UK SOX: much is unknown – but the time to prepare is now – Information Age

Disclaimer: These articles have been sourced from internet, Estrategya doesn’t own or in any way belives any opinion as projected in these articles.

  • Welcome to Information Age!

    Technology is moving extremely fast and you don’t want to miss anything, sign up to our newsletter and you will get all the latest tech news straight into your inbox!

  • I want to recieve updates for the followoing:

document.getElementById( “ak_js_1” ).setAttribute( “value”, ( new Date() ).getTime() );

jQuery(document).ready(function($){gformInitSpinner( 4, ‘’ );jQuery(‘#gform_ajax_frame_4’).on(‘load’,function(){var contents = jQuery(this).contents().find(‘*’).html();var is_postback = contents.indexOf(‘GF_AJAX_POSTBACK’) >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find(‘#gform_wrapper_4’);var is_confirmation = jQuery(this).contents().find(‘#gform_confirmation_wrapper_4’).length > 0;var is_redirect = contents.indexOf(‘gformRedirect(){‘) >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery(‘html’).css(‘margin-top’), 10) + parseInt(jQuery(‘body’).css(‘margin-top’), 10) + 100;if(is_form){jQuery(‘#gform_wrapper_4’).html(form_content.html());if(form_content.hasClass(‘gform_validation_error’)){jQuery(‘#gform_wrapper_4’).addClass(‘gform_validation_error’);} else {jQuery(‘#gform_wrapper_4’).removeClass(‘gform_validation_error’);}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery(‘#gform_wrapper_4’).offset().top – mt); }, 50 );if(window[‘gformInitDatepicker’]) {gformInitDatepicker();}if(window[‘gformInitPriceFields’]) {gformInitPriceFields();}var current_page = jQuery(‘#gform_source_page_number_4’).val();gformInitSpinner( 4, ‘’ );jQuery(document).trigger(‘gform_page_loaded’, [4, current_page]);window[‘gf_submitting_4’] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find(‘.GF_AJAX_POSTBACK’).html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery(‘#gform_wrapper_4’).replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery(‘#gf_4’).offset().top – mt);jQuery(document).trigger(‘gform_confirmation_loaded’, [4]);window[‘gf_submitting_4’] = false;}, 50);}else{jQuery(‘#gform_4’).append(contents);if(window[‘gformRedirect’]) {gformRedirect();}}jQuery(document).trigger(‘gform_post_render’, [4, current_page]);} );} ); jQuery(document).bind(‘gform_post_render’, function(event, formId, currentPage){if(formId == 4) {if(typeof Placeholders != ‘undefined’){
}} } );jQuery(document).bind(‘gform_post_conditional_logic’, function(event, formId, fields, isInit){} ); jQuery(document).ready(function(){jQuery(document).trigger(‘gform_post_render’, [4, 1]) } );
Technology is moving extremely fast and you don’t want to miss anything, sign up to our newsletter and you will get all the latest tech news straight into your inbox!
I want to recieve updates for the followoing:
document.getElementById( “ak_js_1” ).setAttribute( “value”, ( new Date() ).getTime() );
I accept that the data provided on this form will be processed, stored, and used in accordance with the terms set out in our privacy policy.
No thanks I don’t want to stay up to date
It is almost 20 years since the Sarbanes-Oxley Act (SOX) was passed in the US. Following a slew of corporate scandals – with Enron and WorldCom arguably the most high-profile – its purpose is to protect all stakeholders from the effects of publicly traded (US) companies failing as a result of financial mis-reporting, whether intentional or not. At the time, SOX was not introduced in the UK, although through the need for compliance by any US-listed foreign private issuers, its reach spread out to some UK companies. But that all looks set to change.
In March this year, the UK Government’s Department for Business, Energy & Industrial Strategy (BEIS) published a white paper on restoring trust in audit and corporate governance. Driven by the financial scandals and auditing failures taking place in recent years (such as over-stated profits of £326 million at Tesco and a £40 million accounting fraud and ultimate demise of café chain Patisserie Valerie), the message that events of this nature cannot continue to be allowed to happen is very clear: a new and targeted regulation – that will place significant scrutiny on financial reporting controls – is inevitable.
What is uncertain, however, is the form this will take. The current consultation period, in which the industry provides the BEIS with feedback on its white paper proposals, ended on 8 July 2021, and from here the exact legislation will be worked on, with its formal introduction expected to be around 2023.
Despite the current lack of clarity, there is much that UK-listed companies should be doing now to smooth the process and ensure full compliance when the legislation is implemented. What does seem highly likely, based on SOX experience in the US, is that company executives and directors will be held personally accountable for the effectiveness of internal controls over financial reporting, an edict that drives home how critical it is that related business processes are transparent, effective and widely-understood.
Ensuring compliance therefore centres on enabling a strong internal controls environment; this requires moving away from the informal, ad hoc and heavily manual way that controls are currently managed in the absence of a SOX-like regulation. Organisations need to instil a culture that recognises the importance of this objective, by making risk and controls a board-level agenda item, and establishing that the supporting enterprise technology is robust enough for the task.
