Protection Act of 2002 Response to a number of major corporate and accounting scandals.
Sarbanes-Oxley Compliance Process Automation
COMPLIANCE & SOX.
CAACM Pre-conference Training Audit Committee Fundamentals – Internal Controls 23 June 2008.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Sarbanes-Oxley Act of 2002 Ernesto G. Rodriguez EC 521 Winter 2007.
Sarbanes Oxley Act. WHY? Public Company Accounting Reform and Investor Protection Act of 2002 Public Company Accounting Reform and Investor Protection.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Nature of an Integrated Audit
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
® SOX Overview MTAC Meeting August 7, The Sarbanes-Oxley Act  Enacted in 2002 as a result of a series of large corporate financial scandals  Improves.
© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.
Internal Auditing and Outsourcing
Auditing Internal Control over Financial Reporting
Fall 2003 Auditing Update for Auditing and Assurance Services: An Integrated Approach.
June 10, 2003 T E RNST & Y OUNG PT E RNST & Y OUNG A DVISORY S ERVICES Sarbane Oxley 404 Workshop Hotel Arya Duta 28 February – 2 March 2005 Introduction.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
Chapter 5 Internal Control over Financial Reporting
BusinessAllstars.com 1 BusinessAllstars.com Presents Copyright © 2004 by Gainbridge Associates All right reserved This material may not be used or reproduced.
Summary of the Investor Protection, Auditor Reform, and Transparency Act of 2002 (Sarbanes-Oxley Act)
Signed into law on July 30, 2002 Response to highly publicized corporate scandals Provisions affect corporate governance, accounting, and auditing Purpose.
Scandals (in the public and private sector)  Enron  Worldcom  Livent  Nortel  HRDC  Sponsorship Scandal.
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
By: 1. Kenneth A. Kim John R. Nofsinger And 2. A. C. Fernando.
Sarbanes Oxley Act. The Sarbanes Oxley Act consists of 11 Sections I – Public Company Accounting Oversight Board II – Auditor independence III – Corporate.
By: 1. Kenneth A. Kim John R. Nofsinger And 2. A. C. Fernando.
1 A Common Sense Look at Sarbanes-Oxley Presentation to the MIT Auditing Committee of the Corporation June 8, 2003.
ACCOUNTING AND FINANCIAL RESPONSIBILITY IN STRATEGIC PLANNING By Charles D. Little, Ph.D.
Audit Committee Roles & Responsibilities Audit Committee July 20, 2004.
© The McGraw-Hill Companies, Inc., 2008 McGraw-Hill/Irwin Principles of Accounting (Accounting 1 for BBA - Undergraduate) SBS Victor Yerris, PhD
Building on Our Core Values Building on Our Core Values The Sarbanes-Oxley Act Public Law (JFZ edited)
Casualty Loss Reserve Seminar General Session II September 9, 2003 Section 302/404 of Sarbanes-Oxley Act What Actuaries Need to Know Jan A. Lommele, FCAS,
WorldCom This fraud occurred in a major public company and went undetected for 3-4 years. How could this occur? Why did this occur? Was Betty Vinson a.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 2-1 Chapter Two The Financial Statement Auditing Environment.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
18-1 Copyright © 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
OVERVIEW OF SOX. CORPORATE RESPONSIBILITY FOR FINANCIAL REPORTS Principal executive and financial officers are responsible for designing, establishing.
Sarbanes Oxley Act. General Provisions of SOX To make rules governing audits of public companies To make rules governing audits of public companies To.
BusinessAllstars.com 1 Sarbanes-Oxley Act of 2002 BusinessAllstarsPresents Copyright © 2004 by Gainbridge Associates All right reserved This material may.
Building on Our Core Values Building on Our Core Values © 2003 by the AICPA The Sarbanes-Oxley Act.
The Sarbanes-Oxley Act of Overview of the Sarbanes-Oxley Act of 2002 The Sarbanes-Oxley Act and the related SEC rule-making provide clarity and.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Sarbanes-Oxley: Its effect on the accounting profession Signed into law on July 30, 2002 Response to highly publicized corporate scandals Provisions affect.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
Impact On Government Contractors
Summary of the Investor Protection, Auditor Reform, and Transparency Act of 2002 (Sarbanes-Oxley Act)
The Financial Statement Auditing Environment
The Sarbanes-Oxley Act
Fraud & Internal Control
Dr. Donald K. McConnell Jr.
Dr. Donald K. McConnell Jr.
Dr. Donald K. McConnell Jr.
Sarbanes-Oxley Act of 2002 Presentation to
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

