Sarbanes-Oxley Act.
SOX establishes corporate governance and financial reporting requirements for public companies listed on US exchanges, requiring internal controls over financial reporting, CEO/CFO certification, and auditor independence.
Maximum penalty
$5M fine and/or 20 years imprisonment
Source: §906
Key requirements
Internal controls over financial reporting (ICFR)
CEO/CFO certification of financial statements
Auditor independence requirements
Whistleblower protection
+2 more requirements in the complete guide.
Get the full SOX compliance guide →Enforcement examples
Enron (catalyst for SOX)
Accounting fraud leading to $74B shareholder losses - directly led to SOX enactment
Company dissolved
2001
How Tessera automates SOX compliance
ITGC evidence collection automation
SOX control testing workflow
CEO/CFO certification documentation
Audit trail for financial reporting controls
SOX compliance checklist
Essential steps to achieve and maintain SOX compliance.
Document internal controls over financial reporting
Implement IT general controls
Establish CEO/CFO certification procedures
+2 more steps in the full checklist.
Get your complete SOX compliance checklist - free →Industries affected
Calculate your SOX exposure.
See exactly how SOX penalties apply to your revenue and industry profile.