RIVIER COLLEGE ONLINE ACADEMIC JOURNAL, VOLUME 1, NUMBER 1, FALL 2005

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

Abstract Congress adopted the Sarbanes-Oxley Act of 2002 to target inter alia illegal and questionable auditing practices, pension fund blackouts, loans to corporate directors and executive officers, Securities and Exchange Commission violations, and an overall lack of corporate quality control and ethical behavior that resulted in numerous corporate scandals and the filing of criminal actions against corporations, shareholders, directors, and officers. Criticism of the Sarbanes-Oxley Act is that it will result in little change in corporate behavior. This paper will explore the effect, if any, the Act has had on corporate behavior through analysis of its effect on auditing practices, legal actions commenced under or because of the Act, SEC actions, and changes in corporate policy, as evidenced by newly adopted internal controls and disclosures in corporate reports. 1 Introduction Following the economic disasters and corporate scandals of Enron, Worldcom, and other corporations at the turn of the 21st century, Congress adopted the Corporate and Auditing Accountability, Responsibility, and Transparency Act, which became known as the Sarbanes-Oxley Act of 2002 (Sarbanes-Oxley). Sarbanes-Oxley establishes new accounting and auditing procedures and public oversight and includes enhanced civil and criminal penalties for SEC violations and criminal fraud. Surveys, studies, and reports concerning Sarbanes-Oxley provide early mixed results on its impact, yet most people reporting on the Act see Sarbanes-Oxley as a positive influence in enhancing investors confidence. 2 The SEC and the Securities Laws As part of the New Deal and in response to the stock market crash of 1929 and the fraud and unfair practices involved in the sale of stocks and bonds, Congress passed the 1933 and 1934 Securities Acts.i Since passage of the Securities Acts, Congress and state legislaturesii have continued to pass comprehensive laws to regulate the securities industry.iii The purpose of these securities laws is to involve the government in ensuring that the public receives accurate and complete information it can rely on when making investment decisions. In addition, the laws are to ensure that all investors are on a level playing field by regulating security trading by so-called company insiders, who may have market value information not yet available to the public. The Securities and Exchange Commission (SEC) was established in the 1934 Securities Exchange Act as the oversight agency for protecting the interests of the public and investors in companies that publicly trade their securities. The SEC requires that a company file complete and accurate information, but it does not guarantee that the records are complete or accurate or that the securities being offered have investment value, as the decision of whether to invest in a publicly traded company based on the SEC records is up to the investor.
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 1

Carol A. Rolf

The 1933 Act requires a publicly traded company to have an independent public or certified accountant prepare comprehensive financial statements for public dissemination. In addition, the Act expressly prohibits fraud and misrepresentation in the sale of publicly traded securities. Earlier drafts of the 1933 Act included merit test provisions. Merit tests, as found in many state securities laws, prevent the sale of securities if a companys organizational structures, plan of business, or contracts are deemed inequitable or unfair. Federal legislators deleted the merit provisions from the final draft of the Securities Act that was eventually enacted into law. In order to achieve the 1933 Acts purpose of providing full public disclosure of material facts, every publicly traded company must file a registration statement with the SEC concerning the company and all securities sold to the public. Dealers and brokers must provide investors with a summary of the SEC registration materials and furnish a preliminary report known as a prospectusiv to prospective investors. The SEC may refuse to accept a registration statement that is misleading, incomplete, or inaccurate, thus prohibiting the company from offering the securities for sale. The purpose of the 1934 Act is to ensure that up-to-date public information is provided on a publicly traded companys financial and managerial condition. In addition, the Act includes provisions that grant the SEC supervisory and disciplinary powers over U.S. stock exchanges, over-the-counter markets, and brokers and traders in public securities. The 1934 Act also includes requirements for public disclosure of purchases of more than five percent of a companys securities and insider trading provisions that prohibit insiders from trading in securities prior to public release of material information concerning the company and the securities being offered. As with the 1933 Act, the 1934 Securities Exchange Act prohibits false and misleading statements and unfair, deceptive, and manipulative practices by publicly traded companies and their agents. Furthermore, officers, directors, and principal stockholders of publicly traded companies are required to publicly disclose their own equity security transactions by reporting to the SEC. Finally, the 1934 Securities Exchange Act contains the penalty provisions for violation of the securities acts. 3 What Precipitated Sarbanes-Oxley Among the protective measures provided by the 1933 and 1934 securities laws and the rules promulgated by the SEC under these laws are the requirements that publicly traded companies make corporate disclosures, which are reviewed by the SEC, and that such companies have an independent auditor, who reviews and approves the companys financial statements. Based on these disclosures and auditing reports, credit rating agencies rate a companys securities, thus influencing public investment. Before Sarbanes-Oxley, the public trusted the auditors for the publicly traded companies to accurately complete audits that could be relied upon in making investment decisions Company managers had little accounttability when accounting and auditing problems arose. The accounting and auditing industry was watching itself through peer review. In other words, before Sarbanes-Oxley, no one was paying much attention to the industry that was auditing, approving accounting methods, and in many cases, providing the financial information that became a substantial factor in credit ratings and investment decisions. Such reliance continued, even though over time, mergers and consolidations resulted in a dearth of major accounting firms that were determining the procedures for reporting company profits and losses. As with the 1929 stock market crash and fraudulent securities trading practices that abounded, it was just a matter of time before things went wrong. To better understand what went wrong, this paper will look briefly at two companies -- Enron and Worldcom -- and how the securities laws were unable to protect the public and investors, including
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 2

