Management 302 – White Paper Professor Jordi Comas May 7, 2015 Author: Greg Wasikowski Do the Benefits of The Sarbanes-Oxley Act of 2002 Outweigh its Many Costs? 1 Table of Contents Title Page…………………………………………………………………………………………1 Table of Contents………………………………………………………………………………....2 Executive Summary………………………………………………………………………………3 History and Background of SOX…………………………………………………………………3 What is SOX? ………………………………………………………………………………4 Effectiveness of SOX……………………………………………………………………………4 Section 404………………………………………………………………………………6 Other Consequences of SOX Section 404………………………………………………10 Recommendations…………………………………………………………………………11 Concluding Thoughts…………………………………………………………………………15 References………………………………………………………………………………17 2 Executive Summary There is a general pattern seen in the world of finance: giant corporate fraud or scandal, resulting government investigation that inevitably is unable to prosecute those responsible, followed by lengthy governmental legislation attempting to prevent the fraud/scandal from ever happening again. In the early 2000’s this pattern played out in the form of multiple scandals such as Enron and WorldCom with resulting legislation in the form of the Sarbanes-Oxley Act of 2002. SOX is said to be the most sweeping piece of legislature regarding financial reform since FDR’s Securities Act of 1933 and Securities Exchange Act of 1934. It attempted to restore confidence and transparency to companies’ financial statements and therefor the market as a whole. SOX was for the most part able to accomplish this goal, but not without substantial costs to public companies and the market. Compliance costs were grossly underestimated by Congress and the regulatory agencies leaving public companies with no choice but to take the hit. Additionally, there have been substantial declines in the United States’ competitive edge in the global capital markets. This report is concluded with three suggestions to help accomplish several goals of SOX that have not yet been achieved as well as an overall answer to the question of whether or not the costs of SOX outweigh its benefits. History and Background of SOX The later years of the 20th century brought an increased amount of fraud to public financial markets such as the Enron, Tyco, and Adelphia scandals. Congress wanted to respond but was segregated on the issue between different political parties, lobbyists, interest groups, etc. After WorldCom went bankrupt, it was clear that despite Congress’ mixed position on the topic, immediate action against corporate fraud needed to be taken. The Sarbanes-Oxley Act (SOX) was passed in 2002. SOX is considered by some to be the most widespread piece of legislature regarding financial reform since FDR was in office during the Great Depression. On the other hand, many argue SOX was constructed too rapidly and therefor has some unintended negative side effects. These negative side effects include sizeable compliance costs as well as potential adverse effects on the capital markets. This report attempts to weigh the effectiveness of SOX in reestablishing trust in financial markets versus its outlandish compliance costs and opposing effects on the capital markets. 3 The report will also look to the future in discussing what could and should be done in order to further accomplish the goals in which SOX was meant to achieve. What is SOX? “[SOX] introduces sweeping changes to corporate governance and corporate responsibility for financial reporting and financial controls for most corporations that must register with the Securities and Exchange Commission (SEC),” (Berkowitz). The Act created a regulatory agency for the accounting industry called the Public Company Accounting Oversight Board (PCAOB). It also placed requirements for companies’ corporate executives to validate the accuracy and integrity of financial statements as well as to disclose any fraud within the company, whether it is material or not. Failure for corporate executives to comply with these requirements could result in criminal penalty. The overall encompassing goal of SOX was to reestablish trust in the financial markets. In order to accomplish this, the legislature set out to accomplish the following: to establish new corporate accountability and responsibilities, to enhance the accuracy and validity of financial statements and disclosures, to decrease white-collar corporate fraud, to establish auditor independence, and to greatly improve internal controls (Berkowitz). There is a great deal of debate about whether or not SOX has been able to accomplish these goals. Many professionals agree that SOX has been able to recapture investors’ trust in financial markets, but at an exorbitant cost to public companies. Section 404 of the Act in particular created a major pushback from public companies due to its massive compliance costs. A more detailed analysis of Section 404 