The Sarbanes-Oxley Act of also known as the Public Company Accounting Reform and Investor Protection Act and commonly called Sarbanes-Oxley, or SOX, is a United States federal law enacted on July 30, 2002, as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom (Anastasi, 2003).
Implementation of the Sarbanes-Oxley Act of 2002
Sarbanes-Oxley impacts on forensic financial analysts activities as well as security policy within public companies, specifically related to develop record keeping and destruction of electronic records policies in relation to collection and maintenance of relevant evidence (Lee, 2005).It describes specific criminal penalties for manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistle-blowers.
Forensic investigations by corporate staff are increasingly commonplace as companies try to handle non-criminal matters internally to avoid negative publicity or lawsuits. In the corporate environment, financial forensics can include multiple types of incidents, including those that are not considered to be within corporate policies, employee abuse, and those that can be defined as criminal activities (Bassett ,2006).
Regulatory developments such as the Sarbanes-Oxley Act of 2002 (also known as the Public Company Accounting Reform and Investor Protection Act of 2002) force companies to create plans and policies to prevent and investigate a variety of types of fraud.
Sarbanes-Oxley specifically targets publicly traded corporations (not privately held companies) to prevent and prosecute fraud. In order to maintain compliance with the intent of Sarbanes-Oxley, companies should need to develop internal security policies that not only deter computer-related crime, but also include strategies that align with the guidelines of federal laws. IT managers and board members who must understand the forensic impact of Sarbanes-Oxley in order to develop responsible internal governance policies are part of the targeted audience (Anastasi, 2003).
The field of financial forensics has expanded beyond the settings of government and law enforcement and is now finding a place in the corporate world.
Internal investigations in publicly traded companies are heavily scrutinized in the wake of numerous fraud cases in recent years. These crimes, under the regulation of the federal government, should warrant immediate response in order to comply with Sarbanes-Oxley. Sarbanes-Oxley underscores the importance of speed in investigations and sets punishments for not reporting of incidents in a timely manner. In order be in a position to timely report incidents, a company must rapidly respond to financial related activities that can have a profound financial effect on the company.
The Sarbanes-Oxley Act establishes a set of requirements for financial systems, to deter fraud and increase corporate accountability. The legislation set new or enhanced standards for all U.S. public company boards, management and public accounting firms. It does not apply to privately held companies. The act contains 11 titles, or sections, ranging from additional corporate board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new ...