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

those invested through company pension plans, from deceitful practices that resulted in the bankruptcy of both companies. By 2000, based on Enrons corporate disclosures under the securities laws, it appeared to be one of the worlds fastest growing companies with respect to revenue. However, the revenue reported was seriously inflated, based on the methods invoked by Enron and approved by its auditors in preparing its financial reports that were filed with the SEC. One example of a permissible accounting practice prior to Sarbanes-Oxley is that a company was permitted to use gross value instead of net value when reporting profits from energy sales. Enron took advantage of this loophole by first setting up several subsidiary companies, including sham partnerships. Enron then continued to sell the same product among the several companies, always showing the gross value of the sale on each of the subsidiary companys financial statements. By using gross value, as opposed to a net value that deducted operational and other costs, the overall revenues stated by Enron and its subsidiaries were seriously inflated. Worldcom was also able to inflate its value by treating operating costs as capital investments. Thus, rather than deducting such costs from its gross profits annually, it spread the expense over several years. Although Worldcom publicly disclosed that it had not used generally accepted accounting principles (GAAP), its auditor, Arthur Andersen, approved the method of accounting and the Worldcom financial statements. Arthur Andersen also provided non-audit services for Worldcom, thus creating a conflict of interest when Arthur Andersen conducted its auditing services. By 2002, it was clear that the securities laws in effect prior to Sarbanes-Oxley were unable to prevent questionable corporate practices, such as overvaluing a companys worth for purposes of promoting securities sales. Moreover, Congress felt it needed to react to the public outcry over corporate scandals, such as Enron and Worldcom, and bolster the flagging reputation of the accounting and auditing industry. Similar to the passage of the 1933 and 1934 Securities Acts, Congress had to once again restore investor confidence to protect the economy. Thus, Congress adopted Sarbanes-Oxley to close loopholes in the securities laws, reform current business practices, provide an entity to oversee the auditing profession, enhance financial disclosures, and prevent corporate and accounting fraud by making CEOs, CFOs, and auditors accountable and subject to enhanced civil and criminal penalties. 4 Impact of the Sarbanes-Oxley Requirements 4.1 Auditing Practices and the Accounting Industry Many of the Sarbanes-Oxley requirements directly affect the accounting and auditing industry. Sarbanes-Oxley establishes accounting and auditing standardsv through oversight by the newly created Public Company Accounting Oversight Board (PCAOB).vi Public auditing firmsvii must now register with the PCAOB, pay annual fees, and are subject to quality reviews by the PCAOB on an annual basis if the firm conducts more than 10 audits a year.viii If a firm conducts less than five public audits a year and has fewer than 10 partners, the PCAOB will conduct reviews at least every three years, unless the PCAOB orders a special inspection of a firm. ix In addition, the firms must adopt quality control standards. The SEC is still deciding whether private auditing firms are subject to Sarbanes-Oxleyx. Prior to Sarbanes-Oxley, it was not uncommon for a public companys outside auditor to develop longstanding relationships with company management, such that certain discrepancies might be overlooked. In addition, accounting and auditing firms provided multiple services for public companies, albeit not always in compliance with the SECs auditor independence rules. Sarbanes-Oxley and the
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 3

Carol A. Rolf

independence rules require every company that publicly trades its securities to establish an independent audit committee responsible for appointment, compensation, and oversight of the external company auditors.xi Management of a public company no longer has a strong working relationship with the outside auditors and outside auditors may no longer provide consultation with the public company on how to produce its financial statements, thus reducing the ability of management to control financial statements and the outside audit and strengthening outside auditor independence. Sarbanes-Oxley also attempts to prevent conflicts of interest by prohibiting a firm that performs auditing services for a public company from performing certain non-audit services,xii unless the companys independent audit committee preapproves such services.xiii In addition, a public accounting or auditing firm may not provide auditing services to a company if the companys CEO, CFO or related financial officer was employed by the accounting firm at any time during the previous yearxiv. The larger auditing and accounting firms, especially the big fourxv, are no longer able to provide ancillary services to the public companies they audit. Thus, the small and mid-size auditing and accounting firms have been able to step in and increase business in areas such as income tax preparation and in the development and documentation of internal controls mandated by section 404 of SarbanesOxley. In an attempt to shore up and preserve existing business relationships, large accounting firms have begun to develop referral alliances with small and mid-size firms whereby both firms will refer business that they are permitted to provide under Sarbanes-Oxley to each other. Sarbanes-Oxley required the General Accounting Office (GAO) to conduct a study concerning the impact of consolidation of public accounting firms since 1989.xvi Although the results of the study are inconclusive in several areas, the GAO did not find evidence of impaired competition or a direct correlation to increased audit fees because of the consolidations. The GAO cautions, however, that future consolidations may need to be prohibited to maintain competition, as there is not likely to be an expansion of the so-called Big Four and smaller firms are unable to compete in the public company auditing market due to such factors as lack of staff, expertise, and reputation. Other Sarbanes-Oxley provisions that are for the purpose of preventing longstanding relationships between outside auditors and company management from resulting in careless auditing, require that the lead audit partner and audit review partner be rotated every five years.xvii These new requirements for change in auditing personnel and division-of-labor may require publicly traded companies as well as auditing firms to plan ahead for personnel rotation. Both may need to hire additional people to meet the future needs of the public company audit. Moreover, companies must have a sufficient number of trained personnel with internal accounting capabilities in order to meet the demands of maintaining required accounting records and general ledger and journal entries to ensure accurate and complete financial statements that outside firms can audit. Although Congress considered mandatory rotation of not just audit personnel, but also accounting firms that conduct public company audits, such provision was not included in Sarbanes-Oxley. Instead, Congress required the GAO to conduct a study on the potential effects of requiring the mandatory rotation of accounting firms.xviii The GAO study considered whether the benefits of a periodic change in public auditing firms to maintain auditor independence and improve audit quality would be outweighed by the costs of changing firms, including the need for new firms to become knowledgeable concerning company-specific information. To conduct the study, the GAO surveyed the largest public accounting firms and Fortune 1000 companies. These companies consistently responded that the rotation of audit personnel was sufficient to bring about the required improvements when compared to the costs associated with periodic firm rotation. The GAO interviewed other stakeholders, such as consumer
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 4