will come later in the report. Generally, many professionals question if the benefits of SOX outweigh its costs? Effectiveness of SOX There are mixed results with respect to the effectiveness of SOX. A 2008 study looks at the reactions of stock prices in response to the effects that SOX-related legislative activities had on earnings management. The authors found that there was a significant positive relationship between SOX legislation and earnings management and therefor stock returns (Li, H., Pincus, M., & Rego, S.). This suggests despite the additional costs SOX brings upon companies, the increased accuracy and 4 reliability in their financial statements has drastically increased investor sentiment, and thus has had an overall positive effect on the market. Another study conducted just a few years after SOX was enacted also suggests the benefits of the Act greatly outweigh the obligatory compliance costs. This study found that companies with better pre-SOX corporate governance structures were benefitted much more in the post-SOX era than companies with weaker pre-SOX corporate governance structures (Rezaee, Zabihollah and Jain, Pankaj K). This makes sense considering companies with disheveled corporate governance structures would have to spend more in order to comply with SOX’s standards. SOX’s establishing of the PCAOB has generally been viewed as a positive addition to the accounting industry, but there even opposing views on this topic. “Sarbanes-Oxley’s establishment of the PCAOB, which ended more than 100 years of self-regulation at the federal level by the public company audit profession, is perhaps the most fundamental change made by SOX,” (EY). It comes as no surprise that industry-wide self-regulation can lead to conflicts of interests and corporate fraud. The PCAOB removes this threat. In a 2005 New York Times article, Jonathan Glater provides opposing views: “Beyond the costs of assessing their internal controls, executives focused on a few specific concerns. Auditors, they said, were too conservative - requiring disclosure of everything, testing controls that could not have a material effect on financial reports,” (Glater). Glater goes on to say that the reasoning behind this was because the auditors did not want to be bothered by outsiders such as lawyers and regulators trying to dissect the auditors’ work. Overall, the general opinions regarding the effectiveness of SOX in accomplishing its goals are positive; however, there are mixed results in seemingly every aspect of the Act. The complex nature of the areas of business in which SOX aims to fix make it incredibly difficult and many times impossible to quantify results and changes directly attributable to SOX. For this reason, the true effectiveness of SOX comes down to an educated opinion. 5 Section 404 One aspect of SOX can be proven: the increase in compliance costs directly attributable to Section 404 of SOX. Section 404 is brief but overwhelming. It focuses on the internal controls of the company. Figure 1 seen below displays in full Section 404 of the Sarbanes-Oxley Act. Figure 1 (SARBANES-OXLEY ACT OF 2002) In summation, Section 404 requires companies to provide an internal controls report with their annual financial report. Both management and the external auditing firm must assess the effectiveness of internal controls by performing a top-down risk assessment. Section 404 essentially hands responsibility to management for both establishing and maintaining a system of internal controls concerning their financial statements (SARBANES-OXLEY ACT OF 2002). It is not much of a surprise to see that these requirements have improved internal controls within companies. Not only did investors return to the market after these requirements were enacted, but improvements in company controls are still being seen over ten years after the passing of the Act. Protiviti released a report in May, 2014 about companies’ abilities to keep pace with SOX compliance. They asked a group of public companies, “How has internal control over financial 6 reporting structures changed since SOX was required for your organization?” The results can be seen below in Figure 2. Figure 2 (Protiviti) The results speak for themselves. 