| 1. |
Financial records Companies are required to maintain detailed financial records. |
| 2. |
Work papers It is now a felony with penalties of up to 10 years to willfully fail to maintain "all audit or review work papers" for at least five years. The U.S. Securities and Exchange Commission will establish a rule covering the retention of audit records, and the U.S. Public Accounting Oversight Board will issue standards that compel auditors to keep other documentation for seven years. |
| 3. |
Document destruction Destroying documents in a federal or bankruptcy investigation is considered a felony and can carry penalties of up to 20 years. |
| 4. |
Fraud discovery The statute of limitations for the discovery of fraud is extended to two years from the date of discovery and five years after the act. Previously it was one year from discovery and three years from the act. |
| 5. |
Securities fraud penalty Criminal penalties for securities fraud have been increased to 25 years. |
| 6. |
Certification of financial statements and reports by CEOs and CFOs Section 906 of the Act requires each public company's Chief Executive Officer (CEO) and Chief Financial Officer (CFO) to certify, on threat of severe criminal penalties, that periodic reports containing financial statements fully comply with securities laws. CEOs and CFOs found to have knowingly violated Section 906 will be punished with a fine of up to $1 million and imprisonment of up to 10 years. Willful false certification will be punishable by fines of up to $5 million and imprisonment of up to 20 years. |
| 7. |
Personal loans Personal loans to executive officers and company directors are banned. |
| 8. |
Reporting insider trading Accelerated reporting of insider trading is now required. |
| 9. |
Prohibited trading Insider trading is prohibited during pension fund blackouts. |
| 10. |
Disclosure CEO and CFO compensation and profits must be made public. |
| 11. |
Auditor independence Auditor independence is now specifically required. |
| 12. |
Internal auditing U.S. companies are required to have an internal audit function. This function must be certified by external auditors. |
| 13. |
Unrelated services Audit firms are banned from providing services to their clients unrelated to their audit work. |
| 14. |
Accountability In a nutshell, Sarbanes-Oxley holds CEOs and directors accountable and punishable by up to $5 million and 20 years in prison for the crimes of the company, even if they had no knowledge of those crimes. |
| 15. |
Protection for whistleblowers New provisions protect corporate whistleblowers. |