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

advocacy groups and institutional investors, who agreed that the costs of mandatory firm rotation would exceed the benefits. Auditors are also mandated to retain specific types of records under Sarbanes-Oxley, including data work product, memos, and correspondence concerning a companys financial data that provides conclusions, opinions, or analysesxix. Under section 103 of Sarbanes-Oxley, auditors must maintain these records, sent or received, hard copy or electronic, for seven years. Section 103 conflicts with the time period found in the criminal provisions of Sarbanes-Oxley that mandate preservation of all audit and review papers for five yearsxx. Record retention requires data storage space for electronic records as well as physical storage space for all other record types. The record preservation requirements of Sarbanes-Oxley for both originals and backups has spawned ancillary businesses that provide software for write-protected electronic storage, data warehousing, and protected physical storage space for hard copy records. The overall impact of Sarbanes-Oxley on accounting and auditing firms and their internal operations and practices appears to be positive, especially for fulfilling the purpose of reducing and preventing fraud, maintaining auditor independence, and enhancing the accuracy and quality of independent audits and the reputation of the accounting and auditing industry. In fact, a 2004 Gallup poll indicates that the accounting profession, which had a positive rating of 31% in 2002, had an improved positive rating of 45% by 2004. Moreover, the Sarbanes-Oxley limitation on multiple engagements has clearly created new roles for small and mid-size auditing and accounting firms. These include monitoring Sarbanes-Oxley, SEC regulations, standards from the PCAOB, and requirements of comparable state laws and documenting and testing the internal controls adopted by a public company under section 404. However, one must question if the cost of Sarbanes-Oxley compliance outweighs the gains in reducing fraudulent behavior. In a Financial Executives International survey, 321 responding companies expected an increase of 38% over current audit fees to implement Sarbanes-Oxley.xxi Also in a 2004 study by J.D. Power and Associates to measure audit firm performance since Sarbanes-Auxley, 9 out of 10 CFOs felt that the increased costs to implement Sarbanes-Oxley outweighed any benefits of the Act. Moreover, the external auditors had concerns about their abilities to provide the enhanced audit services mandated by Sarbanes-Oxley. There is real concern that Sarbanes-Oxley will not only drive up prices of consumer goods and services, but also will cause the collapse and bankruptcy of small and mid-size publicly traded companies that cannot afford to pay for the new requirements. One solution has been for companies that can get by without selling publicly traded securities to return to private status. 4.2 Governance Practices Management in the Enron and Worldcom cases was able to point a finger at the accountants and auditors and claim little responsibility in the downfall of the companies under the securities laws in effect before Sarbanes-Oxley. One of the most significant provisions of Sarbanes-Oxley is to expressly make company management responsible for the accuracy of financial reporting.xxii Chief Executive Officers and Chief Financial Officers must now make specific certifications in annual and quarterly reports to the SECxxiii and, as prohibited in the prior securities laws, may not attempt to control or influence the outcome of the independent audit.xxiv For example, the CEO and CFO must certify to the appropriateness of the financial statements and disclosures contained in the periodic report, and that those financial statements and disclosures fairly present, in all material aspects, the operations and financial condition of the issuer.xxv Sarbanes-Oxley makes an additional requirement that when there is
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 5

Carol A. Rolf

a violation of the financial reporting requirements, the company must prepare an accounting restatement and the CEOs and CFOs may be required to reimburse the company for any ill-gotten gains.xxvi In conducting its audit, the external auditors are expected to communicate to the companys audit committee about management concerns and potential risks of fraud. On a positive note, recent polls conducted by the Business Performance Management Forumxxvii indicate increased acceptance by company executives that corporate governance controls mandated by Sarbanes-Oxley are significant factors in optimizing company profits. To ensure compliance with the insider trading provisions of the 1934 Securities Exchange Act, Sarbanes-Oxley authorizes the SEC to remove directors and officers who violate insider trading provisions.xxviii Because Enron and Worldcom executives were able to sell company securities during the period of inflated values, while employees were prevented from doing the same, Sarbanes-Oxley also makes it illegal for company management and other insiders to buy, sell, or transfer certain company securities during a so-called blackout periodxxix imposed on employees.xxx The company may recover all gains from managers involved in such illegal transfers, and if the company fails to file a lawsuit to recover such gains, any owner of the companys securities may institute such legal action.xxxi Finally, because of improprieties in providing company executives with low-interest company loans, especially as demonstrated in the Worldcom case, companies may no longer loan money to their executives, except for limited purposes and under circumstances that are no more favorable to the executives than those offered to the public.xxxii 4.3 Company Disclosures Before enactment of Sarbanes-Oxley, the SEC failed to consistently enforce the requirement for timely reporting of securities sales by one person or entity consisting of 10% or more of the equity securities in a publicly traded company. Thus, both Enron and Worldcom executives holding more than a 10% interest in the companies were able to sell their equity securities before the public and employees with individual accounts were made aware of such sales. Sarbanes-Oxley requires filing a report with the SEC of 10% plus sales by the end of the second business day after the sale.xxxiii In addition, such sales must be disclosed on the companys website by the end of the business day following the SEC filing. Although these provisions are more stringent than those in prior securities laws, unless SEC enforces themxxxiv they will have little impact on providing timely notice to the public to ensure they are aware of an extraordinary transfer that may affect the companys value. Based on the fraudulent and misleading reporting of Enron and Worldcom, Sarbanes-Oxley has mandated that the periodic public reports filed with the SEC by publicly traded companies must contain specific disclosures in managements discussion and analysis (MD&A) concerning the following: financial reports prepared in accordance with GAAP must reflect all material correcting adjustments; annual and quarterly financial report(s) shall disclose all material off-balance sheet transactions; annual and quarterly financial reports must disclose relationships with unconsolidated entities that may materially affect the companys financial condition; and pro forma financial information must comply with SEC rules and be accurate and not misleading.xxxv Sarbanes-Oxley mandated the SEC to conduct an off-balance sheet disclosure study to determine whether such accounting procedure provides investors with sufficient transparent information with which to make investment decisions.xxxvi The SEC has not been satisfied with the MD&As it has received and intends to issue new interpretive rules and enforce the existing rules. Of special concern is the lack of transparency and sufficient information concerning trends, events, and uncertainties that management perceives in the company. Many of the
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 6

