Sarbanes-Oxley Accounting Reform Legislation Signed into Law
High-profile business failures culminating in a media fixation on Enron called into question the effectiveness of the profession's self-regulatory process as well as the effectiveness of the audit to uphold the public trust in the capital markets. Legislation to address shortcomings in financial reporting was progressing in Congress and the sudden revelation and collapse of WorldCom guaranteed swift congressional action. President Bush on July 30 signed into law the Sarbanes-Oxley Act of 2002, the most significant legislation affecting the accounting profession since 1933.
Developing meaningful reforms that protect the public interest and restore confidence in the accounting profession has been our primary focus these past few months. We labored long and hard to communicate to the media, the public and to CPAs that we will not tolerate any AICPA member who performs substandard work and veers away from the fundamental code of ethics and responsibilities that have defined the CPA profession for more than 100 years. Our profession's core values always have been and will be: integrity, competence and objectivity. In the end, the new legislation does reflect both our influence in measures that distinguish between auditors of publicly traded companies and those of private entities as well as our goals to strengthen the capital market system and increase investor confidence.
However, it also brings uncharted waters for the CPA profession, particularly in the areas of standard setting and quality review. The AICPA has been studying these changes and has initiated efforts to help members navigate this complex situation. This article is designed to spell out some of the more significant provisions for the profession and provide an overview of resources to help you understand the changes and their impact.
Summary of Sarbanes-Oxley Act of 2002
The Sarbanes-Oxley Act (Public Law 107-204) impacts not just the large accounting firms, but any CPA actively working as an auditor of, or for, a publicly traded company or any CPA working in the financial management area of a public company. Essentially, the Act creates a five-member Public Company Accounting Oversight Board (PCAOB), which has the authority to set and enforce auditing, attestation, quality control and ethics (including independence) standards for auditors of public companies. It also is empowered to inspect the auditing operations of public accounting firms that audit public companies as well as impose disciplinary and remedial sanctions for violations of the board's rules, securities laws and professional auditing and accounting standards.
Other provisions affecting the profession include requiring the rotation of the lead audit partner and reviewing audit partner every five years, and extending the statute of limitations for the discovery of fraud to two years from the date of discovery and five years after the act (previously one year and three, respectively). The law restricts the consulting work public company auditors can perform for their publicly traded audit clients and establishes harsh penalties for securities law violations, corporate fraud and document shredding.
The ramifications of some of the provisions in the Act will become known only as the Securities and Exchange Commission and the new PCAOB begin implementing the legislation.
This section provides a summary of some of the more significant provisions affecting CPAs. It is not a comprehensive analysis of all the changes to occur.
Among other things, the provisions of the new law dramatically affect consulting services, CPAs with tax practices and CPAs in business and industry – and could lead to a “cascade effect” whereby other regulatory bodies or agencies adopt the rules resulting in additional burdens for CPAs and their non-public company clients.
With regard to consulting services, the Act lists eight types of services that are “unlawful” if provided to a publicly held company by its auditor: bookkeeping, information systems design and implementation, appraisals or valuation services, actuarial services, internal audits, management and human resources services, broker/dealer and investment banking services, and legal or expert services related to audit services. It also has one catch-all category authorizing the board to determine by regulation any service it wishes to prohibit for auditors of publicly held companies. Other non-audit services – including tax services – require pre-approval by the audit committee. Pre-approved non-audit services must be disclosed to investors in periodic reports.
Since “expert” services are not defined in the Act, and it is not clear how broadly the board or SEC will define this term, it is possible that some tax services the profession views as traditional may be construed as “expert,” and therefore might not be permitted by any firm providing audit services to publicly held audit clients. The AICPA will work with the board or SEC to help them understand the importance of audit firms being able to provide tax services for publicly held audit clients.
On the business and industry side, CPAs working in financial management areas of public companies will need to be aware of the new responsibilities of chief executive officers and chief financial officers, who are now required to certify their company's financial statements. They also have a greater duty to communicate and coordinate with corporate audit committees who are now responsible for hiring, compensating and overseeing the independent auditors. There are new requirements regarding enhanced financial disclosures as well.