Interest in corporate governance, and more specifically information governance, has been on the rise following major corporate scandals that led to the collapse of such major companies as Enron, WorldCom and Tyco.

Enron, an energy and natural resources producer, claimed revenue of more than $100 billion in 2000. By 2001, however, it came to light that the company’s reported financial condition was the product of a deliberate and sustained accounting fraud, leading to a bankruptcy that shocked and surprised shareholders and employees alike. The fraud was so pervasive and wide-sweeping that it also precipitated the demise of Enron’s accounting firm, Arthur Anderson. Enron’s status as the largest Chapter 11 bankruptcy in history was soon surpassed by that of WorldCom in 2002, also the result of fraudulent accounting methods.

This type of problem isn’t confined to the United States – similar accounting scandals rocked Australia, Canada, Italy, Japan and other countries.

In order to restore public confidence, U.S. Senator Paul Sarbanes and Representative Michael Oxley introduced the ‘Public Company Accounting Reform and Investor Protection Act’ (in the Senate) and ‘Corporate and Auditing Accountability and Responsibility Act’ (in the House), more commonly known as Sarbanes-Oxley, or simply SOX.

The Act empowers the Securities and Exchange Commission to implement rules overseeing accounting practices, corporate governance and financial disclosure. The act holds senior management responsible for the completeness and veracity of corporate financial statements, including the requirement that the CEO and CFO personally attest to the accuracy of quarterly financial reports.

The Act also takes steps to prevent conflicts of interest between corporations and the firms that audit them. In some instances, firms that provided auditing services to companies also provided those same companies with lucrative consulting services. Accounting firms that challenged their clients’ accounting practices or financial statements were potentially jeopardizing their own bottom line.

Likewise, security analysts that recommended stocks to their clients may also have worked for firms that provided loans or other banking services and had a disincentive for making a negative recommendation against an important client.

Sarbanes-Oxley stipulates the concept that knowingly providing inaccurate financial statements is a criminal offense, and gives power to strengthen punishments against those who commit such acts, as well as other types of white-collar crime. In short, the Act aims to strengthen the integrity and transparency of financial reporting.

SOX has both its proponents and detractors; most of its received criticism is based on the actual costs associated with compliance, which are ultimately passed on to the very investor Sarbanes-Oxley is designed to protect. Some critics claim the Act actually has discouraged the creation of public companies in the U.S., or has driven others offshore.

There’s no doubt, though, that Sarbanes-Oxley impacts the IT staff at publicly-held companies, with its emphasis on data integrity and information governance. IT departments directly support the financial processing and reporting of these companies, which fall within the scope of management’s increased responsibilities to ensure the security of internal controls under SOX.

Is your organization compliant with SOX standards?  Sherpa Software, leaders in information governance and eDiscovery, offers a variety of solutions that allow you to be proactive with your data for search purposes while saving costs and reducing exposure. To learn more, go to or call 1.800.255.5155.