To address corporate fraud in the wake of the Enron scandal, the Sarbanes-Oxley Act (2002) implements new reporting requirements for firms listed on US stock exchanges, including Canadian firms and Canadian subsidiaries of US public companies.
For financial years ending after June 15, 2004, Section 404 of the Act will require management and external auditors to certify in the financial reports that procedures are in place to ensure the accuracy of transaction reporting. Tracking internal responsibility for contract details is expected to be a keystone in this process. According to cio.com, an online trade magazine, Chief Information Officers are expected to be responsible for maintaining this data and should already be addressing the following issues:
- are transactions effectively documented in the financial management software;
- are policies and procedures in place to maintain the security and integrity of this documentation;
- are asset management policies documented and adhered to;
- do old policies and data, or policies and data acquired by consolidation with another company comply with current policies; and
- are outsourced operations being properly accounted for.