This Act includes a number of features that can most broadly be included under the heading of ethics enforcement. It created a Public Company Accounting Oversight Board (PCAOB) designed to oversee the audit firms conducting audits of public companies, and also gives it to the power to sanction both companies and individuals for rule violations. It also mandates that audit committees oversee the activities of external auditors, excluding management from the auditing process. Further, it prohibits auditors from offering bookkeeping, investment banking, legal, information technology, actuarial, or internal auditing services to companies they also audit. The law also prohibits an audit firm from selling auditing services to a public company if one of the company’s senior officers worked for the audit firm and participated in the audit in the preceding year. In addition, it requires audit partners to rotate off a client at least every five years. The Act also set stiff penalties related to improper maintenance of audit workpapers and the destruction of documents related to a federal or bankruptcy investigation, while also banning personal loans to company executives.
CEOs an CFOs must also attest to the accuracy of quarterly and annual reports filed with the SEC. It also requires the forfeiture of any profits earned by CEOs and CFOs from equity sales if company financial statements are subsequently restated, thereby giving them no incentive to alter company records to cause a run-up in the stock price. It also gives the SEC authority to issue a lifetime ban on individuals who have committed securities violations from serving on the Board of Directors of any public company, and also requires the SEC to issue ruls requiring a code of ethics for a company’s senior financial officers. The Act also keeps companies from using off-balance sheet transactions by requiring them to report obligations under lines of credit, leases, guarantees, and significant transactions with unconsolidated entities.
Of particular interest to corporations is the Act’s emphasis on internal controls. The management team must now have a greater knowledge of the effectiveness of the corporate system of internal controls and make specific representations about their effectiveness, while external auditors must include in their audit reports any significant failings found in the internal control system. This last item requires a great deal of review and documentation of control systems.
Finally, one provision of the Act applies not only to public companies but to private ones as well. It makes retaliation against whistle blowers a crime.