The Sarbanes-Oxley Act of 2002 (“SOX”) was the most dramatic change in the securities laws since their original adoption in the 1930s.

Many of the impacts of SOX were immediate and obvious, particularly the creation of the Public Company Accounting Oversight Board (“PCAOB”), the national registration of the portion of the accounting profession that deals with public companies, and the creation of national standards for certain aspects of corporate governance in public companies, an area that had previously been a matter of state law.

A review of recent litigation, enforcement and statutory development suggests that the ripple effects of SOX are being felt now that more than two years have passed since its enactment.

Key developments:

SOX Section 404
SOX Section 404 required public companies to develop and report on internal financial controls. It provided a delayed timeline for implementation of such controls. However, even the delayed timeline has come too quickly for many companies, and the SEC has delayed implementation of some SOX Section 404 reporting.

More important, while companies of all sizes struggled with the costs, time and manpower requirements associated with developing the required financial controls, smaller and mid-cap public companies found the financial burdens particularly burdensome.

AeA, the national high tech trade organization, surveyed its membership concerning the SOX Section 404 question, and last week published the results in a white paper that set out the “unintended consequences” of SOX Section 404.

In particular, AeA noted that the cost of SOX Section 404 compliance was estimated at $35 billion, 20 times the original SEC estimated immediately following passage of SOX.
SOX Section 404 reform could find itself on the Congressional agenda this year.

Governance Standards
Even though the governance standards set out in SOX were aimed solely at public companies, many predicted that it would be only a matter of time before the standards were adopted for all directors in all companies, public or private.

During 2004 the California legislature adopted governance standards aimed at putting some of the SOX governance elements into the California law relating to non-profit corporations.

Under the Non-Profit Integrity Act, many charities will need to adopt audit committees, have audited financial statements, and install controls relating to executive compensation and fundraising.

The following link contains a further discussion of the Non-Profit Integrity Act: 050207_nonprofit.

Up-the-Ladder Reporting
One of the provisions of SOX was aimed at attorneys, SOX Section 307, which requires that attorneys who encounter evidence of securities law violations to report such violations “up-the-ladder” within the organization, so that the information about a violation is not concealed from senior executives or the Board of Directors.

In January, the SEC announced an enforcement action against a company in which the majority shareholder, who was also a director and officer, is alleged to have concealed a series of transactions through which he personally profited by $109 million.

The insider had purchased from a third party – at a steep discount – approximately $325 million of indebtedness owed by his company to the third party. According to the SEC, the insider was aware at the time of the purchase that the company was going to receive a substantial amount of cash and be able to pay the debt in full, reaping the insider of $109 million profit.

None of these facts were included in the company’s SEC filings, even though the company’s outside counsel advised that the transactions under U.S. federal securities laws. The company’s resistance of making full disclosure led to the eventual resignation of its counsel, which told the company’s board of directors and management that it was resigning consistent with its obligations under Section 307 of the Sarbanes-Oxley Act.
Even though the counsel did not make a “noisy” withdrawal from representation, the counsel’s memo was leaked to the New York Times, ultimately leading to the SEC enforcement action.

See SEC Litigation Release 19022 (Jan. 4, 2005).

Bruce Dravis is a partner at Downey Brand LLP, operating primarily in the firm’s Sacramento and Roseville offices, specializing in corporate, securities and business law.