Who's afraid of Sarbanes-Oxley? Accountability legislation creates additional document retention requirements and responsibilities for records managers. (Capital edge: legislative & regulatory update).

The Sarbanes-Oxley Act See SOX. of 2002 represents the most meaningful and consequential corporate accountability legislation passed by the federal government since the 1930s. Signed into law July 30, 2002, by President George W. Bush, this Act will change the way corporate America does business.

Sarbanes-Oxley is a sweeping reform aimed at protecting investors by improving the accuracy and reliability of corporate disclosures made pursuant to securities laws. The legislation was in large part a response to the issues of accountability raised by the Enron and Arthur Andersen For the U.S. Supreme Court case commonly known as Arthur Andersen, see .
Arthur Andersen LLP, based in Chicago, was once one of the "Big Five" accounting firms (the other four are PricewaterhouseCoopers, Deloitte Touche Tohmatsu, Ernst & Young and KPMG), performing investigations and Will most directly impact the accounting industry, publicly traded companies publicly traded company

A company whose shares of common stock are held by the public and are available for purchase by investors. The shares of publicly traded firms are bought and sold on the organized exchanges or in the over-the-counter market. , and investment banking firms.

The law creates a new oversight board for accounting firms that audit publicly traded companies. It also addresses auditor independence, corporate responsibility at publicly traded companies, financial disclosures of publicly traded companies, and financial analysts' conflicts of interest. It creates new boundaries between analysts and dealers in investment banking firms and establishes new corporate accountability rules.

Sarbanes-Oxley also creates protections for whistleblowers at publicly traded companies and imposes new criminal penalties relating to relating to relate prep → concernant

relating to relate prep → bezüglich +gen, mit Bezug auf +acc fraud, conspiracy, and impeding investigations. It requires organizations to certify the accuracy of their financial statements and instructs them to retain all documents that support those numbers.

How the federal government will enforce the provisions of the Act remains to be seen, but Sarbanes-Oxley already has opened a lot of executive's eyes to the critical importance of records and information management in corporate America. In light of the legislation's profound importance, it is vital to consider how the new rules impact records and information management now and in the future.

Corporate Oversight and Responsibility

The Act creates the Public Company Accounting Oversight Board The Public Company Accounting Oversight Board (or PCAOB) (sometimes called "Peekaboo") is a private-sector, non-profit corporation created by the Sarbanes-Oxley Act, a 2002 United States federal law, to oversee the auditors of public companies. to oversee the audit of public companies subject to securities laws in order to protect investors' interests and further the public interest in the preparation of "informative, accurate, and independent" audit reports. When it is established, the Board's authority will include

* registering public accounting firms that prepare audits for publicly traded companies

* establishing or adopting auditing, quality control, ethics, independence, or other standards for preparing audit reports

* conducting inspections of registered pubic pubic /pu·bic/ (pu´bik) pertaining to or situated near the pubes, the pubic bone, or the pubic region.

pu·bic
adj.
1. accounting firms

* conducting investigations and disciplinary proceedings, and imposing sanctions on registered public accounting firms. (The Securities and Exchange Commission, however, can override the Board's sanctions.)

* enforcing compliance with the Sarbanes-Oxley Act, rules of the Board, professional standards, and securities laws

The Public Company Accounting Oversight Board is not yet a viable entity and, according to according to
prep.
1. As stated or indicated by; on the authority of: according to historians.

2. In keeping with: according to instructions.

3. Frank Moore Frank Moore is a name shared by the following individuals:

Frank Moore (journalist) (1828-1904), American writer who compiled volumes of documents pertaining to American cultural history
Frank A.

of Smith, Bucklin and Associates, an association management and professional services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. firm, it will be at least a few years before everything is in place and the Board begins investigating. When that happens, the Board can impose sanctions for violations--$1,000 for individuals and up to $2 million for corporations, per violation or occurrence.