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

reports have contained immaterial information that SEC staff believes may be masking the truth about the companys status and future. Sarbanes-Oxley and the SEC rules adopted under Sarbanes-Oxley require publicly traded companies to make other public disclosures. For example, companies must disclose whether their internal audit committees have at least one member who is a financial expert.xxxvii If the committee does not have such an expert, then management must explain why. In addition, a publicly traded company must make rapid disclosurexxxviii of any material changes in its operations or financial condition, so that information available to the public and investors is as current as possible.xxxix SEC staff wants management to disclose not only the discontinuance of an operation, but also why it was discontinued and the effect of such discontinuance on continuing business. Finally, when a publicly traded company restates its financial statements, management must explain why, as such restatement may be evidence of a breakdown in the companys internal controls. 4.4 Internal Controls Section 404 of Sarbanes-Oxley is one of the most significant reform provisions of the Act, as it requires a publicly traded company to develop, document, and periodically test internal controls that are intended to prevent fraud in financial reporting. Sarbanes-Oxley requires an internal control structure and procedures that not only document operations and finances, but also the risks attendant to each, mitigation controls, and ways to test or assess if the controls are effective. Based on the internal controls, a publicly traded company must annually issue an internal control report. The publicly traded companys annual internal control report to the SECxl must discuss managements responsibility in establishing and maintaining adequate internal controls for financial reporting and contain managements end-of-fiscalyear assessment of the effectiveness of such internal controls in preventing fraudulent financial reporting. Although deadlines have been set for completion of the internal controls, the SEC has continued to extend the compliance date for non-accelerated filers and foreign private issuers.xli Thus, public data on internal controls is incomplete at the time of this paper. Sarbanes-Oxley provides little guidance in the development of internal controls, and because of the diverse nature of public companies, uniform internal controls are not possible, as such controls govern all aspects of a companys business from delivery of inventory at the loading dock to including the value of such inventory in the companys financial statements.xlii A majority of publicly traded companies are developing their own internal controls and computer software applications with little uniformity among companies. The lack of uniformity and necessity for individually-prepared controls is substantially increasing the cost of complying with Sarbanes-Oxley. Some outside software producers are attempting to develop and market software that will enable publicly traded companies to comply with SarbanesOxley. However, as noted above, this may not be feasible because of the lack of uniformity in each companys internal control needs. An external auditor must be able to come into the company and understand the internal controls in order to validate their effectiveness over financial reporting and perform what has become known as a Sarbanes Audit.xliii The Sarbanes Audit requires an external auditor to evaluate the internal controls of a publicly traded company and determine that they accomplish the following: accurate financial records; transactional information recorded in a matter that it can be used in preparation of financial statements that comply with GAAP; and no material weaknesses.xliv Thus, the outside auditor will not only audit the financial records of the publicly traded company, but also attest to and report on managements assessment of the effectiveness of the internal controls in preventing fraudulent financial
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 7

Carol A. Rolf

reporting and the effectiveness of the inside audit committee. The Legislative Committee report which accompanied the bill that became Sarbanes-Oxley provided that the attestation engagement of the outside auditor was not to be considered a separate engagement, and that the outside auditor was not to base an increase in fees on such engagement. However, because the audit of the effectiveness of internal controls over financial reporting requires more work than under previous requirements, the cost of such audits has increased. The PCAOB does not believe a conflict of interest exists in this dual role of auditing and attesting and cautions outside auditors that only they can perform the evaluation of the internal controls under section 404. A publicly traded company may also adopt a code of ethics for its senior financial officers. Although this is not a mandatory requirement, any company that does not have an ethics code must explain why in its public reports filed with the SEC. Moreover, the stock exchanges are considering making an ethics code a mandatory requirement in order to trade on the exchange. Such code of ethics and any changes or waivers to the code must be disclosed to the public under Section 404. The SEC has issued a code of ethics that a CFO is to follow, and a publicly traded company must disclose any failure to comply with such code. Although the development of internal controls is initially costly for most companies, such controls force a company to look at its operational, management, and financial practices, something that many companies fail to do on a periodic basis. Thus, Sarbanes-Oxley may actually result in an increased return to investors because of a companys implementation of internal controls and procedures that may improve the business through standardization and use of best practices. There is no data that supports such a theory at this time, but this is a subject that should be further studied in determining the impact of Sarbanes-Oxley. 4.5 SEC Enforcement and Civil and Criminal Penalties Through Sarbanes-Oxley, Congress made several amendments to existing laws to correct what was perceived as insufficient punishment to deter corporate fraud and adopted new penalties and descriptions of unlawful actions within Sarbanes-Oxley. The enhanced penalty provisions of Sarbanes-Oxley include the following: new felony offenses; increased penalties for violations of securities laws; and mandatory review and amendment of the Federal Sentencing Guidelines to comply with the Sarbanes-Oxley requirements. Because these amendments and new laws were adopted in haste, the result is that some of the Sarbanes-Oxley provisions duplicate existing laws and even conflict with existing laws and the Federal Sentencing Guidelines.xlv Sarbanes-Oxley created two new felonies and added new offenses or amended offenses in existing statutes. One offense prohibits company executives from knowingly and willfully creating, altering, corrupting, mutilating, concealing, destroying, or falsifying company records with the intent to obstruct, impede, or influence federal proceedings, including bankruptcy proceedings.xlvi Although this law existed prior to Sarbanes-Oxley and applied to ongoing investigations, under Sarbanes-Oxley it also applies to contemplated investigations to prevent destruction of records, such as what occurred when Arthur Andersen and Enron executives destroyed some of Enrons audit records, thus making them unavailable in the Enron bankruptcy proceeding. Penalties for such violations include fines, a maximum prison sentence of 20 years, or both.xlvii Another felony offense makes it unlawful for accounting firms to knowingly and willfully violate section 302 of the Sarbanes-Oxley Act and any related SEC rules by failing to maintain audit records and review work documents for five years. Violators are subject to fines, a maximum 10 year prison
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 8

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

term, or both. Although most accounting firms already maintained auditing records for at least five years, they may now be more diligent and maintain additional records since the enactment of SarbanesOxley. Other laws amended by Sarbanes-Oxley include mail fraud statutes, ERISA, and the Securities Exchange Act of 1934. Most of the amendments concern enhanced penalties, but Congress added new offenses to the mail fraud statutes. One offense is for the knowing or attempted execution of a scheme for the purpose of defrauding any person in connection with securities of a publicly traded company, including the fraudulent purchase and sale of securities.xlviii Penalties for this offense are a fine, a maximum prison sentence of 25 years, or both. This offense was already criminal under the antifraud provisions of the existing securities laws and may have little, if any, practical effect. Another offense covered by the mail fraud statute concerns failure of CEOs and CFOs to provide the financial certifications on periodic reports mandated by section 906 of Sarbanes-Oxley.xlix This provision appears to duplicate section 302 of Sarbanes-Oxley in some respects. In addition, no criminal penalty is provided in the mail fraud statute for failure to make the certification.l However, the penalties for making certifications that violate section 906 of Sarbanes-Oxley are severe. Any certification that knowingly violates the requirements of the section carries with it maximum penalties of a $1 million dollar fine, 10 years in prison, or both. If the false certification is both knowing and willful, the maximum penalties are enhanced to a $5 million dollar fine, an increase in the existing 5 year maximum sentence to 20 years, or both. Enhanced penalties for violating the reporting and disclosure provisions of ERISA include an increase from a $5,000 dollar fine, maximum of 1 year in prison, or both, to a $100,000 dollar fine, 10 years in prison, or both.li Maximum penalties for violating the 1934 Securities Exchange Act have increased from a $1 million dollar fine, maximum 10 year prison sentence, or both to a $5 million dollar fine, maximum 20 year prison sentence, or both. In addition, the maximum fine imposed on an entity for violating the 1934 Act increased from $2.5 million dollars to $25 million dollars. The statute of limitations for private investors to bring civil actions for fraudulent activities under the securities laws has also increased.lii Courts rarely impose maximum penalties. Thus, despite the enhanced penalties created by Sarbanes-Oxley, the reality may be little or no change in punishment for securities fraud and related offenses. Sarbanes-Oxley also added whistleblower protections for those who inform or assist in securities violation investigations.liii Public companies are required to establish a mechanism that enables reporting of illegal acts. A publicly traded company may not knowingly retaliate against a witness, informant, or victim who provides truthful information concerning commission of a federal offense by a company. Examples of retaliation include interfering with such persons lawful employment or ability to obtain lawful employment. Congress passed the Sentencing Reform Act in 1984 and created a Federal Sentencing Commission,liv which passed Federal Sentencing Guidelines in 1987. In 2001, the Sentencing Commission adopted comprehensive revisions to the Federal Sentencing Guidelines that included increased sentences for most economic crimes and repealed specific provisions that the Commission deemed unnecessary. Sarbanes-Oxley affected the Federal Sentencing Guidelines by requiring the U.S. Sentencing Commission to review and amend the Federal Sentencing Guidelines to provide enhanced penalties for violation of Sarbanes-Oxley and other laws related to fraud.lv As a result of SarbanesOxley, the Sentencing Commission had to reintroduce provisions into the Sentencing Guidelines that it had repealed in its 2001 revision. Sarbanes-Oxley, therefore, may have marginalized the role of the

Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission.

Carol A. Rolf

judicial branch and the independent Sentencing Commission in exercising independent judgment in sentencing. 5 Conclusions

Perhaps it is too soon to judge the efficacy of Sarbanes-Oxley. However, negative effects of the Act will outweigh the positive effects if the cost of compliance in time, fees, and resources becomes too much for small and mid-size companies to bear, and they are forced to go out of business. In a survey conducted by CFO Magazine,lvi one-third of the public company executives responding to the survey felt that Sarbanes-Oxley was an overreaction that simply placed another costly burden on their companies. Such companies may expend substantial funds to simply do the minimum to comply with Sarbanes-Oxley and stay out of trouble, while missing an opportunity to honestly evaluate risks negatively affecting their business and make improvements to procedures and controls in order to protect the organizations future health. Sarbanes-Oxley can be a positive catalyst in improving a publicly traded companys bottom line. Building an ethical mind-set in a company through ethics codes and internal controls will reduce the risk of accounting fraud. Moreover, enhancing the effectiveness of company governance and implementing internal controls to improve financial reporting, provide transparency, prevent fraud, and manage risks is good for a company. In a 1999 study conducted by the Committee of Sponsoring Organizations, it was determined that more than 50% of companies committing accounting fraud failed within two to three years after the fraud was discovered. Thus, even before Sarbanes-Oxley, those publicly traded companies that were successful were in many cases the ones that were already following what appear to be the value-added goals of Sarbanes-Oxley. Based on at least one survey discussed in this paper, the accounting and auditing industry has improved its public reputation because of Sarbanes-Oxley. However, alliances formed by accounting firms, in order to position themselves so that they are getting most of the work in a region may not enhance responsible behavior of such firms, especially if they collaborate and begin to use common procedures and newly discovered loopholes in an attempt to get around the mandates of Sarbanes-Oxley. On the other hand, Sarbanes-Oxley has opened up new opportunities for the small and mid-size firms, while putting pressure on the large firms to assess who will remain as audit clients. Thus, another impact of Sarbanes-Oxley is that some publicly traded companies may find themselves without an external auditor and may need to spend the time and money to retain a new auditor. This may be a good thing, as a company rejected as a client by the large accounting firm should probably make serious improvements to its internal controls and governance to enable it to attract the services of an adequate external auditor. However, if rejected companies are forced to engage external auditors that are not competent to provide the needed services, Sarbanes-Oxley may result in a continuation of inadequate financial reporting and fraud. Most publicly traded companies must face the reality that Sarbanes-Oxley requires a serious look at IT and the controls over IT, as these controls may be the main platform for providing security protection and preventing fraud. Thus, one of the significant costs of Sarbanes-Oxley compliance may be developing the IT controls and software for the internal controls. There is no way to avoid increased costs in developing these controls and the associated software. Moreover, storage space for newly generated company records because of the Sarbanes-Oxley requirements will be an additional expenditure. Whether these increased costs will pay off in better company performance because of the internal controls and improved governance cannot yet be measured. However, more than one recent
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 10

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

study seems to show a positive correlation between increased investment in publicly traded stock and the internal controls, transparent disclosures, new governance requirements, and improved auditing required by Sarbanes-Oxley.lvii The PCAOB is now established and has begun to conduct reviews and professional discipline proceedings. At the time of this paper, evidence of an increase in disciplinary proceedings is insufficient to make a statement concerning the impact of Sarbanes-Oxley in preventing fraud and improving financial reporting based on enforcement actions. However, there remain many issues raised in this paper that may affect the efficacy of Sarbanes-Oxley. One positive outcome is that companies, such as Enron, have had to file public reports with the SEC that include forward-looking statements, which in the case of Enron honestly states that the company continues to believe that the existing common and preferred stock of the company have no value. While Sarbanes-Oxley requires transparent disclosure of many governance and auditing practices that resulted in the Enron and Worldcom debacles, it does not prohibit many of these practices, such as off-balance sheet arrangements, non-GAAP financial reporting, and maintenance of relationships with unconsolidated entities. The SEC staff is already complaining that the MD&As are not as transparent as they should be. Unwary investors may still find that they have invested in a company that has legally inflated its value by using such unorthodox practices. Moreover, with the increased responsibility of the external auditor not only to audit a companys financial records, but also attest to whether the internal controls have produced accurate financial reporting, time and cost may become a factor that results in inefficient auditing. Finally, the SEC has been lax in the past in enforcing the laws under its jurisdiction, and Sarbanes-Oxley did little to provide additional funds to increase enforcement. In fact, existing SEC staff is now burdened with new enforcement duties that are likely to result in less, rather than more SEC enforcement as a result of Sarbanes-Oxley. Auditor independence and conflict of interest is another potential problem that may not have been mitigated by Sarbanes-Oxley. The auditing industry has questioned whether attesting to the efficacy of internal controls conflicts with the independent audit. The response from PCAOB has been no conflict, despite obvious overlaps between decisions concerning internal controls and the independent audit. Moreover, if the internal audit committee agrees that the external auditor may provide both audit and non-audit services, as is permitted under Sarbanes-Oxley, the cozy working relationship and lack of independence between the internal company auditors, company management, and external auditors may once again factor into the accuracy of financial reporting and the practices and procedures that support such reports. The potential lack of competent accounting firms to provide Sarbanes-Oxley services is also a problem at present, but over time this should resolve itself. However, the GAO is correct in stating that future consolidation of the large accounting firms may not be warranted not only because it reduces competition, but also because this will leave the power to control auditing practices for most publicly traded companies in the hands of very few firms. Finally, few believe that judges will impose maximum sentences for violations of laws intended to prevent corporate fraud, any more than they did in the past. The reasons for imposing less than maximum sentences are many times related to other factors such as lack of prison space. Thus, the enhanced penalty provisions of Sarbanes-Oxley are not likely to make much of an impact in deterring white collar crime and fraudulent auditing and reporting practices. When arguments on both sides are weighed and balanced, this author believes that in the long run Sarbanes-Oxley will have a positive impact on the performance of publicly traded companies and the willingness of the public to invest in such companies. Requiring CEOs and CFOs to actively participate in improving company governance, requiring documentation of internal controls, and mandating more
Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 11

