SOX - An Overview It is mandatory for all US public companies to adhere to the Sarbanes-Oxley Act (SOX) introduced in the country in July 2002. The primary objective of the Act is to regulate financial practice and corporate governance and restore investor confidence in response to major financial scandals involving Enron, WorldCom and others. But public companies are already grumbling about the costs of abiding with the Act's requirements. The Japanese government similarly, promulgated a law in June 2006, known as J-SOX in order to prevent accounting frauds by public companies and to safeguard investor interest. This will be in force for all fiscal years starting from April 1, 2008. Drawn up on the same lines as the US-SOX, companies listed in Japan and operating in other countries as subsidiary companies have to adhere to J-SOX compliance. Weighty Regulations
The most contentious part of SOX is Section 404, which requires management and the external auditor to report on the adequacy of the company's internal control over financial reporting (ICFR). This is the most expensive aspect of the legislation for companies to implement, as tremendous effort goes into documenting and testing important financial, manual and automated controls. Additionally, the Sarbanes-Oxley Act states that all business records, including electronic records and electronic messages, must be saved for "not less than five years." The penalty for non-compliance is fines, imprisonment or both. The legislation not only affects the financial side of companies but also the IT departments which are responsible for storing a company's electronic records. Accounting and IT must work hand in hand to achieve the best possible accuracy in the implementation of SOX. Expectedly, the additional compliance costs and the increased paperwork that have come with the legislation have put companies in a tizzy. Outsourcing - the Key Both US SOX and J SOX involve documentation of all business activities of a company. It involves defining processes, mapping and identifying risks and controls. Fulfilling this daunting task involves diverting scarce corporate resources. The sensible option in such a scenario is to outsource these mandatory processes in order to ensure compliance in a cost effective manner and to free up resources to focus on other aspects of business. Outsourcing companies particularly from India have jumped on to the Knowledge Process Outsourcing (KPO) bandwagon with SOX compliance related work garnering a major share in the outsourced processes. While significant cost savings is the key driver to consider India as a preferred outsourcing destination, there is no disputing the fact that companies benefit from the huge English speaking work force with superior financial and technology skills. Outsourcing companies in India offer back office and internal audit services for SOX compliance - streamlining and automating the complex process to employ best practices to fulfill SOX regulations. In a short while, they become your business partner and not just an offshore vendor. It makes complete business sense to offshore internal compliance related procedures to an experienced team of financial and legal experts who will facilitate the setting up of secure, ongoing procedures and controls to meet your firm's requirements under the Sarbanes-Oxley Act. Most offshore companies in accounting and finance offer the following services under SOX: - End to End Process Mapping (including documentation of process narratives and flow charts)
- Risk Assessment based on a well defined Risk Control Matrix (RCM)
- Process Walkthroughs
- Test of Design & Operating Effectiveness Assessment
- Spread Sheet Control Assessment
- Segregation of Duty (SOD)
- Gap Reporting
- Remediation of Gap
Sustaining Compliance with Automation Automating the internal audit process ensures the accuracy and consistency of financial procedures. Today an array of technology driven solutions helps automate everything from file transfer to document retrieval. They connect all SOX processes on a single platform making it easy to access records from any location. Advanced tracking and reporting capability streamlines a company's SOX requirements and permits continuous monitoring, all of which helps increase confidence within the company and among the auditors. SOX compliance history is always accessible. Emergency fixes are automatically documented and reconciled for easier audit. Fool-proof Security Practices The process of taking over the parent company's bookkeeping, accounting and tax return activities is seamlessly accomplished in a systematic manner to a fully secure and protected environment. The dedicated offshore team synchronizes the client firm's compliance requirements by setting up robust internal controls and processes from their offshore site at a fraction of the cost. Companies can thus meet the challenges of compliance upfront and take home significant cost savings. It is generally seen that outsourced back office operations are in good hands due to an unshakable wall of physical, network, data and desktop security around the financial processes. For further details on how outsourcing can help you with easier SOX compliance, please contact satyen@leosys.in Ashley Jacob is a content writer and PRO of the team at Udyen Jain & Associates, an India based chartered accountancy firm specialized in offering cost-effective solutions to take care of your SOX compliance needs. Visit http://www.uja.in for more details. |