Accounting firms that prepare or issue any audit report of a publicly traded company are required to register with the Board. The Board is authorized to establish rules governing these registered public accounting firms and to assure that these firms comply with Board rules. Further, each registered public accounting firm must prepare and maintain for a period of not less than seven years, "... audit work papers Noun 1. work papers - a legal document giving information required for employment of certain people in certain countries
work permit, working papers , and other information related to any audit report, in sufficient detail to support the conclusions reached in [the audit report]." Sarbanes-Oxley defines audit report as "a document or other record prepared following an audit performed by an issuer for purposes of compliance with the requirements of the securities laws; and in which a public accounting firm either sets forth the opinion of that firm regarding a financial statement, report, or other document; or asserts that no such opinion can be expressed." In addition, the Board may require registered firms to retain for inspection purposes "records whose retention is not otherwise required."

The Board will conduct annual investigations of any act or practice by a registered public accounting firm or associated employee. The Board is also authorized to require the production of "audit work papers and any other document or information in the possession of a registered public accounting firm or any associated person Associated Person

The name given to participants within the futures market that are involved in the solicitation or facilitation of transacting customer orders, the maintenance of discretionary accounts, or the true participatory involvement in the futures market. " that is relevant or material to an investigation and to suspend or bar any individual from association with a registered public accounting firm or suspend or revoke the registration of any public accounting firm for failure to produce any documents requested.

Registered public accounting firms would be required to describe in each audit report 1) "the scope of the auditor's testing of the internal control structure and procedures" of the publicly traded company and includes in the report "the findings of the auditor from such testing"; 2) "an evaluation of whether such internal control structure and procedures include maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the issuer, provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles The standard accounting rules, regulations, and procedures used by companies in maintaining their financial records.

Generally accepted accounting principles (GAAP) provide companies and accountants with a consistent set of guidelines that cover both broad accounting , and that receipts and expenditures of the issuer are being made only in accordance with authorizations of management and directors of the issuer"; and 3) "a description, at a minimum, of material weaknesses in such internal controls, and of any material noncompliance noncompliance

failure of the owner to follow instructions, particularly in administering medication as prescribed; a cause of a less than expected response to treatment.

noncompliance found on the basis of such testing."

Sarbanes-Oxley also addresses conflicts of interest that may arise when a securities analyst employed by a broker or dealer engaged in investment banking activities recommends equity securities in research reports and public appearances. It authorizes the Securities and Exchange Commission (SEC) to issue rules that restrict "the pre-publication clearance or approval of research reports" and to define periods during which brokers or dealers participating in public offerings should not "publish or otherwise distribute research reports." A research report is defined by the legislation as "a written or electronic communication that includes an analysis of equity securities of individual companies or industries, and that provides information reasonably sufficient upon which to base an investment decision."

The Act also requires the SEC to issue rules that "establish structural and institutional safeguards within registered brokers or dealers to assure that securities analysts are separated by appropriate informational partitions within the firm from the review, pressure, or oversight of those whose involvement in investment banking activities might potentially bias their judgment or supervision."

Corporate and Criminal Fraud Accountability

Perhaps the most broadly applicable provisions of the legislation are found in Title VIII, the Corporate and Criminal Fraud Accountability Act There are a number of piece of legislation known as the Accountability Act:

Canada's Federal Accountability Act
The American Syria Accountability Act,
Darfur Peace and Accountability Act
Health Insurance Portability and Accountability Act

of 2002, which establishes penalties for altering documents. These provisions are intended to close loopholes revealed in the prosecution of the Enron and Arthur Andersen cases. Title VIII amends the obstruction of justice A criminal offense that involves interference, through words or actions, with the proper operations of a court or officers of the court.

The integrity of the judicial system depends on the participants' acting honestly and without fear of reprisals. provisions of the U.S. Code A multivolume publication of the text of statutes enacted by Congress.