Carol A. Rolf

independence for outside auditors should provide some unexpected company benefits, such as increased production at less cost. The PCAOB and SEC, however, must continue to provide guidance through rules and announcements, and hopefully Congress will increase appropriations to ensure better enforcement than in the past. 6 References

AICPA. Summary of Sarbanes-Oxley Act of 2002. Retrieved April 15, 2005, from http:www.aicpa.org/info/sarbanes_oxley_summary.htm AICPA. Sarbanes-Oxley Act/PCAOB Implementation Central. Retrieved April 15, 2005, from http:www.aicpa.org/sarbanes/index.asp AICPA. (2003). GAO Issues Study on Consolidation in the Profession. Retrieved April 15, 2005, from http:www.aicpa.org/Sarbanes/GAO_Studies.asp AICPA. New Gallup Poll: Accounting Professions Image Recovers. Retrieved April 15, 2005, from http:www.aicpa.org/info/sarbanes/poll.asp AICPA. (2005, January). Additional Aspects of Sarbanes-Oxley Act Explained. Retrieved April 15, 2005, from http:www.aicpa.org/pubs/cpaltr/Oct2002/add.htm Beal, B. (2004, January 6). Study: Sarbanes-Oxley Catalyst for Process Management. Retrieved May 1, 2005, from http://searchcio.techtarget.com/originalContent/0,289142,sid19_gci943310,00.html Beasley, M. S., Carcello, and Hermanson, D.R. (1999). Fraudulent Financial Reporting: 1987-1997. Sponsored by Committee of Sponsoring Organizations. Beasley, M. S. & Hermanson, D. R. (2004). Going Beyond Sarbanes-Oxley Compliance: Five Keys to Creating Value. The CPA Journal. Retrieved April 15, 2005, from http:www.nysscpa.org/cpajournal/2004/604/perspectives/p11.htm Black, W. J. (2004, November/December). Why Doesnt the SEC Have a Chief Criminologist? The Criminologist, Vol. 26, #6. Bowman, F. O. III. (2004). Pour encourager les autres? The Curious History and Distressing Implication of the Criminal Provisions of Sarbanes-Oxley and the Sentencing Guidelines Amendments that Followed. 1 Ohio St. J. Crim. L. 373. Brickey, K. (2003). From Enron to WorldCom and Beyond: Life and Crime After Sarbanes-Oxley. 81 Washington U. Law Quarterly 357-401. Cunningham, L. (2003). The Sarbanes-Oxley Yawn: Heavy Rhetoric, Light Reform (and it Might Just Work). 36 U. Conn. L. Rev. DMReview.com Web Editorial Staff. (2004, February 3). BPM Forum Poll Reveals Impact of Performance Measures Beyond Financial Data. DM Direct Special Report. Retrieved May 1, 2005, from http://www.dmreview.com/article_sub.cfm?articleId=8019 General Accounting Office. (2003, June 30). Public Accounting Firms, Mandated Study on Consolidation and Competition. Retrieved May 1, 2005, from http://www.gao.gov/cgi-bin/getrpt?GAO-03-864 General Accounting Office. (2003, November). Public Accounting Firms, Required Study on the Potential Effects of Mandatory Audit Firm Rotation. Retrieved May 1, 2005, from http://www.gao.gov/new.items/d04216.pdf

Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission.

