Featured Articles

The Impact of the Sarbanes-Oxley Act on Private Companies

By: Matthew Clark, Corcentric Consultant

The Sarbanes-Oxley Act has forced public companies to strengthen their internal controls. Private companies are not currently required to comply with the standards set by the Sarbanes-Oxley Act, but that does not mean they are not impacted by what is contained within the act. There are several reasons why private companies need to start paying attention to the Sarbanes-Oxley Act.

Before we get into the impact the act can have, it is first important to understand some background information about the act itself. The Sarbanes-Oxley Act of 2002 is legislation enacted in response to the high profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise. The act is administered by the Securities and Exchange Commission, which sets deadlines for compliance and publishes rules on requirements. Section 404 of the act outlines guidelines for internal controls that public companies must follow in order to be in compliance with the act.

The legislation not only affects the financial side of corporations, but also affects the IT departments whose job it is to store a corporation's electronic records. The Sarbanes-Oxley Act states that all business records, including electronic records and electronic messages, must be saved for "not less than five years." The consequences for non-compliance are fines, imprisonment, or both. IT departments are increasingly faced with the challenge of creating and maintaining a corporate records archive in a cost-effective fashion that satisfies the requirements put forth by the legislation. The solution for private companies that don’t have large IT departments is to IT solution providers to help satisfy the data storage capacity necessary to comply with this act.

Private companies are not currently required to comply with the standards outlined in the Sarbanes-Oxley Act, however that does not mean private companies will never have to comply with these standards. Many groups are closely watching their state legislatures because some have threatened to adopt Sarbanes-Oxley-like legislation for private companies.

The scope of the act does not end with the legislation. Private companies with bank loans, as well as companies applying for bank loans, are finding that they are required to comply with the guidelines set forth by the Sarbanes-Oxley Act. In addition, private companies that have significant dealings with public companies are being forced to comply. Finally, a private company will become subject to the Sarbanes-Oxley Act upon filing a registration statement with the SEC in anticipation of an IPO. Therefore, familiarity with these new rules will help private companies avoid pitfalls that could interfere with important future milestones, such as an acquisition or an IPO.

In this day and age it is just good business practice to follow the guidelines of good internal controls. Private business owners have seen what has happened at companies where little attention and care were given to these and don’t want the same things to happen under their watch. Following the guidelines set forth by the Sarbanes-Oxley Act will allow private companies to strengthen the foundation of a company culture of fiscal and corporate responsibility.

Corcentric has solutions available that help companies comply with the Sarbanes-Oxley Act. If you would like information about these solutions click here to contact Corcentric.

If you would like a summary or full copy of the Sarbanes-Oxley Act of 2002, click here to contact Corcentric.