Until 1926, the positive law for federal legislation was published in one volume of the Revised Statutes of 1875, and then in each sub-sequent volume of the statutes at large. by adding language and new code sections relating to the "destruction, alteration, or falsification falsification /fal·si·fi·ca·tion/ (fawl?si-fi-ka´shun) lying.

retrospective falsification unconscious distortion of past experiences to conform to present emotional needs. of records in federal investigations and bankruptcy." These provisions are not limited to registered public accounting firms, publicly traded companies, or investment banking firms; they apply to every individual and/or organization that retains records. However, like most provisions for criminal activity, they require that the elements of knowledge and intent be proven in order to warrant a violation.

A provision added to the code imposes a fine and/or imprisonment Imprisonment
See also Isolation.

Alcatraz Island

former federal maximum security penitentiary, near San Francisco; “escapeproof.” [Am. Hist.: Flexner, 218]

Altmark, the

German prison ship in World War II. [Br. Hist. of up to 20 years for "whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct ob·struct
v.
To block or close a body passage so as to hinder or interrupt a flow.

ob·structive adj. , or influence" an investigation or proceeding by a federal department or agency or any case filed in bankruptcy. It should be noted that this language would apply to an instance, as occurred in the Arthur Andersen case, where documents are destroyed before a subpoena subpoena (səpē`nə) [Lat.,=under penalty], in law, an order to a witness to appear before a court. A subpoena ad testificandum [Lat. is issued, but after officials are aware an investigation is underway and are anticipating a subpoena.

A second provision imposes a fine and/or imprisonment of not more than 10 years for failure by any accountant who conducts an audit of a publicly traded company to "maintain all audit and review workpapers for a period of five years from the end of the fiscal period in which the audit or review was concluded." The five-year time period equals the statute of limitations A type of federal or state law that restricts the time within which legal proceedings may be brought.

Statutes of limitations, which date back to early Roman Law, are a fundamental part of European and U.S. law. for most federal crimes. It also applies the fine and/or imprisonment to "whoever knowingly violates" the duty imposed on any accountant.

Supporting documentation for an audit could potentially include faxes, voice mail, e-mail, and written communications. After July 26, 2003, organizations will be required to file and report electronic records, including e-mails. Organizations that have not already done so should implement an e-mail retention program and the operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. necessary to restore and retrieve e-mails for five years or longer. It is not necessary to save every deleted and sent e-mail produced by every employee, but employees should not be left to decide on their own which e-mail messages should be saved and which should not.

The new rules demand that records managers familiarize themselves with information technology concepts in order to implement and maintain the records and information management policies that Sarbanes-Oxley necessitates.

Finally, title VIII requires the U.S. Sentencing Commission The U.S. Sentencing Commission is the agency responsible for the establishment of sentencing policies and procedures for the federal court system. The first task of the commission was to develop a uniform set of sentencing guidelines for the federal courts. to amend the Federal Sentencing Guidelines The Federal Sentencing Guidelines are rules that set out a uniform sentencing policy for convicted defendants in the United States federal court system. The Guidelines are the product of the United States Sentencing Commission and are part of an overall federal sentencing reform to ensure that "the enhancements and specific offense characteristics relating to obstruction of justice are adequate in cases where ... the destruction, alteration, or fabrication fabrication (fab´rikā´sh

n),
n the construction or making of a restoration. of evidence" are involved. The intent was to allow the commission to increase penalties in obstruction of justice cases where evidence is destroyed. In this instance, evidence will include documents and other records in all forms. To encourage employees to report fraud to authorities, Title VIII also establishes new whistleblower whis·tle·blow·er or whis·tle-blow·er or whistle blower
n.
One who reveals wrongdoing within an organization to the public or to those in positions of authority: "The Pentagon's most famous whistleblower is . . protections for employees of publicly traded companies who, among other things, lawfully "provide information, cause information to be provided, or otherwise assist in an investigation regarding any conduct which the employee reasonably believes" violates specific sections of the U.S. Code or any SEC rules or regulations.