2012 marks the ten year anniversary of the passing of SOX. 2014 marks the ten year anniversary for when the legislature actually took effect. It is remarkable that companies are still seeing significant improvement to their internal controls over ten years later. While Section 404 of SOX has proven to improve the internal controls of companies, it has not come without significant cost. “For example, while the SEC initially estimated the cost to comply with Section 404 to be about $91,000 per company or $1.24 billion in the aggregate, multiple studies pegged the actual compliance cost at $35 billion, which is, of course, nearly 30 times the original estimate. But let's put this in perspective: Section 404 is only 168 words long, and if you use the $35 billion figure, that is almost $21 million per word, and that is just the initial startup cost,” (THE SARBANES-OXLEY ACT 4 YEARS LATER: WHAT HAVE WE LEARNED?) Costs around the industry have increased, but they were primarily fixed costs. This means that smaller companies were hit much harder than larger ones. “As a percentage of revenue, smaller issuers in 2004 spent 11 times more on the Sarbanes-Oxley implementation than did larger companies. Micro-cap companies, with revenues under $100 million, saw an 84 percent increase in outside audit fees as a result of the law. Small cap companies with revenues between $100 million and $700 million saw a 92 percent increase in audit fees. And S&P 500 companies saw an increase of 55 percent in their audit fees,” (THE SARBANES-OXLEY ACT 4 YEARS LATER: WHAT HAVE WE 7 LEARNED?). The definition of small, medium, and large companies can differ, but the point remains the same. Smaller companies do not have the resources to keep up with these exorbitant costs. Additionally, because of the stiff criminal penalty implications, SOX compliance must be a top priority; especially for smaller companies. SOX compliance ends up monopolizing both costs and the attention of management. In 2007, the SEC and PCAOB responded to these criticisms. As a result, they relaxed the standards so as to reduce the total costs of SOX compliance; especially with respect to Section 404. They also issued guidance for management for constructing risk-based top-down evaluation of internal controls over financial reporting. These actions aimed at drastically decreasing costs for companies with market caps between $75-250 million. A 2011 study performed by the SEC determined that, with respect to an issuer’s internal control over financial reporting (ICFR), these actions did decrease compliance costs for targeted companies. The following information was concluded by the 2011 SEC study: “The costs of Section 404(b) have declined since the Commission first implemented the requirements of Section 404, particularly in response to the 2007 reforms; Investors generally view the auditor‘s attestation on ICFR as beneficial; Financial reporting is more reliable when the auditor is involved with ICFR assessments; and There is not conclusive evidence linking the requirements of Section 404(b) to listing decisions of the studied range of issuers,” (Study and Recommendations, SEC). Additional reformation to Section 404 was carried out in 2010 with the Dodd-Frank and Consumer Protection Acts. These acts were in response to the 2008 financial crisis but they still made small additional provisions to SOX. These Acts effectively exempted micro-cap companies (less than $75 million dollar market cap) from Section 404(b). This came into effect even though these companies technically were never required by the SEC to comply with Section 404(b) (Nicholls). In 2012, the Jumpstart Our Business Startups (JOBS) Act exempted all companies defined as emerging growth companies from Section 404(b). Emerging growth companies are companies with total gross annual revenue of less than $1 billion (Nicholls). However, Figure 3 from the 2014 Protiviti study shows that SOX compliance costs have increased in recent years. Perhaps even more worrisome, Figure 4 shows that the rate at which compliance costs are rising is also increasing. This could be as a result of SEC attention shifting away from the financial crisis and back onto fraud and corporate governance. 8 Figure 3 Figure 4 (Protiviti) Overall, it is clear that when compliance costs were too high, the SEC and PCAOB took action in order to decrease costs for targeted companies. It very well be time for these agencies to step in again because it is also clear that compliance costs are once again on the rise. 9 Other Consequences of SOX Section 404 One of the unintended consequences of SOX is the decline in cross-listing from foreign companies. Cross-listing is when a non-American based public company “goes public” in one of the major American stock exchanges. The most recent and prominent example was Alibaba. Since the inception of SOX, there has been a dramatic decline of cross-listings in the American financial markets. By not cross-listing foreign companies are able to save on massive SOX compliance costs as well as to avoid the American legal system (Nicholls). “Cross-listing activity in the U.S. by foreign companies for non-capital raising purposes remained low. Activity through the third quarter of 2014 suggests only 3 foreign companies will cross-list in the U.S. this year for purposes other than capital raising (such as bonding to US standards), fewer than in any year since 2008, and well below the historical average of 17 cross-listings per year,” (Scott, H.). This evidence proves