The Public Company Accounting Oversight Board, more commonly called the PCAOB, is a not-for-profit company that was created by congress. Their purpose is to oversee audits of public companies to protect the interests of both investors and the public.
They provide informative, independent, and accurate public accounting audits and oversee audits of broker-dealers. Let’s dive in deeper to understand how their compliance reports, which are filed pursuant to federal securities laws, help protect investors—and how companies can utilize the latest technology to ensure compliance.
How It All Started: The Sarbanes-Oxley Act
Enacted in 2002, the Sarbanes-Oxley Act, commonly called SOX, is a federal law that created specific requirements for public company boards, public accounting firms, and management. In some cases, the requirements are new, while others expand on requirements that were in place prior to SOX. Some provisions of the act also apply to privately held companies. In total, there are 11 sections.
The Sarbanes-Oxley Act was passed in large part as a reaction to a number of corporate accounting scandals, including Enron and Global Crossing.
The various sections of the act include responsibilities for a public company’s board of directors, specify criminal penalties for specific types of misconduct, and require the Securities and Exchange Commission (SEC) to come up with new regulations that define exactly how public companies must comply with the law.
The Powers of the PCAOB
Before you can understand the PCAOB auditing role, you need to learn exactly what they have the power to do:
- Require registration for public accounting firms preparing audits of issuers and broker-dealers
- Create quality control, auditing, independence, and additional standards that relate to the preparation of audits
- Inspect PCAOB-registered public accounting firms
- Investigate and create disciplinary proceedings against public accounting firms (and those associated with them)
- Fine individual auditors up to $100,000
- Fine audit firms up to $2 million
- Promote professional standards among registered public accounting firms
- Improve the quality of audit services provided by public accounting firms
- Sue, complain, be sued, and defend with the approval of any court (Federal, State, and other) or the SEC
- Create and maintain offices and operations in any part of the US
- Exercise all rights and powers anywhere in the US without regard to typical qualifying, licensing, or other provisions of state or local laws
- Hire lawyers, staff, accountants, and other agents
- Collect, assess, and allocate accounting fees that fund the PCAOB
- Execute instruments, enter contracts, incur liabilities, and do whatever else is required to conduct its operations
The Sarbanes-Oxley Act also makes it illegal for companies who offer public accounting audits to provide non-audit services (like consulting) to the clients they’re auditing. Note that there are exceptions (such as tax services) but these exceptions are overseen by the PCAOB.
The Most Important Part of Sarbanes-Oxley for Accounting Firms
The PCAOB has many investigative powers, including the ability to require that public accounting firms—and anyone associated with them—offer testimony and hand over any and all documents in their possession.
In the event a person or firm refuses to provide this, the PCAOB has the power to suspend that person or entity from the public audit industry—either temporarily or indefinitely.
Understanding the Requirements
Sarbanes-Oxley requires all applicable companies (which includes every publicly traded company in the US, all publicly traded non-US-based companies who do business in the US, and all private companies preparing for an initial public offering) to establish an accounting framework that includes generating financial reports that can be verified with source data that can be traced.
The source data must remain intact and cannot be revised without those revisions being documented.
In fact, any and all revisions to any financial or accounting software have to be documented. That documentation must include what was changed, why it was changed, who changed it, and when it was changed.
Steps for Ensuring Compliance with the Sarbanes-Oxley Act
Your company doesn’t have to be involved in white-collar crime; it is easier than you think to be in compliance with the Sarbanes-Oxley Act.
Here are some ways you can feel secure in the event of public accounting audits:
- Create safeguards that prevent data tampering
- Create safeguards that establish and confirm timelines
- Create verifiable controls that track who accesses data
- Make sure said safeguards are verifiable
- Regularly test and report the effectiveness of your safeguards
- Immediately respond to direct security breaches
- Disclose all security safeguards—and breaches of safeguards—to those in a PCAOB auditing role
- Notify independent auditors of security breaches
- Disclose failures in your accounting system
- Develop a list of controls that ensure the accuracy of all financial reports and disclosures
The good news is that companies don’t have to start from scratch when looking for the right safeguards. eFileCabinet does most of the heavy lifting for you.
With it, companies can track each and every piece of accounting data. All revisions are tracked, noting when it was changed, what was changed, and who changed it. Users can also leave notes with the required information about why the data was changed.
Auditors can review the data in eFileCabinet and have a single place to go to get all the information they need.
The process is simplified for both sides, and companies and auditors can feel confident that the information in review is secure, accurate, and up-to-date.