- Article
Organizations are inundated with cybersecurity tips- but what are the most important ones you can tackle immediately? Here are the top 9 cybersecurity tips for your employees.
Chief Financial Officers are prime targets for cyber attacks. Maybe you remember the hacker group that targeted 35,000 CFOs with phishing emails (learn how to prevent phishing here).
In addition to stealing finances, hackers can expose a company’s financial secrets. Many financial institutions must have security awareness training to for compliance reasons.
Other forms of compliance related to accounting is the Sarbanes Oxley Act of 2002 (SOX), which passed in response to major corporate accounting scandals.Â
Designed to protect investors, SOX Act requirements strengthen the accuracy and reliability of financial disclosures made by public companies. To ensure transparency and accountability, SOX mandates compliance requirements public companies must follow during financial reporting.Â
While many companies find Sarbanes Oxley compliance requirements costly and time-consuming to implement, they are essential for protecting investors and maintaining public trust in the markets.
Before Sarbanes Oxley, there were no federal laws holding organizations accountable for accuracy in their financial reporting.
Several high-profile organizations including Enron and Arthur Anderson exploited this financial lawlessness, precipitating a massive drop in public trust.
Enron executives used creative accounting techniques to hide the company’s true financial condition. When the truth finally came out, investors lost billions of dollars while executives took home millions in bonuses.
In response to Enron and other financial scandals like those perpetrated by Peregrine Systems and WorldCom, Congress passed the Sarbanes Oxley Act.Â
Sarbanes Oxley Compliance Requirements are designed to hold corporate executives more accountable for their actions while providing investors with more information about a company’s financial condition.
Executives can no longer claim unawareness of internal accounting inside their companies to escape responsibility.Â
SOX Act requirements established a duty of care, meaning executives had to take reasonable steps to ensure accurate financial statements.
SOX Act requirements mandate corporations comply with 11 sections, or “titles,” addressing corporate governance and financial disclosure. These are extensive requirements, covering every aspect of public company operations.Â
Here are some key elements of SOX that drive compliance:
The SOX Act created the PCAOB, a nonprofit organization under the Securities and Exchange Commission (SEC) created to oversee the audits of public companies. It sets audit standards, inspects accounting firms, and takes disciplinary action against firms and individual accountants who violate these standards.
Frequently criticized for being overly burdensome, SOX requirements can adversely affect smaller companies. Â
One of the most controversial provisions of the SOX Act is Section 404, mandating all publicly traded companies establish internal controls and procedures for financial reporting. They must document, test, and maintain those controls and procedures to ensure their effectiveness. Costs of Sarbanes Oxley compliance requirements can run into the millions.
To ensure that employees feel comfortable reporting fraud and misconduct, SOX includes a provision that protects so-called whistleblowers reporting such activity.
Before this law passed, there were no real protections for employees who spoke up about illegal or unethical behavior. They could be fired or blacklisted from the industry.
The Sarbanes Oxley Act makes it illegal for employers to retaliate against employees who report misconduct or participate in a fraud investigation. This protection applies to both current and former employees.
This protection is essential because it encourages employees to come forward with information about wrongdoing without fear of reprisal.
If whistleblowers are retaliated against, they can sue their employer and collect damages. And if their information leads to a successful prosecution, they can receive a portion of the fines collected, adding a financial incentive to come forward.
If a public company does not comply with SOX, it faces several potential consequences.
The most serious is delisting the company from the stock exchange. Delisted companies can no longer trade and often find it difficult to raise capital.
Other potential consequences include fines, imprisonment, and banishment from doing business with the government. This can devastate a company relying on government contracts.
Officers and directors of a company committing fraud by certifying a report not meeting SOX guidelines can be held personally liable. They might personally pay damages of up to five million dollars and even go to prison for up to 20 years.Â
Despite its critics, the Sarbanes-Oxley Act has had a significant impact on corporate governance and financial disclosure.Â
It has made executives more accountable for the accuracy of their financial statements, and increased the transparency of corporate accounting practices.
Overall, Sarbanes Oxley compliance requirements have helped restore investor confidence – something much needed in the wake of corporate scandals in the early 2000s.
For more information on ThriveDX enterprise security training programs, please visit us at https://thrivedx.com/for-enterprise.
Sign up for ThriveDX's quarterly newsletter to receive information on the latest cybersecurity trends, expert takes, security news, and free resources.
If you are looking to connect with someone from our team on-site, please leave your contact information here and we will connect with you directly during the conference.