cross-listing activity to be low, and it does not appear that will change any time soon. Additionally, United States global share of IPO’s sits at just 9% compared to its historical average of 26.8% from 1996-2007 (Scott, H.). This is further evidence that foreign companies are avoiding U.S. equity markets. The significant drop-off in the years following SOX are no coincidence. Instead, “Foreign companies that did raise equity capital in the United States through the third quarter of 2014 did so overwhelmingly via private rather than public markets. Approximately 84% of initial offerings of foreign equity in the United States were conducted through private Rule 144A offerings rather than public offerings. This measure of aversion to U.S. public equity markets stands significantly higher than the historical average of 66.1% (1996-2007),” (Scott, H.). Foreign company aversion from American equity markets makes them uncompetitive and weak. Another unintended consequence of SOX is the increased number of “going-private” transactions. A study performed a few years after SOX was enacted attempted to prove SOX was the cause of the increased going-private transactions. The study sampled 470 going-private transactions from 1998 to 2005. The data shows a notable increase in firms performing goingprivate transactions after the enactment of SOX. For example, 243 firms went private in the 33 months after SOX was implemented compared to 159 in the 34 months before SOX. Furthermore the study goes on to determine that the majority of firms that decided to go private after the 10 installation of SOX were relatively small (Engel, E., Hayes, R., & Wang, X.). This makes sense when considering the arguments made earlier about smaller companies being more affected by SOX compliant costs. Even though the years following SOX were favorable in the equity markets, because of the outlandish costs of SOX compliance, many companies still decided going-private was the best business decision. These negative side effects of SOX drastically decrease the competitiveness of American equity markets. This brings up the question of should regulators relax standards in order to bring back foreign investment and decrease going-private transactions? The United States has lost much of its edge in the global market, and this is largely due to the enactment of SOX; especially Section 404. However it is also clear that SOX and Section 404 in particular have greatly benefitted the market in the form of better internal controls and more reliable and transparent financial statements. Perhaps the best long-term approach is to secure a steadfast market in which investors from all countries can have confidence investing their money. Recommendations After digesting the information provided in this report, I have three recommendations that would benefit investors, companies, auditing firms, regulators, and the overall market as a whole. 1) There should be a higher concentration of catching fraud at the upper management level; something SOX does not necessarily protect against. 2) Simultaneously promote and protect whistleblowing. 3) Require a firm’s auditor to provide solely auditing business as to avoid conflicts of interest. In today’s market, there is an incredible amount of pressure for short-term results. Managers are pressured to make decisions that benefit the short-term bottom line rather than preserve longterm sustainable growth. In extreme cases, these same pressures can motivate managers to commit fraud. The majority of fraud stems from unethical management rather than poor internal controls. Neither SOX nor other reform can prevent unethical, greedy behavior of managers. The only possible solution is to place a higher concentration on “snuffing out” corporate misconduct at the managerial level. Improvements to internal controls are beneficial for the company’s operations as well as its financial statements, but it barely inhibits fraud in the slightest. Figure 5 shows that in recent years only 1% of fraud was initially detected as a result of internal controls. Improvements to internal controls contribute to the validity of a company’s financial statements, but if there is still 11 fraud in the market, even perfect internal controls would not make a difference. There needs to be a higher concentration on stopping fraud at the upper management level. Figure 5 (Detection) My second recommendation is to both promote and protect whistleblowing. Figure 5 shows that the most prominent way fraud is initially detected is by “tips.” Tips substantially outweigh other categories when it comes to stopping fraud. Whistleblowing is difficult because it often comes with the possibility of personal career damage. In her article, Courtenay Thompson explains, “The likelihood of career damage varies depending on the perpetrator and the nature of the fraud. For example, career damage is rare when the fraud is perpetrated by clerical employees. It is most likely to occur to auditors who surface fraud by executives and top performers, fraud for the benefit of the organization, and fraudulent financial reporting,” (Thompson, C.). 