IT Management

-        Mismatched systems or processes haven’t degraded data that feeds into financial reports.

-        Uncontrolled staff or management haven’t corrupted financial data.

-        The auditors who verify financial reports aren’t influenced by staff, executives, or corporate board members.

-        The processes used to derive financial data are transparent, standardized, and auditable.

How Important Is SOX?

Companies can’t choose to ignore SOX. If certain provisions aren’t implemented (e.g., a whistleblowers hotline), the SEC can order the company be delisted.

CEOs and CFOs potentially face both criminal and financial consequences for SOX violations. The CEO and CFO must certify corporate financial statements, removing the excuse of plausible deniability. If the CEO and CFO submit bad certifications, they could be liable for fines up to $1 million and imprisonment for up to 10 years. If their incorrect certifications were submitted “willfully,” the law says the fine can be increased up to $5 million and the prison term up to 20 years.

If the company complies with SOX but fails its audit, there are no direct consequences. However, they can expect “market reaction,” which is code for falling stock prices. For most companies, the market tends to react to any disclosure of a material weakness, even if it was corrected in time to pass the audit.

Stock prices fluctuate every day. So what does it matter if a company stock price is affected by a poor audit? The answer depends on who you ask. In general, companies have expressed relief that SOX announcements have resulted in only a 3 percent drop in their stock price. For companies whose management is respected and trusted by investors, such drops have been temporary. For companies whose investors already had misgivings about management or financial practices, the price drop tends to be much greater and more long-lasting.

Implications for You

6 Pages