How to Limit Corporate Liability after Sarbanes-Oxley - dummies

How to Limit Corporate Liability after Sarbanes-Oxley

Part of Sarbanes-Oxley For Dummies Cheat Sheet

The Sarbanes-Oxley Act (SOX) provides a legal model for running corporations of all sizes, regardless of whether they’re publicly traded and technically subject to SOX. The best legal minds agree that good liability-limiting governance after SOX requires corporations to do the following:

  • Evaluate your board members. After SOX, shareholders expect the directors who sit on the boards that run companies to be independent and financially literate.

  • Create the correct kinds of committees. After SOX, well-governed companies of all sizes break their board members up into audit committees, nominating committees, compensation committees, and maybe even disclosure committees.

  • Get good counsel for corporate officers. The legal trend is that chief executive officers (CEOs) and chief financial officers (CFOs) are held responsible for everything that appears on financial statements. CEOs and CFOs need good legal counsel inside and outside the company to help them ask questions and spot issues necessary to reasonably protect these officers from liability.

  • Set defensive communication standards. When a legal battle ensues, communications processes within the company are scrutinized. Establish clear communication procedures that reflect responsibility and accountability within the company.

  • Know the “hidden” risks to board members. Board members are responsible to shareholders and third parties that rely on the company’s financials. Even in small, private companies, board members can be sued by creditors and third parties that rely on the financial statements.

  • Know when to say “no” to a Section 404 auditor. Attorney opinions can be instrumental in cutting Section 404 costs in a company’s first year of Section 404 compliance. Attorneys can help cut costs in the Section 404 process by identifying areas in which legal liabilities and exposures are minimal.

  • Don’t treat whistle-blowers like whiners. Whistle-blowers are people who alert the company to breaches of internal policy and government regulations, and they must be treated with special care after SOX.

  • Know when to file an 8-K report. SOX Section 404 contains a list of seemingly routine events in the life of a corporation that call for the filing of an 8-K report. These events include (among many others) changes in management and loss of a major client. Know these triggering events.

  • Figure out whether your company needs an SAS 70 Form. Even small companies that technically don’t have to comply with SOX Section 404 may be asked to provide certifications about their internal control to their clients who do have to comply using this form.