JANUARY 2004 - UPDATE ON SARBANES-OXLEY REFORMS



Over the past few years there have been several high-profile corporate and accounting scandals in the news. Some of these have involved the health care industry; some of these have involved not-for-profit corporations. Efforts to reduce the likelihood of further corporate abuse have taken many forms. The most dramatic of these efforts was the passage in July 2002 of the Sarbanes-Oxley Act (the “SOX Act”). The fundamental purpose of the SOX Act is to rebuild public trust in corporations and accounting firms. Although the SOX Act applies primarily to publicly-traded companies, it is expected to significantly impact what is considered “best practices” for all types of organizations.

In addition, new SEC rules, other legislative action and recent case law have also contributed to the renewed scrutiny of corporate practices, in many instances expressly the practices of not-for-profits. For example, revisions to Form 990 reporting requirements have been proposed. Massachusetts and New York have already proposed laws similar to the SOX Act that would be applicable to non-profits and their auditors. There has also been private action to impose stricter requirements on all entities, such as through provisions in director and officer liability insurance policies and covenants in bond documents. Finally, there is an increasing number of lawsuits that allege director or officer breaches of fiduciary duties.

The SOX Act includes eleven parts addressing public company oversight boards, auditor independence, corporate responsibility, enhanced financial disclosures, analysis of conflicts of interest, SEC resources and authority, studies and reports, corporate and criminal fraud accountabilities, white collar crime penalty enhancements, corporate tax returns and corporate fraud accountabilities. The primary reforms initiated by the SOX Act that have relevance to entities that are not publicly traded are as follows:

    Audit Committees
  • An audit committee must be established, responsible for hiring, setting compensation and overseeing the auditor's activities.
  • Audit committee members should be "independent." The SOX Act defines "independent" as not being part of the management team and not receiving any compensation.
  • The audit committee should have at least one financial expert.

    Code of Ethics
  • The organization should adopt a code of ethics that applies to the company's principal officers.
  • Loans to any director or executive of the company are prohibited.
  • Recent case law also suggests that the definition of a conflict of interest should be expanded to include significant personal relationships.

    Accounting and Auditor Standards
  • The lead or reviewing partner of the auditing firm should be rotated every five years (audit firm rotation is NOT required).
  • Auditing firms are prohibited from providing any non-audit services to the company concurrent with auditing services, with certain limited exceptions such as tax preparation.

    Financial Certification
  • The CEO and CFO must certify a company's financial statements and also to the effectiveness of internal controls implemented to ensure the reliability and integrity of the financial statements.


Unlike the provisions described above, the following two provisions of the SOX Act apply to all entities and every entity should ensure compliance with these requirements:

    Whistleblowers
  • Under the SOX Act, it is illegal for any corporation to punish a whistleblower under any circumstance and in any manner including termination, demotion and suspension. A whistleblower is an employee who reports suspected illegal activity to law enforcement or a government oversight agency.

    Document Destruction
  • Under the SOX Act, it is illegal for any corporation to destroy, alter or falsify any document used in an official proceeding, such as a federal investigation.


On January 22, 2004, the Internal Revenue Service announced that it intends to release a set of best practices for nonprofit organization governing boards. Marvin R. Friedlander, Chief of Technical Group, IRS said the best practices to be released as art of the IRS’ 2004 work plan only indirectly relate to the governance obligations imposed on public companies under the SOX Act. This guidance will be a set of "do's and don'ts" focusing primarily on educating boards on their members' corporate compliance oversight obligations. The IRS has indicated that the guidance is designed to give board members insight into how the service views their audit and compensation review responsibilities and to encourage proactive corporate governance.

Since the SOX Act and the SEC rules apply only to publicly-traded entities (with the exception of the two provisions described above), whether any or all of the reforms should be implemented in a private or non-profit corporation depends on the particular facts and circumstances of the organization. The anticipated IRS guidance as well as other legislative and case law developments over the next few months will also affect an organization’s position on implementing reforms. We will be monitoring all these developments.

Please contact us if you would like to discuss the impact of the SOX Act and other reforms on your organization.

Practice Areas | Attorney Directory | Client List | Client Advisories | HIPAA Advisories | Articles/Seminars | Links | HIPAA Materials | Contact Us | Disclaimer