Telephone: 01908 041464 | Email:

Why a SHEQ Manager needs to know about the Sarbanes Oxley Act 2002

Monday 24th August 2020

What is Sarbanes-Oxley? 

The Sarbanes-Oxley Act 2002 (SOX) was passed in the US to increase the accountability of US Public listed Companies and some aspects of privately owned businesses in relation to cases of bribery and corruption. The Sarbanes-Oxley Act 2002, also known as the “Public Company Accounting Reform and Investor Protection Act”, is a major piece of US federal legislation that came into effect following cases of massive corporate fraud at US corporations Enron and WorldCom. The law expanded transparency requirements for all US public company boards, management and public accounting and auditing firms. Several provisions of the act also apply to private companies. More importantly, the act covers the responsibilities of business leadership and board of directors and adds criminal penalties for certain acts of misconduct. Therefore, SOX compliance is important for US companies in implementing good corporate governance and financial reporting. 

Why should a UK SHEQ Manager need to know about SOX? 

SHEQ managers will be managing ISO 9001 Quality, ISO 14001 Environmental, ISO 45001 Occupational Health and Safety systems and each of these will have some applicability to ethics and codes of conduct. SOX may be legislation applicable to businesses in the US, but the reach of it extends to business dealings of US entities elsewhere. The thorough nature of the legislation requires US corporations to review their supply chains, and naturally, the questions that they will be asked by regulators will be passed on to their supply chain. Questions that you may be asked will include "What are your controls on": 

  • Payroll systems
  • Salaries
  • Workforce
  • Benefits
  • Incentives
  • Paid time off
  • Training

SOX requires certain employers to adopt an ethics program that include a codified code of ethics, a communications plan, and staff training. Businesses may also may need to put up procurement information on their public website. It is crucial that the public understands your business' stance when it comes to compliance with the relevant legislation. Businesses can relay this compliance back to its customers through various policy statements. An example of this could be a third party expectations statement, where a business outlines its expectations on good business practies and compliance from its third party partners and suppliers. This includes:

  • Health, Safety and Environmental (HSE)
  • Human Rights and Employment Practices
  • Financial Operations Controls
  • Conflicts of Interest, Gifts, Entertainment, and Business Courtesies
  • Improper Payments
  • Trade Controls
  • Money Laundering Prevention
  • Company Resources
  • Competing Fairly
  • Government Work
  • Reporting Concerns

Another example is an anti-corruption initiative, imposed through collective action. An example of a company's anti-corruption initiative, as well as more information, can be found here.

UK Companies with US listings 

SOX compliance is important for UK companies with US listings. There are approximately 110 UK companies registered on the NASDAQ and NYSE. Since business between legal entities and individuals is increasingly interconnected online, board directors and leadership need to ensure that IT systems are SOX compliant to ensure transparency in accounting and audit reporting. Furthermore, if the UK-based business is a subsidiary of a US-listed company, it will need to be SOX compliant. As a further deterrent against corporate fraud, SOX now places full responsibility and accountability for the tracking of information for daily activities that have an impact upon financial performance upon the shoulders of the leadership and management teams of those businesses. Section 802 and Section 906 of SOX outline the responsibilities of leadership for financial report and audit management, with penalties for non-compliance, fraud and tampering with records and reports, which can be severe, with leadership positions such as the CEO and CFO liable to be fined up to £3million each and prison sentences up to 20 years, or both. Section 1107 of SOX also provides provisions protecting whistle-blowers, providing another facet for business transparency with respect to reporting corporate bribery and corruption. All this can apply to UK-based businesses. .


Nic Farrell

Published on 24 August 2020

Video Credit: "The Sarbanes-Oxley Act 2002" - Edspira    |   Disclaimer: Spedan Ltd has reviewed this video content and deemed it applicable to the topic but has not been associated in its production or publishing. 

Related Articles

5 steps to improve your Quality Management System
New Year objectives for your ISO 9001 Quality system
Tips on choosing an ISO 9001 Certification Body

We hope this article has been helpful

If you have any further questions or want to learn more about what we can do for your business, please contact us using the link or details below:


Tel: 01908 255 525