12

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

Harrington, C. (2003). The New Accounting Environment. AICPA. Retrieved April 15, 2005, from http:www.aicpa.org/jofa/aug2003/harring.htm J. D. Power and Associates. (2005, April). Grant Thornton Highest Among Audit Firms; Second Among Tax Firms. The PowerReport. Retrieved May 1, 2005, from http://www.jdpower.com/special/powerreport/thornton/ThorntonSPR.pdf Li, H., Pincus, M., & Rego, Sonja Olhoft. (2004, November 23). Market Reaction to Events Surrounding the Sarbanes-Oxley Act of 2002. Iowa City: University of Iowa. Morrison, K. R. (2004). Note: Sarbanes-Oxley and the Japanese Accounting Bid Bang: New Motivations for the Promotion of Multidisciplinary Practices. 3 Wash. U. Global Stud. L. Rev. 927. Oesterle, D. A. (2004). Early Observations on the Prosecutions of the Business Scandals of 2002-03: On Sideshow Prosecutions, Spitzers Clash with Donaldson Over Turf, the Choice of Civil or Criminal Actions, and the Tough Tactic of Coerced Cooperation. 1 Ohio St. J. Crim. L. 443. Public Accounting Oversight Board. (2003). PCAOB, Enforcement. Retrieved March 10, 2005, from http://www.pcaobus.org/Enforcement/index.asp Public Accounting Oversight Board. (2003). PCAOB, Inspections. Retrieved March 10, 2005, from http://www.pcaobus.org/inspections/index.asp Public Accounting Oversight Board. (2003). PCAOB, Internal Oversight. Retrieved March 10, 2005, from http://www.pcaobus.org/Internal_Oversight/index.asp Public Accounting Oversight Board. (2003). PCAOB, News and Events. Retrieved March 10, 2005, from http://www.pcaobus.org/News_and_Events/index.asp Rozycki, L.A. (2005, January). Small Firms Fill Holes in Market Created by SOX. AICPA. Retrieved April 15, 2005, from http:www.aicpa.org/pubs/tpcpa/jan2005/small.htm The Sarbanes-Oxley Act Community Forum. (2004, March 3). More Executives Looking Beyond Financials to Determine Success, Survey Shows. Retrieved May 1, 2005, from http://www.sarbanes-oxleyforum.com/modules.php?name=Content&pa=showpage&pid=4 U.S. SEC. (2002, November 14). Division of Corporation Finance: Sarbanes-Oxley Act of 2002 Frequently Asked Questions. Retrieved April 15, 2005, from http://www.sec.gov/divisions/corpfin/faqs/soxact2002.htm U. S. SEC. (2004, May 14). Commission Guidance Regarding the Public Company Accounting Oversight Boards Auditing and Related Professional Practice Standard I. Retrieved April 15, 2005, from http://www.sec.gov/Archives/edgar/data/1024401/000095012904008539/h129822e8vk.txt U.S. SEC. (2004, November 2). Enron Corp. Form 8-K. Retrieved April 15, 2005, from http://www.sec.gov/rules/interp/338422.htm U.S. SEC. (2005, February 11). The Laws That Govern the Securities Industry. Retrieved April 20, 2005, from http://www.sec.gov/about/laws.shtml U.S. SEC. (2005, March 2). Managements Report on Internal Control over Financial Reporting and Certification of Disclosure in Exchange Act Periodic Reports of Non-Accelerated Filers and Foreign Private Issuers. Retrieved May 20, 2005, from http://www.sec.gov/rules/final/33-8545.htm U.S. SEC. (2005, May 19). Spotlight On: Implementation of Internal Control Reporting Provisions. Retrieved May 20, 2005, from http://www.sec.gov/spotlight/soxcomp.htm Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 13

Carol A. Rolf

Victor, G. I. & Levitin, M. S. (2004). Current SEC and PCAOB Developments, CPAs Called On to Do the Right Thing. The CPA Journal. Retrieved April 15, 2005, from http:www.nysscpa.org/cpajournal/2004/904/essentials/p26.htm Zelizer. E. G. (2002). Sarbanes-Oxley: Accounting for Corporate Corruption? 15 Loy. Consumer L. Rev. 27.

Notes
Securities Act of 1933, 48 Stat. 74, 15 U.S.C. 77a 77mm; Securities Exchange Act of 1934, 48 Stat. 881, 15 U.S.C. 78a 78kk. ii Although state securities laws existed by the mid-1850s, the first comprehensive state security law was passed in 1911 in Kansas. The Kansas law was passed in response to investors who had been taken by salesmen making sales of securities in companies backed by nothing but the blue skies of Kansas. From 1911 on, state securities laws have been known as Blue Sky Laws. Since 1956 and the approval of the Uniform Securities Act by the National Conference of Commissioners on Uniform State Laws, most states have attempted to integrate their state laws with the federal securities laws. iii See, e.g., Public Utility Holding Company Act of 1935, 40 Stat. 803, 15 U.S.C. 79-79z; Trust Indenture Act of 1939, 53 Stat 1149, 15 U.S.C. 77aaa-77bbb; Investment Company Act of 1940, 54 Stat.789, 15 U.S.C. 80a-1 80b-64; Investment Advisers Act of 1940, 54 Stat. 789, 847, 15 U.S.C. 80b-1 80b-21. iv The prospectus became known as a red herring, as the standard warning on the prospectus that the information is preliminary appears in red ink. v Sarbanes-Oxley Act of 2002, 15 U.S.C. 101. vi Sarbanes-Oxley Act of 2002, 15 U.S.C. 103. vii A public accounting firm is a firm that provides services for publicly traded companies, while a private accounting firm provides services for companies whose securities are not publicly traded. viii Sarbanes-Oxley Act of 2002, 15 U.S.C. 102(a), 102(f), 105(d), & 109(d). ix Sarbanes-Oxley Act of 2002, 15 U.S.C. 104. x Section 209 of Sarbanes-Oxley directs state regulators to determine whether the PCAOB standards will apply to small and mid-size accounting firms that are not registered with the SEC. Many private companies that expect to become publicly traded companies are complying with Sarbanes-Oxley. In addition, some financing entities, such as banks, are requiring Sarbanes-Oxley compliance by private and non-profit companies. xi Sarbanes-Oxley Act of 2002, 15 U.S.C. 301. xii Some of the following services are considered non-audit services: design and implementation of financial information systems; preparation of accounting records and financial statements; investment banking; internal audit outsourcing; actuarial work; appraisals; and legal. xiii Sarbanes-Oxley Act of 2002, 15 U.S.C. 201. The SEC auditor independence rules already prohibited most of the nonaudit services listed in Sarbanes-Oxley. Services strictly prohibited by Sarbanes Oxley include expert services, internal audit outsourcing, and information systems and design. xiv Sarbanes-Oxley Act of 2002, 15 U.S.C. 206. xv The big four include PriceWaterhouseCooper LLP, Deloitte & Touche LLP, Ernst & Young LLP, and KPMG. xvi Sarbanes-Oxley Act of 2002, 15 U.S.C. 709. xvii Sarbanes-Oxley Act of 2002, 15 U.S.C. 203. In addition, the rules require that certain audit partners be subject to a twoyear time-out period at the end of a five year rotation. xviii Sarbanes-Oxley Act of 2002, 15 U.S.C. 207. xix Sarbanes-Oxley Act of 2002, 15 U.S.C. 103. xx Sarbanes-Oxley Act of 2002, 15 U.S.C. 801 a/k/a Title VIII: Corporate and Criminal Fraud Accountability Act of 2002 and 802 and 1102 xxi Business Performance Management Forum. (2003). www.bpmforum.org. xxii Sarbanes-Oxley Act of 2002, 15 U.S.C. 302. xxiii CEOs and CFOs must certify that they have reviewed the report; that the report fairly represents the financial condition of the company and does not, to the best of their knowledge, contain any false statements or omit material facts; that the officers are responsible for internal controls, which have been designed in a manner that provides information on the parent and all subsidiary companies, and that all material weaknesses and fraud affecting the internal controls have been reported to the Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 14
i