An Accountability Wake-Up Call

In Title XI, the Corporate Fraud Accountability Act of 2002, Congress tried to answer the issues raised by the Enron/Arthur Andersen scandal. Title XI adds a new provision to the U.S. Code addressing tampering tampering The adulteration of a thing. See Drug tampering. with a witness, victim, or informant. It imposes a fine and/or imprisonment for not more than 20 years for anyone who "corruptly alters, destroys, mutilates, or conceals a record, document, or other object, or attempts to do so, with the intent to impair the object's integrity or availability for use in an official proceeding" or "otherwise obstructs, influences, or impedes any official proceeding, or attempts to do so."

According to Moore, Section 1519 of this provision does not discriminate between audit records and other records; it applies to any company--public or private--and all records. Along with written communications, this provision also encompasses e-mail, voice mail, and all other forms of communication. It also covers both ongoing investigations and investigations under consideration.

This particular provision has far-reaching implications for records managers. Obviously, organizations and employees are forbidden to deliberately tamper To meddle, alter, or improperly interfere with something; to make changes or corrupt, as in tampering with the evidence. with, destroy, or hide evidence. However, under Section 1102, organizations that fail to manage their records in such a way that they are retrievable also could potentially be in violation. If a corporation maintains a poor records management program and is unable to retrieve records pertinent to an investigation, then records managers or executives could be fined or incarcerated incarcerated /in·car·cer·at·ed/ (in-kahr´ser-at?ed) imprisoned; constricted; subjected to incarceration.

in·car·cer·at·ed
adj.
Confined or trapped, as a hernia. .

It is important to understand that if a record cannot be found or retrieved, the legal onus is on the organization to prove its innocence. Whether a record was "lost" intentionally or as a result of sloppy records management is of no concern to government investigators. Thus, organizations large and small should consider this legislation a wake-up call to clean up, reorganize, or revise their records management procedures. To not do so is to risk their company's well-being.

Implications for RIM

The Sarbanes-Oxley Act has put more focus than ever on the effectiveness of records and information management programs. It requires that records management process within all organizations be reviewed and modified immediately to comply with the new legal landscape. All records management professionals should understand the broad application of the obstruction of justice provisions added to the criminal code. While knowledge and intent are required to prove a violation, safeguards may be re-emphasized or incorporated into document retention policies to avoid the appearance of impropriety Appearance of impropriety is a term often used in reference to a situation whose ethics is deemed questionable. It means that any layperson, without knowledge of the facts, would assume that something he/she saw or heard was inappropriate or a violation of a rule/regulation. or violation.

In addition, the U.S. Code provisions regarding records management suggest the importance of clear lines of communication "Lines of Communication" is an episode from the fourth season of the science-fiction television series Babylon 5. Synopsis
Franklin and Marcus attempt to persuade the Mars resistance to assist Sheridan in opposing President Clark. between records managers, corporate management, and counsel, as well as an organization-wide awareness of both the law and the organization's records management policies.

Legal experts say Sarbanes-Oxley leaves the door open for the SEC or the Public Company Accounting Oversight Board to introduce more regulations and/or flesh out existing ones. In fact, once the Board is established, Moore says he expects that it will issue additional resolutions. Organizations must keep apprised of current and new provisions.

Clearly, Sarbanes-Oxley and the corporate accounting scandals Accounting scandals, or corporate accounting scandals are political and business scandals which arise with the disclosure of misdeeds by trusted executives of large public corporations. that necessitated it have made records management much more difficult, but they also have made the profession more important than ever before.

Sarbanes-Oxley Guidelines

Angie Fares, RHIA RHIA Registered Health Information Administrator (formerly Registered Records Administrator; American Health Information Management Association) , CRM (Customer Relationship Management) An integrated information system that is used to plan, schedule and control the presales and postsales activities in an organization.

