The Sarbanes-Oxley Act, commonly referred to as SOX, is a federal United States law passed in 2002. It was drafted in response to the numerous financial scandals of high-profile corporations such as WorldCom and Enron. This act has created new corporate standards for accountability to protect valued stakeholders and the public from fraudulent practices by organizations.
The Sarbanes-Oxley Act requires companies to implement extensive procedures that prevent illegal activities internally within the company and to respond to any illegal activity investigations without delay. Its primary function is to protect the public by improving the accuracy and consistency of corporate disclosures. The Act enhances corporate accountability while also safeguarding others by:
The complete Sarbanes-Oxley Act applies to all publicly traded companies, while certain provisions also apply to private companies and nonprofit organizations. All businesses face criminal punishment for acts such as: document destruction or alternations, retaliation of whistleblowers, wire and mail fraud and participating in activities that violate federal regulations and rules. Companies who do not comply with this law face multimillion dollar fines, up to 20 years in prison, or a combination of both. Criminal penalties are extremely strict and vary drastically depending on which section of the Act was violated and whether it was violated intentionally.
The Act is associated primarily with financial departments, yet it also affects the technology sector of companies as well. IT departments are responsible for the storage of electronic records which according to the Act “must be saved for not less than five years”. There are three rules, stated in Section 802, that relate to the management of electronic records that address the following issues:
Document Management systems provide the control, security, tracking, and reporting required in today’s compliance strategies. Using these systems allows organizations to easy report on decisions, activities, and visibility as it relates to information and documents that fall under the SOX regulations.