SOX compliance requires solid reconciliations

The Sarbanes-Oxley Act of 2002 (SOX) is a fundamental piece of US legislation which introduces enhanced financial disclosure for publicly traded companies. It imposes standards for financial reporting to protect investors from false or misleading representation of companies’ financial conditions. Key provisions focus on corporate responsibility and accountability. Failures to achieve SOX compliance leads to heavy penalties and even criminal liability for C-level corporate management.

Key SOX compliance requirements concerning financial reporting adequacy

Public companies submit quarterly and annual financial reports with the US Securities and Exchange Commission (SEC). Financial statement are required to be prepared in accordance with the generally accepted accounting principles (GAAP). CEOs and CFOs certify with their signature that the information disclosed to investors and the general public is accurate and reveals all material circumstances.

In order for senior management to carry personal responsibility of the company’s reporting standard and practices, SOX mandates that internal controls are established and maintained. That involves a clear chain of responsibilities and streamlined reporting processes. Undoubtedly, the question of process and data auditability and the capacity to swiftly identify and correct compliance breaches is central.

The adequacy of internal controls on financial reporting is assessed in several directions:

Financial data integrity

Firstly, the overall integrity of input data about balance sheet transactions and reliability of reported account balances. Issuers must demonstrate uncompromised ability to record, process, summarize, and report financial data in a timely and accurate manner. Companies should follow recordkeeping practices and policies that safeguard against falsification, destruction and tempering with records. Retention periods for storing relevant types of business records apply, including for electronic communication.

Streamlined and audit-proof balance sheet account attestation

Secondly, the structure of the financial reporting process should be uniform, predictable, transparent, and time-bound. Management and auditors are required to adhere to well defined standards, methods and procedures for balance sheet account attestation. It should be evident at any time who, what, when and how should do in every step of the financial reporting. A sound and audit proof period-end process can produce trustworthy reporting outputs and take internal or internal validation tests of its consistency.

Segregation of duties and robust internal controls

Thirdly, the segregation of roles in preparing, reviewing, approving, and auditing the balance sheet accounts. Reporting quality heavily depends on multiple levels of checks and controls within the organization to prevent errors and inaccuracies, deliberate or accidental. The separation of duties should guarantee instant visibility on risk situations and clear escalation paths.

The coherence between data, processes, and roles in a SOX compliant financial reporting framework is well observed with ReconArt: account reconciliation and financial close management solution.

ReconArt features and benefits for streamlined balance sheet account reconciliations and SOX compliance

Reduced manual processing of period-end close data

Indeed, one of the main struggles for financial teams remains the error-prone manual processing. With ReconArt, balance sheet account data is delivered directly from the GL source into the reconciliation platform. Data imports are automated and scheduled with the preferred frequency. As a result, trial balance updates speed up to near real time  without human intervention and reset the approval cycle without delays.

Clear and consistent financial close process structure

As an alternative to informal institutional knowledge, formal period-end close process blueprints reside within the reconciliation platform. Configurable workflows, account certification schedules and task checklist form the process architecture. The reconciliation platform combines them together and coordinates every process step until completion. The automated workflows prescribes the certification protocol and prevents discretionary handling.

Best practices implemented and full transparency maintained

Generally, balance sheet account certification and attestation is performed on multiple approval levels. Account balances can be double-checked and verified by as many levels as the internal controls setup dictates. Enhanced visibility on the progress of account certification is particularly useful for both the account prepares tracking their daily tasks and higher management seeking real-time feedback and status reports.

Strict separation of duties and solid internal controls for SOX compliance

A SOX compliant reporting process should arrange for separation of duties and mutual control. In that respect, ReconArt support very granular access control aligned with the assumed role of the user – account Preparer, Reviewer, Approver, Auditor. The user rights to view or edit reconciliation data can be configured / restricted with regard to specific account or group of accounts, authorization to perform certain operations, etc.

End-to-end auditability supports SOX compliance

Every single system or user completed operations within ReconArt is recorded and time-stamped. Providing adequate clarifications during audits has been an inherent weakness in the pre-digital era. Now, however, all applied changes can be traced back and accounted for.

Central repository for supporting documentation

Clearly, supporting documentation should not be detached from the account, but often that is the case. In the secure digital environment of ReconArt, account balance substantiations are attached to the certified account. It can be notes, attachments, comments which provide context and evidence that a particular account has been carefully reviewed and its balance is duly verified to proceed to certification.

Link between account balances and transaction details made immediately visible

In ReconArt, transaction matching and account certification modules are connected, so the balances can be explained through the account movements forming them. Account balances can be drilled down to display underlying transactions. Therefore, making the account history immediately evident clearly justifies the validity of the final balances.

Data retention requirements for SOX compliance

Additionally, retention of records for legally mandated periods and their prompt retrieval for audit purposes is accommodated with ReconArt. The platform can archive historical data and store digitally signed-off reconciliation reports in the vault. Thus it serves as a central point of reference in the long run.

Data security

Data security is a central topic in demonstrating that financial data is well protected from unauthorized breaches and destruction events. Unlike analog processing and storage, digital environments provide multiple guarantees around access control, disaster recovery, and protection of the data integrity. ReconArt follows strict best practice guidelines and implement the latest technologies to make sure client’s data is safeguarded against all eventualities.

Accountants, auditors, and corporate officers often struggle with increasing regulatory burden and search for flexible solutions that can both install working financial reporting workflows and adapt to dynamic changes in the regulatory environment. The costs of staying compliant snowballs and the proper reconciliation and financial close technology can solve the most common challenges with attractive costs-benefits ratios. Although SOX regulations apply to public companies, best practice financial reporting is increasingly adopted by private companies as well. ReconArt caters for the evolving needs of both.