1 Sarbanes-Oxley Overview

2 Sarbanes-Oxley Act Summary The Sarbanes-Oxley Act of 2002 §201Prohibited Non-Audit Services §202Audit Committee Pre-Approval §203Audit Partner Rotation §204Auditor Reports to Audit Committee §206Auditor Conflicts of Interest §301Independent Audit Committee §302Certification of Periodic Reports §303Improper Influence on Conduct of Audits §306Pension Fund Black-Out Restrictions §307Conduct of Attorneys §401Disclosure of Off-Balance Sheet Transactions §401Disclosure of Pro-Forma Financial Information §401Disclosure Material Correcting Adjustments §402Prohibition on Loans to Directors and Executives §403Insider Transactions – 2 Day Reporting §404 Management Report on Internal Controls §406 Code of Ethics Disclosure for Financial Officers §407 Financial Expert Disclosure Requirements §409Real-Time Disclosure §806, 1107Employee Whistleblower Protection §906Criminal Certification of Periodic Reports VIII, IX, XIFraud Accountability, White-Collar Penalty

3 Sarbanes-Oxley Background  US Congress approval Jan23’02.  Enacted July 30’02  Underline objective of protecting investor & improve accuracy & reliability of corporate disclosures New standards for corporate accountability and penalties for wrong doing  Applies primarily to companies filing annual reports with the SEC  US Congress approval Jan23’02.  Enacted July 30’02  Underline objective of protecting investor & improve accuracy & reliability of corporate disclosures New standards for corporate accountability and penalties for wrong doing  Applies primarily to companies filing annual reports with the SEC Major Provisions  Creates new Public Company Accounting Oversight Board (PCAOB) for external auditors. (Section , ).  Expands reporting requirements & accountabilities- requires CEO & CFO attestations / filing of internal control report with annual report. (Section 302).  Requires external auditors to attest to and report on management’s assessment in the internal controls report. (Section 404).  Makes audit committees and disclosure of a “financial expert” in audit committee. (Section 301 & 407).  Requires disclosures regarding code of ethics. (Section 406).  Increases civil and criminal penalties (Section ).  Creates new Public Company Accounting Oversight Board (PCAOB) for external auditors. (Section , ).  Expands reporting requirements & accountabilities- requires CEO & CFO attestations / filing of internal control report with annual report. (Section 302).  Requires external auditors to attest to and report on management’s assessment in the internal controls report. (Section 404).  Makes audit committees and disclosure of a “financial expert” in audit committee. (Section 301 & 407).  Requires disclosures regarding code of ethics. (Section 406).  Increases civil and criminal penalties (Section ). Bodies Governing the Act PCAOB & SEC Sarbanes-Oxley Improper Revenue booking Scams Xerox Qwest Off Balance Sheet Entity Improper Capitalization. Tyco Improper Capitalization Worldcom Enron Accounting Scandals LAW REGULATION

4 Sec 404 of this act establishes the following : Responsibility of management for establishing and maintaining adequate internal control structure and procedures over financial reporting Responsibility of management to disclose to shareholders the effectiveness of the internal control structure and procedures Documentation and testing Must include the following steps: Evaluate whether the control is preventive or detective Document that tests were planned and performed Disclose material weakness Identify the internal control framework used State that the external accounting firm has issued an attestation report External Auditor Opinion Opinion 1 : Management’s assessment of internal control over financial reporting Opinion 2 : Effectiveness of internal control over financial reporting Company Annual Report (On Form 10K) is filed Sec 404 of the Sarbanes Oxley Act

5 Key Impacts Co. Board of Directors & Senior Officers Corporate & Criminal Fraud Accountability Account owner (Financial Disclosures) Related to Audit Committees  Real time disclosures of Financial Statements as per US GAAP.  Internal control report duly attested by External Auditors included in 10K filings.  Disclosure of all off B/S transactions & Contractual obligations.  Adoption of code of ethics for senior finance officer.  Prohibition of credit or personal loan to director/CEO.  Certification of Financial Statements to be included in 10K and 10Q filings.  Potential Forfeiture of Bonuses & Profits due to Financial Statement Restatement.  Unlawful to exert improper influence upon an audit.  Disclosure in changes of securities ownerships of directors. DEFAULTDEFAULT  Appoint Financial Expert on the committee & disclose in 10K filings.  Members must be independent of the Company.  Directly responsible for Auditor appointment.  One year lag for hiring an audit team member in the board.  Disclose pre approvals for audit & non-audit services.  Establish compliant procedures for accounting & auditing matters.  Disclosures of fees paid to auditors in two fiscal years.