EFFICACY OF THE SARBANES-OXLEY ACT IN CURBING CORPORATE FRAUD

auditors; and that all changes in internal controls that could affect future financial statements have been reported to the auditors. xxiv Under Sarbanes-Oxley, it is unlawful for a publicly traded companys officer or director to fraudulently influence, coerce, manipulate, or mislead the independent auditor. Sarbanes-Oxley Act of 2002, 15 U.S.C. 303. xxv Sarbanes-Oxley Act of 2002, 15 U.S.C. 302. xxvi Sarbanes-Oxley Act of 2002, 15 U.S.C. 305. xxvii The Business Performance Management (BPM) Forum is a new organization established as a result of the challenges faced in complying with Sarbanes-Oxley. Its membership includes hundreds of leading business executives. The web site for the BPM Forum is http://www.bpmforum.org xxviii Sarbanes-Oxley Act of 2002, 15 U.S.C. 305. xxix A blackout period is defined as an interval of three or more business days during which greater than 50% of company employees participating in individual account plans are prevented from buying, selling, or transferring company securities. xxx Sarbanes-Oxley Act of 2002, 15 U.S.C. 306. xxxi Sarbanes-Oxley Act of 2002, 15 U.S.C. 306. xxxii Sarbanes-Oxley Act of 2002, 15 U.S.C. 402(a). xxxiii Sarbanes-Oxley Act of 2002, 15 U.S.C. 403. xxxiv Sarbanes-Oxley increased 2003 appropriations for the SEC. Approximately 12% of the appropriation was allocated to hiring 200 new employees to provide enhanced oversight of auditors and audit services. . . . Sarbanes-Oxley Act of 2002, 15 U.S.C. 601. There was no similar mandate for better enforcement of securities laws, such as the disclosure of 10% plus sales. xxxv Sarbanes-Oxley Act of 2002, 15 U.S.C. 401(a). xxxvi Sarbanes-Oxley Act of 2002, 15 U.S.C. 402(c). xxxvii Sarbanes-Oxley Act of 2002, 15 U.S.C. 407. xxxviii Rapid disclosure is governed by accelerated filing rules adopted by the SEC. The reduced filing time is being phased in and is not yet in effect for all publicly traded companies. xxxix Sarbanes-Oxley Act of 2002, 15 U.S.C. 409. xl Annual reports are available to the public at the SEC Edgar website. http://www.sec.gov/edgar.shtml xli The compliance date is set for mid-July, 2005, but is likely to be extended for another year. xlii Interview with Penelope Kaloudis, MBA, CMA pending, consultant working with domestic and foreign publicly traded companies in developing internal controls to comply with Sarbanes-Oxley. xliii Sarbanes-Oxley Act of 2002, 15 U.S.C. 404(b). xliv Sarbanes-Oxley Act of 2002, 15 U.S.C. 103. xlv There are three main criminal provisions in Sarbanes-Oxley that are made up of the following three separate and conflicting bills filed with Congress: Senator Leahys S. 1020 (Titles VII, IX, and XI of Sarbanes-Oxley); Senator Hatchs and Senator Bidens S. 2717 (Title IX of Sarbanes-Oxley); and Congressman Sensenbrenners H.R. 5118 (Title XI of Sarbanes-Oxley). In its haste to adopt the law before the August recess in 2002, Congress failed to remove all of the inconsistencies and duplications in the three bills that were consolidated and made part of Sarbanes-Oxley. xlvi Sarbanes-Oxley Act of 2002, 15 U.S.C. 801 a/k/a Title VIII: Corporate and Criminal Fraud Accountability Act of 2002 and 802 and 1102, which amended the federal obstruction of justice statute, 73 U.S.C. 1519 and set new penalties for such violations. xlvii Section 1102 of Sarbanes-Oxley includes attempts at criminal obstruction through document tampering or destruction with the same penalties as the actual act. xlviii Sarbanes-Oxley Act of 2002, 15 U.S.C. 807. Conspiracy to commit fraudulent purchase or sale of securities under the mail fraud statute carries the same penalty as the actual act or attempt. Sarbanes-Oxley Act of 2002, 15 U.S.C. 902. xlix Sarbanes-Oxley Act of 2002, 15 U.S.C. 906. This provision conflicts with the section 302 requirement that the certification be based on the certifiers knowledge. Although the SEC requires the corporate officers of the largest publicly traded companies to file sworn statements, section 906 does not prohibit the inclusion of qualifying or explanatory language that might limit liability. l Sarbanes-Oxley Act of 2002, 15 U.S.C. 906. Section 903 of Sarbanes-Oxley also increases the maximum prison sentence for mail and wire fraud from 5 to 20 years. li Sarbanes-Oxley Act of 2002, 15 U.S.C. 904. lii The statute of limitations for a civil action is the earlier of two years after discovery of the violation or five years after the violation. Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission. 15

Carol A. Rolf

Sarbanes-Oxley Act of 2002, 15 U.S.C. 1107. This is an independent commission located in the judicial branch of the government. The seven committee members must be from different political parties and are nominated by the President and confirmed by the Senate. lv Sarbanes-Oxley Act of 2002, 15 U.S.C. 805, 905, & 1104. lvi Discussed in Beasley, M. S. & Hermanson, D. R. (2004). Going Beyond Sarbanes-Oxley Compliance: Five Keys to Creating Value. The CPA Journal. Retrieved April 15, 2005, from http:www.nysscpa.org/cpajournal/2004/604/perspectives/p11.htm lvii Li, H., Pincus, M., & Rego, Sonja Olhoft. (2004, November 23). Market Reaction to Events Surrounding the SarbanesOxley Act of 2002. Iowa City: University of Iowa. The authors of this 2004 study looked at changes in investment activity in S & P 1500 firms before and after enactment of Sarbanes-Oxley. One of the findings of the study was that after the passage of Sarbanes-Oxley, stock prices in the S & P 1500 companies showed an increase. The study attempted to control for other factors that might have caused the increase.
liv

liii

______________________________________ * Attorney CAROL ROLF is Assistant Professor and Director of the Criminal Justice and Legal Studies program at Rivier College and has taught business law courses for over 15 years. Before concentrating on teaching, Attorney Rolf practiced law full time for more than 20 years and is licensed to practice in New Hampshire and Massachusetts. As part of her general law practice, Attorney Rolf represented many business entities. In addition to a law degree, Attorney Rolf has a Masters in Business Administration and a Masters in Counseling, both of which complement the multi-disciplinary Criminal Justice program.

Copyright 2005 by Carol A. Rolf. Published by Rivier College, with permission.

16