Eduardo Rocha, security analyst at GlobalDots, discusses how a lack of governance can hold cloud workload protection (CWP) back. Read here
Going about a controls transformation programme is a significant undertaking that calls for strategic planning across the organisation, with people, data and technology being the foundations of the process.
Organisational culture can make or break organisational change. Employees from top to bottom within the enterprise need to understand fully why internal controls are important, how their individual roles play a part in maintaining compliance and why these activities need to be an integral part of business life.
Risk and control data is crucial to enable clear insights into any control weaknesses, in order that they can be rectified ahead of the introduction of the new regulation. This data therefore needs to be stored and managed in a way that is transparent and accessible; a siloed set-up can hinder the identification and remediation of potentially significant risks, for example.
Technology-driven internal controls offer tangible benefits; real-time reporting can improve their visibility, while automated controls reduce the amount of manual effort required to be compliant. Within that it’s important to know which automated controls are already available within existing enterprise technology, and ensure that all those that are relevant are ‘switched on’.
Putting these measures in place now establishes an internal controls mindset well in advance of it becoming a compulsory requirement for organisations. As the regulatory requirements become clearer, enterprises can focus on interpreting what the legislation means for their specific control environment, as well as determine the minimum requirements they need to meet, which is important in order to direct and prioritise initial activities and investments.
UK enterprises can also learn from almost two decades of SOX in the US, where the first-of-a-kind regulation was introduced into a landscape in which supporting technology was far less sophisticated.
Initially the trend was to go into overdrive, with organisations throwing as many controls into the mix as possible in the hope that enough of them would be effective; the preference was (understandably) to do too much rather than not enough. The result was a lot of unnecessary cost, and over-zealous activity was, in the main, dialled down after a couple of years.
In terms of repercussions of non-compliance, the threatened jail term is unlikely. But companies that fail SOX audits can suffer share price dips (cue unhappy investors), while the career paths of those at the helm and responsible for the failure are potentially limited.
Mark Keddie, global director of privacy at Veritas Technologies, discusses how businesses can adapt to the rising tide of data regulation. Read here
Getting SOX compliant is a lot of work. But investing time, budget and resource in the early days will smooth the path to compliance in the long term. Early preparation will also do away with the temptation to ‘over-control’ (which can impact business operations while adding nothing to the compliance equation). There is no need for hundreds of internal controls; it’s more important to implement the right, risk-based, ones.
Unlike the early days of SOX in the US, technology now has the capability to play a big part in compliance; it can transform sluggish manual controls into lean, muscular automated ones led by an all-important risk-based approach. In short, be informed, be strategic, embrace technology – and start early.
Written by Marc Jackson, practice director – integrated risk management at Turnkey Consulting
The pace of change has never been this fast, yet it will never be this slow again.
20 April 2022 / The cyber security landscape for small businesses, and the tips and tools that can help […]
19 April 2022 / Gartner has forecasted that global public cloud end-user spending will grow 20.4% to total $494.7 billion in 2022.
19 April 2022 / Vandana Singal, director, solution consulting at Pimcore Global Services, discusses the importance of digital transformation for consumer packaged goods (CPG) companies.
14 April 2022 / Simon Eyre, chief information security officer at Drawbridge, discusses how organisations can mitigate security risks […]
14 April 2022 / Dr. Francis Gaffney, director at Mimecast, explores the evolving security challenges that will take place within the metaverse.
13 April 2022 / New research from Mulesoft has revealed the impact that the Great Resignation is having on organisations, and how this can be mitigated.
13 April 2022 / Proptech is leading new ways for property management, short-stay, tenancy, workspace design and estate agency […]
13 April 2022 / Biometric verification firm Jumio has hired Stuart Wells as its new chief technology officer, as it unveils its new Innovation Lab.
12 April 2022 / During the most recent IT Press Tour in Tel Aviv, Model9 discussed how it is reimagining mainframe data management in the cloud.
© Bonhill Group Plc,
29 Clerkenwell Road, London EC1M 5RN
T. 020 7638 6378
Part of the Bonhill Group.


Share on facebook
Share on twitter
Share on linkedin
Share on pinterest

Leave a Comment

Your email address will not be published.


It’s easy: all we need is your email & your eternal love. But we’ll settle for your email.