12 Section 806 of SOX is commonly referred to as the whistleblower provision. “[Section 806] provides protection to employees against retaliation by certain persons covered under the Act for engaging in specified protected activity…The whistleblower provision is intended to protect employees who report fraudulent activity and violations of Securities Exchange Commission (SEC) rules and regulations that can harm innocent investors in publicly traded companies,” (OSHA). The Dodd—Frank Act went on to reform Section 806 of SOX to increase awareness for specific whistleblower protocol. “Sarbanes-Oxley's whistleblower provision, as amended by Dodd-Frank, includes procedures that allow a covered employee to file a complaint with the Secretary of Labor not later than 180 days after the alleged retaliation or after the employee learns of the alleged retaliation…Accordingly, upon receipt of the complaint, the Secretary must provide written notice to the person or persons named in the complaint alleged to have violated the Act (respondent) of the filing of the complaint, the allegations contained in the complaint, the substance of the evidence supporting the complaint, and the rights afforded the respondent throughout the investigation. The Secretary must then, within 60 days of receipt of the complaint, afford the respondent an opportunity to submit a response and meet with the investigator to present statements from witnesses, and conduct an investigation,” (OSHA). The reforms made by the Dodd-Frank Act are consistent with whistleblowing policies in many other areas of appropriate legislature. I recommend that the SEC, PCAOB, and any other pertinent regulating agencies should place an even higher concentration on whistleblowing. Nearly half of all fraud is initially detected from tips. This information should be embraced by regulatory agencies. It is very possible that even more fraud could be detected if additional protections were offered to whistleblowers. I am not simply promoting a “tattle-tale”, but it is very clear that this is an important way to uncover fraud and therefor establish more trust and reliability in the financial markets. My third suggestion is to require auditing firms to provide solely auditing business to their clients. One of the main goals of SOX is to establish auditor independence, yet it does not require CPA firms to stop providing non-audit-related business to clients. For example, hypothetical accounting firm, ABC Incorporated, provides both audit-related and non-audit related business to retail firm, XYZ Co. XYZ pays ABC to help them with their internal controls; typical consulting work that is very popular in the accounting industry. ABC implements their most effective internal 13 controls system in XYZ. XYZ is so satisfied with ABC’s work that they then hire ABC to help them with their tax matters. Again, ABC is paid to give advice to and help XYZ. XYZ’s fiscal year ends so it is time to hire an auditing company to review their financial statements and to initiate a top-down risk-assessment of internal controls with regard to financial statements in order to comply with Section 404 of SOX. XYZ hires ABC. When ABC performs the internal controls assessment, they are essentially grading their own work. Why would ABC find any problems with internal controls when they installed them in the first place? Why would ABC criticize XYZ’s tax framework when ABC was paid to install it into XYZ’s business? Unfortunately, it is not difficult to imagine how conflicts of interest arise in these types of situations. This was a hypothetical example but it represents very real, and in some cases common state of affairs. Those who oppose the claims of conflicts of interest argue that as long as managers make the final decision, which they do, then a conflict does not arise; thus auditing companies should not be prohibited from selling their non-auditing services to audit clients. A New York Times article quotes an anonymous executive at a Big 4 accounting firm in saying, “You can go in and you can make an assessment as part of your audit, which is what auditors do, and you can make recommendations for changes, which is typically what auditors do, but you can't go in and step into management's shoes and decide what to adopt and then implement it,'' (Glater) Essentially this representative is saying it is not auditor independence that matters, rather management independence is what prevents conflicts of interest. On the other hand, many companies and audit firms are not comfortable with the idea of CPA firms selling their non-audit business to audit firms. For