United States of America federal government Sarbanes-Oxley Law was established to enhance the precision and dependability to eventually safeguard shareholders. The Act was signed into law on July 30, 2002. soxlaw.com (2006) The role of the internal audit function has become significantly more important since the enactment of the Sarbanes-Oxley Act (SOX). Based on requirements contained in SOX, the New York Stock Exchange (NYSE) adopted rule that require all companies listed on this exchange to maintain an internal audit function to provide management and the audit committee ongoing assessments of the company’s risk management processes and system of internal control.12 Furthermore, the audit committee members require the chief audit executive in the firm to meet on a regular basis with the committee to discuss any matters that the committee or the internal audit function believes should be discussed privately. Bagranoff, N. A., Simkin, M. G., & Strand, C. S. (2008, p.256).
Sarbanes-Oxley Act affects the Internal Control
Public banks like Bank of America report under FDICIA and SOX. Requirements are extensive and costly under SOX, as has reported profitability. The FDICIA requires that the audit committee be composed of directors who are independent of management. The committee’s mandate includes reviewing the bank’s financial and internal control reports with the bank’s management and external auditors. When a bank has more than $3 billion in assets, FDICIA also requires it to: 1) have at least one member of the audit committee with banking or related financial expertise; 2) have an audit committee with members that have access to their own outside counsel; and 3) exclude any large bank clients from committee membership. Carl Borgia and Philip H. Siegel, (2008)
SOX are different from FDICIA policies by increasing and defining its requirements. For example, SOX requires each public company to have an audit committee composed entirely of independent directors with outside counsel, not just access to outside counsel. An additional stipulation is that the audit committee must not only have a financial expert, but it must also disclose annually whether one or more financial experts are represented on the committee. Management’s responsibilities under SOX are similar to those required under FDICIA. Like FDICIA, SOX requires that management file a report acknowledging its responsibility for preparing the company’s financial statements, and evaluating the effectiveness of financial reporting controls as of year-end. SOX management reports include an evaluation of the maintenance of controls for financial reporting. In effect, this requires a complete audit of internal controls, which significantly increases auditors’ time and other costs involved in examining these controls. Auditing Controls
Bank of America focuses on specific security and control procedures that organizations use to ensure that their resources are used in the most effective and efficient way possible. Mainframe and enterprise systems via laptops offer employees mobility so they can work at any location; and handheld, wireless devices have the capacity to transfer all sorts of data no matter where we go. Connectivity security protects sensitive data and information that is stored or transferred from one device to another. Bank of America implements the appropriate security and control procedures in place. The goal is to obtain a reasonable level of assurance. Bagranoff, N. A., Simkin, M. G., & Strand, C. S. (2008, p.268). Internal control procedures that can help them prevent fraud and abuse. Auditor reporting requirements for FDICIA requires management’s