UK SOX? Navigating Great Britain’s Upcoming Regulatory Changes

January 9, 2024 · READ

In the wake of the collapse of prominent companies such as Carillion, BHS, and Patisserie Valerie, the UK found itself grappling with the need for heightened auditing and corporate governance standards. These high-profile failures, which resulted in considerable job losses, triggered a push for reform. However, the path to implementing these reforms has been met with resistance, particularly from the financial hub of London. Concerns have been raised about the potential impact on the UK’s competitiveness in the global market, especially in the post-Brexit era, where London vies with cities like New York for stock exchange listings.

As UK companies are on the cusp of a significant regulatory shift, the introduction of a new compliance framework inspired in part by the US Sarbanes–Oxley Act of 2002 is set to revolutionize financial reporting and accountability. Amidst ongoing revisions and uncertainties, the development of what has been tentatively called “UK SOX compliance” is both a challenge and an opportunity for many UK organizations. It’s a moment for them to bolster their financial practices and embrace a new era of transparency. Adding to the complexity, the government has indicated it will not advance legislation to replace the Financial Reporting Council (FRC) with a more powerful watchdog body — a key recommendation from the initial reviews aimed at improving auditing standards.

Also read: Developing a Top-Down, Risk-Based Approach to SOX

What is UK SOX compliance?

UK SOX compliance represents a fundamental change in the way UK companies handle financial reporting. Born from a need for stronger legal definitions in auditing after the review in 2019, UK SOX aims to enhance controls around financial reporting, including Internal Controls over Financial Reporting (ICFR), and increase accountability for senior figures. Targeting larger, private companies with over 750 employees and over £750 million in annual turnover, it’s a shift toward greater transparency and responsibility. Expected to be fully implemented in 2024, many organizations are currently in a state of anticipation and preparation as there are still logistical uncertainties.

The path to UK SOX compliance has been anything but straightforward. The FRC recently scaled back its ambitious overhaul of the UK Corporate Governance Code, which gave the regulatory framework the new nickname of “UK SOX-lite.” This retreat, partly in response to concerns over competitiveness post-Brexit, signifies a more cautious approach to corporate governance reform.

“When it comes to financial statements, there are certain controls to make sure that the information is accurate,” explains Kristina Demollari, Associate Product Manager of Internal Audit & Internal Controls at Resolver, “Internal auditors will then review the work performed by finance teams to ensure that the information is correct. Which, in theory, every company should do, whether they are public or private. However, there is a difference when you make your senior leadership sign on ICFR reports.” This requirement for senior leadership to attest to the accuracy of financial controls and statements, a key aspect of regulations like UK SOX, adds an additional layer of accountability and integrity to the corporate governance process.

Typical investors expect accurate and verified stock information, which is usually ensured by both external and internal auditors. In the US, stringent documentation is required for this process, involving detailed record-keeping and reviews by internal and external auditors. The UK initially aimed to adopt similar practices, but recent developments suggest a shift. The FRC now plans to introduce less rigid requirements in January 2024, indicating a move towards a lighter regulatory approach compared to the original, more comprehensive plan.

The FRC has stated that over half of the original reform proposals for the code, particularly those related to audit committees’ roles in environmental and social governance and diversity provisions, will not be pursued. Support for these revisions highlights the need to balance governance standards without excessively burdening UK companies in comparison to their international counterparts.

Various graphs in a text image highlighting risk management reporting

When is SOX coming to the UK?

The FRC’s revised approach aims for a balance between robust governance and business agility. While the original plan mirrored the US Sarbanes-Oxley Act’s stringent controls, the current trajectory favors a less intrusive, more UK-centric regime.

The rollout of UK SOX compliance is a phased process. In Spring 2023, the Audit, Reporting, and Governance Authority (ARGA) took over from the Financial Reporting Council (FRC), indicating a move towards stricter enforcement.

By late 2023, the final version of UK SOX legislation was expected to be agreed upon. The full effect of UK SOX compliance is anticipated by late 2024, considering the time required to finalize and implement the legislation, as well as a grace period similar to the one seen in the US.

What you can do to prepare for UK SOX standards

The primary goal of UK SOX-equivalent is to enhance audit controls, increase shareholder transparency, ensure accurate reporting, identify risks earlier, and prevent fraud. To prepare for UK SOX, finance leaders should focus on:

  • Keeping detailed financial records, tracking all transactions.
  • Implementing strong checks and balances to prevent mistakes or fraud.
  • Beginning to operate like a public company, even before these practices become mandatory.

Demollari emphasizes the importance of preparation and adaptability, suggesting, “We just need to accept that there is a lot of ambiguity with it,” adding that, “Companies were thinking to invest in a more detailed solution. Some already did, but now, with these ambiguities, many don’t know what to do.”

While we wait for some clarity on the implementation of UK SOX, there are still ways companies can prepare themselves:

  • Embrace the ambiguity: With the final form of UK SOX still in flux, companies should adopt a flexible mindset. One way to ensure your preparedness is by investing in audit and compliance management software that will adapt to changing rules and regulations once enforced.
  • Focus on internal controls: Despite the dilution of the initial proposals, the emphasis on internal controls remains. Organizations must start strengthening their internal financial reporting mechanisms to truly be prepared for what’s to come.
  • Prepare for a targeted and proportionate change: Companies in the UK should anticipate changes that are significant but not as far-reaching as the US model. This means gearing up for a rigorous yet adaptable system to the unique UK business environment.
  • Stay informed and adaptable: Regularly review updates from the FRC and stay attuned to industry insights. Being proactive in understanding the evolving landscape will be crucial. According to Demollari, doing so with software “gives a clear idea of what the high-level procedures that need to be followed in terms of internal controls for financial reporting are.”

Internal audit screenshot collage

Master the unknown: Gain confidence with Resolver

The journey towards UK SOX compliance may be riddled with complexities and uncertainty, but it presents an opportunity for companies to reinforce their financial integrity and investor trust. As businesses navigate these changes, staying informed, adaptable, and proactive will be key to not just compliance, but also to thriving in this new era of corporate governance.

As UK companies navigate the new rules for corporate governance, they stand at the forefront of a transformative period that goes beyond compliance challenges to reveal opportunities. Firms that tackle this change proactively will reinforce their financial robustness and enhance their trustworthiness in the market. Embracing this change with informed strategies and adaptable practices will be key to thriving in the new regulatory environment.

Ready to streamline your compliance process in the ambiguities of UK SOX? Discover how Resolver’s Compliance Management software can empower your organization. Our intuitive platform simplifies documentation, enhances internal audit processes, and ensures your financial reporting meets the latest standards with ease. Don’t let upcoming regulatory changes slow you down. Click here to get a thorough walkthrough of Resolver’s Compliance Management software and take the first step towards seamless, efficient compliance!

Table Of Contents

    Request a Demo

    I'd like to learn more about
    • I'd like to learn more about
    • Enterprise Risk Management
    • Incident Management
    • IT Risk
    • IT Compliance
    • Investigations Management
    • Security Operations Management
    • Compliance
    • Security Audit
    • Loss Prevention
    • Brand Protection
    • ESRM
    • Internal Audit
    • Internal Control (SOX)
    • Third Party Risk Management
    • Threat Assessment

    I agree to receive promotional email messages from Resolver Inc about its products and services. I understand I can unsubscribe at any time.

    By submitting this form you agree to Resolver's Terms Of Service and Privacy Policy.