6 Sarbanes-Oxley Section 404 Approach

7 SOX Process flow Process Risk Control PreventiveDetective Highly Effective Ineffective Potential Significant deficiency Material weakness Key Compensating Action plan to mitigate risk Reported to Audit Committee Effective Reported to Shareholders No Control Operation GAP Design GAP

8 Preventive & Detective Controls Preventive Controls Preventive Controls Detect problems before they arise. Detect problems before they arise. Prevent an error, omission from occurring. Prevent an error, omission from occurring.Examples:- 1. Control access to physical facilities. 2. Use encryption software to prevent unauthorized disclosure of data. Detective Controls Detect and report the occurrence of an error, omission. Examples:- 1. Internal audit functions. 2. Review of activity logs to detect unauthorized access attempts.

9 Benefits of Internal Control Complies with Rules and Regulations. Complies with Rules and Regulations. Promotes reliability and integrity of Financial Reporting. Promotes reliability and integrity of Financial Reporting. Monitor Results. Monitor Results. Safeguard Assets. Safeguard Assets. Utilization of Resources Effectively and Efficiently. Utilization of Resources Effectively and Efficiently.

10 Approach to SOX  Identify processes that are SOX significant  Conduct Process Risk Self Assessment Step 1 PRSA Team works with Management to document and assess risks in their business PRSA Team works with Management to document and assess risks in their business Step 2 Controls for each significant risk are documented Controls for each significant risk are documented Step 3 Key controls are identified and test plans are developed and executed Key controls are identified and test plans are developed and executed Control Operator makes an assertion as to the effectiveness of each key control Control Operator makes an assertion as to the effectiveness of each key control Step 4 Action plans are developed for missing, poorly designed, or ineffective controls. Action plans are developed for missing, poorly designed, or ineffective controls. Step 5 Process owner certifies on the effectiveness of the collective controls Process owner certifies on the effectiveness of the collective controls Process owner certifies on the adequacy of internal controls of the process Process owner certifies on the adequacy of internal controls of the process

11 What is Process Risk Self Assessment What is PRSA? What is PRSA? A robust approach that supports on-going self assessment by process owners. A robust approach that supports on-going self assessment by process owners. A methodology for focusing on significant risks and key controls.. A methodology for focusing on significant risks and key controls.. PRSA will improve risk management and reduce loss, provide an automated single solution to meeting multiple regulatory requirements (Sarbanes-Oxley, Basle), strengthen customer relationships and improve shareholder value. PRSA will improve risk management and reduce loss, provide an automated single solution to meeting multiple regulatory requirements (Sarbanes-Oxley, Basle), strengthen customer relationships and improve shareholder value. Most importantly, PRSA provides senior leaders the evidence to support their internal control assessment/report. Most importantly, PRSA provides senior leaders the evidence to support their internal control assessment/report.

12 Implications of Control Effectiveness- Based on the results of Testing, the Control operator will assert the effectiveness of the control as follows: Highly Effective Effective Not Effective Applies to only fully automated controls. Applies to only fully automated controls. Efficient use of internal resources Efficient use of internal resources No exception in testing No exception in testing Applies to Other than fully automated controls. Applies to Other than fully automated controls. No exception in testing. No exception in testing. Insufficient documentation to support management’s certification. Insufficient documentation to support management’s certification. Exception detected in testing. Exception detected in testing.

13 Sox Roles & Responsibilities SOX Champion Serves as the liaison between the Process Owners and SOX 404 Project Office Process Owner Responsible for concluding whether or not their Process has effective internal controls over financial reporting Tester Executes the test plan, communicates the test results to Control operator/process owner SOX Project Office Supports the SOX effort through guidance documents, help etc. Internal Auditor Provides an objective assessment of the PRSA process External Auditor Gives an opinion on the effectiveness of management’s assessment of internal control over financial reporting