The Path to Building Better Business Practice in Compliance with UK SOX

• • • |

Press archives over the past decade have demonstrated that many Public Limited Companies in the United Kingdom have either collapsed or made the headlines due to accounting irregularities or some other form of lack of internal control to ensure financial statements are reliable. This article explores the need for UK businesses to anticipate wide-scale adoption of SOX, as they progress down the path to building better businesses.

United Kingdom UK SOX: Financial Controls

It should come as no surprise that after the demise of some of the most well known high street businesses in the UK that an overhaul in the regulation and frameworks of large publicly listed businesses was well overdue.

Looking back to the financial crash of 2008 and the Enron Scandal that prompted the Sarbanes Oxley Act way back in the 1990s, it seems the UK was too busy looking back at itself and not really looking forward to the same reformation that propelled US businesses in their wide-scale (and mandated) adoption of SOX and Internal Control over Financial Reporting (ICFR) requirements.

Reading through the press archives over the past decade, there are more than a handful of cases where Public Limited Company (PLC) businesses have either collapsed or made the headlines due to accounting irregularities or some other form of lack of internal control to ensure financial statements are reliable.

In 2009
Cattles PLC was subject to a full forensic accounting review which led to its ultimate wind down

In 2013
There was a surprise discovery of a £1.5bn black hole in the Co-op Bank’s balance sheet

In 2017
Tesco had to pay out £235 million to settle investigations by the Serious Fraud Office and Financial Conduct Authority into the 2014 accounting scandal

On the other side of the ICFR audit, nearly all of the big four companies have had to make changes due to issues found in their audit of organisations like Autonomy and Redcentric. In the past month, the watchdog has opened investigations into the audits of Greensill Capital and Wyelands Bank as regulatory scrutiny of the companies increases.

As the build-up to the introduction of UK SOX Framework materialises over the coming months – with December 2023 likely to be the earliest date of attestation – the content available within the Alyne platform provides an out-of-the-box Control Set for ICFR to guide your organisation towards easier SOX and SOC 1 compliance. Alyne’s extended capabilities simplify ICFR related regulation and information such that your organisation can begin to drive improvements to your financial reporting mechanisms to ensure compliance.

Setting up the foundations of an effective SOX Program

Despite the seemingly fair and straightforward requirements that form the foundation of an effective SOX program, implementing SOX compliance can be a tedious process to set up. In order to be compliant with SOX, business leaders should build their programs by adopting automation to help them consistently investigate the effectiveness of their internal controls.

Success factors to guide you towards SOX Compliance

As the publicly listed companies in the United States have been legally engaged in SOX programs for a long time now, here are 3 success factors that we believe will guide the implementation of your assurance mechanisms to be more efficient.

This includes best practices such as:

  • Don’t leave everything to the last minute
    Start as early as possible so that you can manage time and resources efficiently and effectively to ensure that SOX requirements are met during SOX testing.
  • Understand the essence of SOX requirements and the processes it involves
    SOX ensures that there is better stewardship of organisational financial records which often have a snowball effect on other aspects of the enterprise. Understanding the requirements of SOX documentation and SOX controls will definitely improve and streamline the process involved.
  • Don’t re-invent the wheel
    At first glance, it may be easier for business leaders to design and introduce new controls and processes. However, this ignores commonalities or synergies between current controls and practices and SOX requirements which often results in an inefficient allocation of time and resources.

How do I manage Internal Control over Financial Reporting (SOX & SOC 1) using Alyne?

In order to be compliant with SOX, organisations are required to create ICFR controls and ICFR testing that cover a large scope of IT and financial requirements, all tailored to their unique organisational structure. The design and effectiveness of which, will be investigated by the organisation’s assigned SOX Auditor. Alyne’s ICFR capabilities leverage this new library of Financial Controls.

In addition to the Control Set, Alyne offers an out-of-the-box Assessment Template with pre-configured maturity levels which helps corporations to assess the maturity of their financial integrity to assess compliance within their financial reporting requirements.

Ready for launch? Book a demo with an Alyne Expert in your area, our team will be happy to hear from you.

Learn more about Financial Reporting requirements in our episode of The RegTech Report.

Written by Pendle Jackson in collaboration with Eunice Cheah.