Widely deemed the most important piece of security legislation since formation of the Securities and Exchange Commission in 1934, the landmark Sarbanes-Oxley Act of 2002 was born into a climate still reeling from the burst of the high-tech bubble and fraud scandals at Enron and WorldCom.
Its intent was to improve corporate governance and restore the faith of investors, but many in the business world spoke out against SOX, viewing it as a politically motivated overcorrection that would lead to a loss of risk-taking and competitiveness.
“The big, unanswered question is whether SOX-related changes had any impact in the lead-up to the financial crisis.
HBS Associate Professor Suraj Srinivasan and Harvard Law School Professor John C. Coates leverage the benefit of hindsight to assess research findings from over 120 papers in accounting, finance, and law to evaluate the act's impact and establish takeaways to guide the creation of future legislation.
While current measurement systems are insufficient to make an unambiguous, overarching judgment of the act's net benefits, Srinivasan and Coates isolate a few clear findings and make a case for flexibility and experimentation to guide future laws and reforms in the financial arena.
One thing is clear: Despite severe criticism, the act and the institutions it created have survived almost intact since enactment. But so have condemnations. It's a puzzle, say the authors, that "on the one hand, the law continues to be fiercely and relentlessly attacked in the US" while those most affected by the act as implemented express "acquiescence or even mild praise."
The paper, SOX after Ten Years: A Multidisciplinary Review, is scheduled to be published later this year in Accounting Horizons.
"We took a cost/benefit approach when considering SOX," explains Srinivasan. The most worrisome part of the act on the business side was the mandate that required public companies to obtain an independent audit of their internal control practices. The cost of this requirement, he says, was felt most acutely by smaller companies, although it was ultimately deferred for companies with market caps of less than $75 million and made permanent in the Dodd-Frank Act. Audit standards also were modified in 2007, a change that reportedly reduced costs for many firms by 25 percent or more per year.
Sarbanes Oxley's effects on financial institutions is still being studied. Photo: iStockPhoto
"That aspect of flexibility—being able to exempt some smaller companies from the mandate and make it easier for others to implement—is an important quality to keep in mind when we discuss future regulation," says Srinivasan, who also cites the important role of the Public Company Accounting Oversight Board (PCAOB), a nonprofit private corporation created by SOX that oversees auditors of SEC-registered companies.
Markets Have Benefitted
Despite high initial costs of the internal control mandate, evidence shows that it has proved beneficial. "Markets have been able to use the information to assess companies more effectively, managers have improved internal processes, and the internal control testing has become more cost-effective over time," according to Srinivasan.
The research does not support the fear that SOX would reduce levels of risk-taking and investment in research and growth. Another concern that the act would shrink the number of IPOs has not been borne out either; in fact, the pricing of IPOs post-SOX became less uncertain. The cost of being a publicly traded company did cause some firms to go private, but research shows these were primarily organizations that were smaller, less liquid, and more fraud-prone.
"Yes, SOX may have cut off public market financing to these companies, but the question is whether it was appropriate for them to be in public markets in the first place," Srinivasan says. "That is a value judgment, to be sure. But it may not be a bad thing if certain companies are restricted in their access to financing, simply because loss of trust in public capital markets has big consequences for the entire economy."
A 2005 survey by the Financial Executives Research Foundation found that 83 percent of large company CFOs agreed that SOX had increased investor confidence, with 33 percent agreeing that it had reduced fraud.
And yet—the financial crisis of 2008 still happened.
"The big, unanswered question is whether SOX-related changes had any impact in the lead-up to the financial crisis. Did it make things better or worse?" says Srinivasan. "We don't know the answer to that. We only know that there were benefits in terms of financial reporting and corporate governance; that costs of implementation were higher for smaller companies; and that concerns about risk-taking and investment haven't come to bear. One of the big takeaways from this paper is how difficult it is to measure costs and benefits of regulation in a systematic way."
Costs And Benefits
Building flexibility into new policymaking that allows for more experimentation and measurement is helpful, he notes, as is avoiding a one-size-fits-all approach. "The costs of regulation are more direct and easier to comprehend than the benefits, which are mostly indirect. So there will always be upfront concerns about regulation, which leads back to the importance of building in opportunities to measure the costs and benefits.
"A skeptic of regulation would say that SOX wasn't needed at all, that the system would have fixed itself," he continues. "But what was the cost of fraud to the overall economy? We intuitively feel it was large, but we have not made progress in measuring it. That is a future question for research."
Despite the difficulty of assessing the effects of regulation, Srinivasan stresses the importance of continuing to look for ways to do so, citing the possibility of experiments such as random implementation or a voluntary opt-in/opt-out approach that would enable researchers to make causal inferences.
"It's important for everyone who has a stake in the US economy to realize how these laws are being made and to assess whether they are working or not," he says. "We have to be very thoughtful and allow for experimentation and performance measurement. We can't have a knee-jerk reaction and leave it only to political entrepreneurs to create the law."