example, Apple has a policy to review their auditing firm every five years. In 2009, they hired Ernst & Young in place of KPMG who had been their auditor for the previous 12 years. The decision reportedly came in the absence of any disagreements between Apple and KMPG over Apple’s financial statements (Beattie, E.). In other words, it was just time. Another example is Grant Thornton, the sixth largest CPA firm in America, said, “it will not help clients design internal controls, put them in place or provide internal control software to companies it audits,” (Glater). A potential solution to this problem that has been proposed is a rotational program among major auditing firms. This would require companies to rotate their auditors every few years. This would definitely decrease the chances of conflicts of interest, but this proposed solution has been criticized for being too conservative. The problem with this idea is that it drastically reduces auditing 14 firms’ access to information. It inhibits external auditors from detecting fraud. Auditing, assessing, and learning a new company is an incredibly daunting and information-heavy task. This is a main reason why many major companies keep their auditors for long periods of time. Once the auditors “know” their clients, business operations are conducted much more smoothly, and auditors are better able to detect problems and fraud within their companies. For these reasons I believe my suggestion of disallowing CPA firms from selling non-audit services to audit clients is the better solution. Not only would my suggestion lower the chances of conflicts of interest, but CPA firms would most likely not even see a decrease in their non-auditing services. The demand for non-audit services would not be changing; it would merely be rearranging the layout of the market. Concluding Thoughts The beginning of the 21st century called for major reform. Series of fraud caused investors to lose faith in the validity of financial statements and the market as a whole. The Sarbanes-Oxley Act of 2002 was that major reform. The authors of SOX ultimately sought to reinstall confidence and transparency in the market by establishing new corporate accountability and responsibilities, enhancing the accuracy and validity of financial statements, decreasing white-collar corporate fraud, establishing auditor independence, and improving internal controls. While this report proves that in many cases, the effectiveness of SOX is a matter of opinion, the general perception is that SOX succeeded in establishing new corporate accountability and responsibility, enhancing the accuracy and validity of financial statements, and improving internal controls. Unfortunately these great steps in financial reform came at substantial costs to public companies; especially smaller companies. Eventual reform to SOX lessened the burden placed on smaller companies when complying with SOX Section 404 regulations, but as the data from this report shows, SOX compliance costs are once again on the rise. This report also shows that there are many unintended negative consequences of SOX. Cross-listing from foreign companies has declined significantly since its inception. Foreign companies do not want to actively expose themselves to the outrageous Section 404 compliance costs. In addition, there has been an increase in domestic companies deciding to go private and 15 remove themselves from major American Exchanges. The combination of these two residual effects leave the American capital markets at a weaker and less competitive position than in the pre-SOX era. The goals of decreasing white-collar fraud and establishing auditor independence have not yet been accomplished. I believe the three recommendations I provided in this report would significantly contribute towards achieving those goals. Fraud will always exist in the corporate world, but there are better ways to attack it than SOX provides. There should be a higher concentration on catching unethical behavior at the upper management level. Over 40% of fraud is initially detected from tips. This fact needs to be embraced and encouraged by regulators. Further protection and concentration needs to be placed on whistleblowing. SOX claims to establish auditor independence, but this is not possible when CPA firms can sell non-audit services to their audit clients. This undoubtedly presents many instances of conflicts of interest. A commonly proposed solution of installing a rotational program among audit firms does establish auditor independence; however, it also drastically reduces auditors’ access to information. My suggestion is to disallow audit companies from selling non-audit services to audit clients; not to disallow non-audit services altogether. Do the benefits of SOX outweigh its costs? While the costs of SOX compliance are excessive, especially Section 404 