Sarbanes-Oxley affects every organization and every records manager. Records managers can prepare their organizations for Sarbanes-Oxley compliance by considering or enacting the following key steps:

1. Review retention schedules to ensure that retention guidelines for accounting records, audit work papers, financial statements, and supporting documentation are consistent with the new requirements.

2. Review voice mail and e-mail retention policies to ensure that any material associated with key investigations or audits is being retained and that the appropriate operating systems necessary for restoration and retrieval are also being maintained. Review current procedures for categorizing or indexing e-mail and voice mail. Those who are not categorizing e-mail or training employees to select documents for retention need to be aware that they may need to retain all e-mail for no less than five years and possibly up to seven years in order to be able to retrieve e-mail associated with audits and investigations. All associated operating systems and search tools also must be maintained. Because voice mail is not typically backed up, sorted, or indexed, it may be necessary to consider training key employees to forward voice mail to e-mail for preservation.

3. Review current practices for originating and storing documents. Consider whether all communications, documents, and workflows should both originate and be stored on central servers rather than on hard drives where document retention and destruction rules are difficult to enforce.

4. Review whistleblower reporting mechanisms. It may be necessary to provide phone lines that do not have caller identification or e-mail boxes that screen the identity of the sender to protect the employee from potential harassment Ask a Lawyer

Question
Country: United States of America
State: Nevada

I recently moved to nev.from abut have been going back to ca. every 2 to 3 weeks for med. , discrimination, or disciplinary action.

5. Meet with the internal audit department to review audit plans for key systems used to generate financial statements. Make sure the regularly scheduled audits are performed on the systems and data to ensure data integrity, change control, and user access security. If e-mail and voice mail are being categorized cat·e·go·rize
tr.v. cat·e·go·rized, cat·e·go·riz·ing, cat·e·go·riz·es
To put into a category or categories; classify.

cat or selectively retained (i.e., employee subjectively selects which ones he/she thinks should be kept), then audits should be periodically performed to ensure that employees are correctly categorizing and retaining important communications.

Bob Tillman John Robert Tillman (March 24, 1937 - June 23, 2000) born in Nashville, Tennessee was a Catcher for the Boston Red Sox (1962-67), New York Yankees (1967) and Atlanta Braves (1968-70). is Director of Public Relations public relations, activities and policies used to create public interest in a person, idea, product, institution, or business establishment. By its nature, public relations is devoted to serving particular interests by presenting them to the public in the most and Advocacy for ARMA International. He may be contacted at btillman@arma.org.

COPYRIGHT 2002 Association of Records Managers & Administrators (ARMA)
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Author:	Tillman, Bob
Publication:	Information Management Journal
Geographic Code:	1USA
Date:	Nov 1, 2002
Words:	2540
Previous Article:	Microsoft looks into loopholes. (Up front: news, trends & analysis).(Brief Article)
Next Article:	Recall acquires PRSI. (Marketplace: new products & industry announcements).(Brief Article)
Topics:	Business ethics Laws, regulations and rules

Related Articles
What is really important for tax executives in Sarbanes-Oxley?
Preserving the paper (and electronic) trail: records and information management professionals will be key players in devising systems to meet the...
ARMA files comment with the SEC.
Happenings at the Board of Directors' December meeting.(American Institute of Certified Public Accountants)
The why and what of WORM technology: WORM tape libraries make sense. (Tape/Disk/Optical Storage).
Legislation, regulation, and the role of the AMC: as illustrated with the Sarbanes-Oxley Act, AMCs play a key role in informing and protecting their...
Tips for the Sarbanes-Oxley learning curve: the act has brought more complexity to firm management; here's some broad-based help.
Ensuring compliance through ECM.(Regulatory Compliance)(Enterprise Content Management)(Business Process Management)
A silver lining: Sarbanes-Oxley compliance may reveal hidden dividends for insurers.(Sarbanes-Oxley Act of 2002)
Sarbanes-Oxley compliance: benefits for the private firm.(INSIDER'S OUTLOOK)