The Path to Building Better Business Practice in Compliance with UK SOX

Press archives over the past decade have demonstrated that many Public Limited Companies in the United Kingdom have either collapsed or made the headlines due to accounting irregularities or some other form of lack of internal control to ensure financial statements are reliable. This article explores the need for UK businesses to anticipate wide-scale adoption of SOX, as they progress down the path to building better businesses.

United Kingdom UK SOX: Financial Controls

It should come as no surprise that after the demise of some of the most well known high street businesses in the UK that an overhaul in the regulation and frameworks of large publicly listed businesses was well overdue.

Looking back to the financial crash of 2008 and the Enron Scandal that prompted the Sarbanes Oxley Act way back in the 1990s, it seems the UK was too busy looking back at itself and not really looking forward to the same reformation that propelled US businesses in their wide-scale (and mandated) adoption of SOX and Internal Control over Financial Reporting (ICFR) requirements.

Reading through the press archives over the past decade, there are more than a handful of cases where Public Limited Company (PLC) businesses have either collapsed or made the headlines due to accounting irregularities or some other form of lack of internal control to ensure financial statements are reliable. 

In 2009
Cattles PLC was subject to a full forensic accounting review which led to its ultimate wind down


In 2013
There was a surprise discovery of a £1.5bn black hole in the Co-op Bank's balance sheet


In 2017
Tesco had to pay out £235 million to settle investigations by the Serious Fraud Office and Financial Conduct Authority into the 2014 accounting scandal


On the other side of the ICFR audit, nearly all of the big four companies have had to make changes due to issues found in their audit of organisations like Autonomy and Redcentric. In the past month, the watchdog has opened investigations into the audits of Greensill Capital and Wyelands Bank as regulatory scrutiny of the companies increases.

As the build-up to the introduction of UK SOX Framework materialises over the coming months – with December 2023 likely to be the earliest date of attestation – the content available within the Alyne platform provides an out-of-the-box Control Set for ICFR to guide your organisation towards easier SOX and SOC 1 compliance. Alyne's extended capabilities simplify ICFR related regulation and information such that your organisation can begin to drive improvements to your financial reporting mechanisms to ensure compliance.

 

Setting up the foundations of an effective SOX Program

Despite the seemingly fair and straightforward requirements that form the foundation of an effective SOX program, implementing SOX compliance can be a tedious process to set up. In order to be compliant with SOX, business leaders should build their programs by adopting automation to help them consistently investigate the effectiveness of their internal controls.
 

Success factors to guide you towards SOX Compliance

As the publicly listed companies in the United States have been legally engaged in SOX programs for a long time now, here are 3 success factors that we believe will guide the implementation of your assurance mechanisms to be more efficient. 

This includes best practices such as:

  • Don't leave everything to the last minute
    Start as early as possible so that you can manage time and resources efficiently and effectively to ensure that SOX requirements are met during SOX testing.  

  • Understand the essence of SOX requirements and the processes it involves
    SOX ensures that there is better stewardship of organisational financial records which often have a snowball effect on other aspects of the enterprise. Understanding the requirements of SOX documentation and SOX controls will definitely improve and streamline the process involved. 

  • Don’t re-invent the wheel
    At first glance, it may be easier for business leaders to design and introduce new controls and processes. However, this ignores commonalities or synergies between current controls and practices and SOX requirements which often results in an inefficient allocation of time and resources.
     

How do I manage Internal Control over Financial Reporting (SOX & SOC 1) using Alyne?

In order to be compliant with SOX, organisations are required to create ICFR controls and ICFR testing that cover a large scope of IT and financial requirements, all tailored to their unique organisational structure. The design and effectiveness of which, will be investigated by the organisation's assigned SOX Auditor. Alyne's ICFR capabilities leverage this new library of Financial Controls.

In addition to the Control Set, Alyne offers an out-of-the-box Assessment Template with pre-configured maturity levels which helps corporations to assess the maturity of their financial integrity to assess compliance within their financial reporting requirements.

Download our latest White Paper or watch Webinar to learn more about how Alyne's Internal Controls over Financial Reporting capabilities go beyond IT and Information Security related Controls, to implement extensive coverage of Financial Controls focused purely on the financial integrity of an enterprise.

Ready for launch? Book a demo with an Alyne Expert in your area, our team will be happy to hear from you.

Learn more about Financial Reporting requirements in our episode of The RegTech Report.

Written by Pendle Jackson in collaboration with Eunice Cheah.

ZurückWeiter
Pendle Jackson

Related Posts

Tackling The Surge In Information Security Incidents

Ransomware attacks in 2021 have become more sophisticated and disruptive than they have ever been. With this increase, it is imperative for business leaders to build up comprehensive defense against information security attacks by leveraging both mandatory and voluntary standards. In this article, Alyne Senior Consultant, Maximilian Millitzer elaborates on what business leaders should do to enable a quicker response, in the event of an information security incident.
Weiterlesen

Gearing Towards Greater Cyber Security Maturity in the Automotive Sector

The automotive industry is moving full speed ahead towards the software defined car and regulations and standards such as UN R155 and ISO/SAE 21434 have made it mandatory for businesses in the automotive industry to be compliant with cyber security management. Learn about Product Security Organisation Framework (PROOF), developed by Escrypt ad KPMG in partnership with Alyne's technology, and get the details on the upcoming workshop at escar (The world's leading automotive cyber security conference).
Weiterlesen

Tightened Cyber Security Awareness Training To Combat Heightened Attempts

October is Cybersecurity Awareness Month. This 2021, Co-founder of Alyne, Stefan Sulistyo shares how Alyne goes beyond the notion of being in compliance with various security awareness requirements to strengthen our collective digital ecosystem – especially during remote working, and the recent acquisition of Alyne by Mitratech – two events which have heightened cyber and phishing attempts across the business.
Weiterlesen