- Corporate Security Teams
- Risk & Compliance Teams
- Information Security Teams
Governance, Risk and Compliance
By Resolver Modified September 20, 2021
The Sarbanes-Oxley Act (SOX), passed in 2002, changed how many companies in the United States reported their financial standings. The new approach greatly benefited shareholders and stock investors by bolstering transparency in fiscal reporting. Many other countries responded by creating their own versions of SOX.
For example, on April 7, 2003, the Canadian government passed Bill 198, which essentially accomplishes the same thing as SOX – in fact, it’s frequently referred to as the Canadian SOX (C-SOX). This bill came out as a result of corporate scandals that shook investor confidence. It increased scrutiny of corporate governance amid growing concern about auditor independence and the disclosure of internal controls over financial reporting, a Pricewaterhouse Coopers report notes. The Provincial Government of Ontario introduced the bill in a piece of legislation called “Keeping the Promise for a Strong Economy Act,” and it was approved on December 9, 2002. In reality, the bill dealt broadly with a number of different government operation procedures and only a small part dealt with financial reporting.
Shortly after the bill was passed, Canadian securities commissions issued three additional regulations for companies and auditors to talk about:
This bill requires securities issuers to use the services of auditors who participate in the Canadian Public Accountability Board’s independent oversight program.
Under this regulation, chief executive officers and chief financial officers would need to verify their filings (both annual and interim) are accurate representations of their company’s current financial status. MI 52-109 is similar to basic components of SOX 404 and requires companies to disclose policy and develop procedures for collection, capturing, evaluation and disclosing information.
Finally, this bill regulates the role of audit committees in any business or organization that issues securities
Canadian businesses must comply with C-SOX. Much like the American SOX Act, Bill 198 requires companies both big and small to spend a great deal of money on compliance with the legislation. That being said, there are certain steps they can take to help them develop procedures and policies necessary for meeting the stipulations of the bill.
“Well-designed, documented and monitored disclosure controls and procedures and internal controls over financial reports, including all relevant policies, procedures and operating principles at significant locations” are necessities, the PwC report notes. PwC also advocates an internal control infrastructure that “facilitates communication, reporting, training, incident identification and issues management, enables ongoing monitoring of the system of internal control and completion of applicable control procedures and ultimately provides management with confidence that internal control structure is effective and can be evaluated and tested on an ongoing basis.”
For companies considering going public, compliance may seem like a pain at first, but costs will eventually decline as reporting standards and internal controls are established.