compliance, the restoration of confidence and trust in the market coupled with improvements to companies’ internal controls justify them. Capital markets cannot operate without public trust. Sweeping legislation was not only necessary but most likely overdue. With respect to the U.S. equity market, increased corporate costs and losses in global competitive edge were necessary steps towards restoring investor confidence; although there is still work to be done. Auditor independence is currently more of an idea than a legitimate result of SOX. I challenge regulators to fix this problem before an inevitable conflict of interest arises at the expense of innocent investors. With that being said, fraud cannot be exterminated, but improvements in catching fraudulent behavior are definitely possible. The Sarbanes-Oxley Act of 2002 was a necessary and beneficial piece of legislation, but there are additional actions that need to be taken in order to fully accomplish its goals. 16 References Beattie, E. (2009, March 2). E&Y replaces KPMG as Apple's auditor. Retrieved May 7, 2015, from https://www.accountancylive.com/ey-replaces-kpmg-apples-auditor Berkowitz, S. (2003, October). Sarbanes-Oxley Introduces Sweeping Reforms. Retrieved May 7, 2015, from https://www.ncmahq.org/files/Articles/5C3B8_CM_Oct03_p62.pdf Detection. (2014). Retrieved May 7, 2015, from http://www.acfe.com/rttn-detection.aspx Engel, E., Hayes, R., & Wang, X. (2007). The Sarbanes–Oxley Act and firms’ going-private decisions. Journal of Accounting and Economics, 44(1-2), 116-145. doi:10.1016/j.jacceco.2006.07.002 EY. (2012). The Sarbanes-Oxley Act at 10: Enhancing the reliability of financial reporting and audit quality. Retrieved May 7, 2015, from http://www.ey.com/Publication/vwLUAssets/The_Sarbanes-Oxley_Act_at_10__Enhancing_the_reliability_of_financial_reporting_and_audit_quality/$FILE/JJ0003.pdf Glater, J. (2003, September 22). Worry Over a New Conflict for Accounting Firms. Retrieved May 7, 2015, from http://www.nytimes.com/2003/09/23/business/worry-over-a-new-conflict-foraccounting-firms.html Li, H., Pincus, M., & Rego, S. (2008). Market Reaction to Events Surrounding the SarbanesâOxley Act of 2002 and Earnings Management. The Journal of Law and Economics, 51(1), 111-134. Retrieved May 7, 2015, from http://econpapers.repec.org/article/ucpjlawec/v_3a51_3ay_3a2008_3ai_3a1_3ap_3a111134.htm Nicholls, C. (2014, June 10). Is the Sarbanes-Oxley Act Working? Retrieved May 7, 2015, from http://insurancenewsnet.com/oarticle/2014/06/10/is-the-sarbanes-oxley-act-working-a516096.html#.VUumqvlVikq Procedures for the Handling of Retaliation Complaints Under Section 806 of the Sarbanes-Oxley Act of 2002, as Amended. Occupational Safety and Health Administration. DEPARTMENT OF LABOR. [Federal Register Volume 80, Number 43 (Thursday, March 5, 2015)][Rules and Regulations][Pages 11865-11885]. 17 https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=FEDERAL_REGISTER&p _id=24992 Protiviti. (2014). Keeping Pace With SOX Comliance: COSO, Costs and the PCAOB. Retrieved May 7, 2015, from http://www.protiviti.com/en-US/Documents/Surveys/2014-SOX-Compliance-SurveyProtiviti.pdf PUBLIC LAW 107–204—JULY 30, 2002 116 STAT. 745. 107th Congress. ‘‘SarbanesOxley Act of 2002’’. http://www.sec.gov/about/laws/soa2002.pdf Rezaee, Zabihollah and Jain, Pankaj K., The Sarbanes-Oxley Act of 2002 and Security Market Behavior: Early Evidence (May 2005). Available at SSRN: http://ssrn.com/abstract=498083 SARBANES-OXLEY ACT OF 2002. http://legcounsel.house.gov/Comps/Sarbanesoxley%20Act%20Of%202002.pdf Scott, H. (2014, November 26). Third Quarter of 2014 Shows Continuing Competitive Weakness in U.S. Capital Markets - Committee on Capital Markets Regulation. Retrieved May 7, 2015, from http://capmktsreg.org/news/third-quarter-2014-shows-continuing-competitive-weakness-u-scapital-markets/ Study and Recommendations on Section 404(b) of the Sarbanes-Oxley Act of 2002 For Issuers With Public Float Between $75 and $250 Million. Staff of the Office of the Chief Accountant of the U.S. Securities and Exchange Commission. April 2011. http://www.sec.gov/news/studies/2011/404bfloat-study.pdf THE SARBANES-OXLEY ACT 4 YEARS LATER: WHAT HAVE WE LEARNED? (2006, April 5). Retrieved May 7, 2015, from http://www.gpo.gov/fdsys/pkg/CHRG-109hhrg30899/html/CHRG109hhrg30899.htm Thompson, C. (2004, December 1). Don't shoot the messenger: Auditors sometimes must weigh doing the right thing against keeping their job. Will Sarbanes-Oxley put an end to this dilemma? - Vol. 61 Nbr. 6, December 2004 - Internal Auditor - Books and Journals - VLEX 56644626. Retrieved May 7, 2015, from http://law-journals-books.vlex.com/vid/shoot-messenger-weigh-sarbanesoxley-56644626 18 Zhang, I. (2007). Economic consequences of the Sarbanes–Oxley Act of 2002. Journal of Accounting and Economics, 44(1-2), 74-115. doi:10.1016/j.jacceco.2007.02.002 19