What is Sarbanes-Oxley Act (SOX)?

The Sarbanes-Oxley Act (SOX) is a federal act passed in 2002 with bipartisan congressional support to improve auditing and public disclosure in response to several accounting scandals in the early-2000s.
The act was named after the bill sponsors, Senator Paul Sarbanes and Representative Michael Oxley, and is also commonly referred to as SOX.
What is the History behind SOX?
In the early-2000s, accounting scandals at major firms shook financial markets, calling on Congress to increase investor protection. Enron was one of the major firms embroiled in such accounting scandals, as the firm’s stock price dropped from $90.75 at its peak in the fall of 2000 to $0.26 by the time it filed for bankruptcy in 2002. The drastic drop in stock prices occurred when a whistleblower exposed Enron’s practice of hiding debts and losses using accounting techniques, such as hiding toxic debt and assets from investors and creditors in off-balance-sheet special purpose vehicles. This blow to investors, along with similar scandals at major public corporations such as WorldCom and Tyco International, led Congress to strengthen disclosure and auditing requirements for public corporations to try to restore investor confidence in U.S. capital markets by passing the Act in 2002.
What are the titles of SOX?
SOX contains 11 sections, called “Titles” in the legislation, as follows:
- Title I: Public Company Accounting Oversight Board. The act created this board, which is responsible for setting the standards and rules for audits, as well as monitoring and enforcing compliance with the law.
- Title II: Auditor Independence. This section includes regulations intended to ensure that auditors are truly independent, including a requirement that firms providing the audit cannot provide any other services to the company they are auditing.
- Title III: Corporate Responsibility. Corporate executives are individually and personally responsible for seeing that the company complies with SOX. Failure to comply can have personal penalties, not just penalties on the business.
- Title IV: Enhanced Financial Disclosures. This section added a lot of new mandatory financial disclosures that public companies must comply with, including insider trading and off balance sheet transactions.
- Title V: Analyst Conflict of Interest. This section was intended to boost investor confidence in securities analysts. Analysts must disclose if they have any potential conflicts of interest, whether it’s holding shares of the company being analyzed or having the company as a client.
- Title VI: Commission Resources and Authority. This section is not particularly relevant to companies concerned about compliance; it gives the SEC authority to remove people from positions such as brokers or dealers under certain circumstances.
- Title VII: Studies and Reports. Details reports that the SEC or Comptroller General must perform.
- Title VIII: Corporate and Criminal Fraud Accountability. Specifies that anyone with a role in defrauding shareholders of public companies can be subject to fines and prison. Also makes it illegal to alter, conceal, or destroy records that could be relevant in an investigation.
- Title IX: White Collar Crime Penalty Enhancement. This title is focused on increasing penalties for white collar crime. It encourages courts to have sentencing guidelines with harsh enough penalties to deter financial misconduct – in other words, to make sure that “crime doesn’t pay.”
- Title X: Corporate Tax Returns. Specifies that the company CEO must be the one to sign the corporate tax return – and is therefore responsible for any misstatements to the IRS.
- Title XI: Corporate Fraud Accountability. This title includes definitions of behavior that would constitute fraud, along with sentencing guidelines and penalties.
What are the Key Provisions in SOX that are Relevant to Compliance
Each of the Titles of SOX are further broken down into “Sections.” There are eight sections that are especially relevant from a compliance perspective. A summary of each follows:
- Section 302: Corporate Responsibility for Financial Reports
- Section 401: Disclosures in Periodic Reports
- Section 404: Management Assessment of Internal Controls
- Section 409: Real Time Issuer Disclosures
- Section 802: Criminal Penalties for Altering Documents
- Section 806: Protection for Employees of Publicly Traded Companies Who Provide Evidence of Fraud
- Section 902: Attempts & Conspiracies to Commit Fraud Offenses
- Section 906: Corporate Responsibility for Financial Reports
What are the Penalties if SOX is Violated?

Relevant section: Section 906: Corporate Responsibility for Financial Reports
This section provides penalties that executives of public companies might want to pay attention to: up to $5 million and 20 years in jail for certifying a false or misleading report. The CEO and CFO of the company must provide a written statement that:
shall certify that the periodic report containing the financial statements fully complies with the requirements of section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C. 78m or 78o(d)) and that information contained in the periodic report fairly presents, in all material respects, the financial condition and results of operations of the issuer