UK’s Version of Sarbanes Oxley
Following a series of large corporate failures over the last few years, the UK Government has set out a road map to revamp the audit and corporate governance framework in the UK. Having considered the extensive feedback to the Government’s March 2021 White Paper, Restoring Trust in Audit and Corporate Governance, the Government published its response on 31 May 2022 which sets out how they plan to act in light of the comments received.
The starting point for the Government is the creation of the new regulator, the Audit, Reporting and Governance Authority (ARGA) to replace the Financial Reporting Counsel, which is anticipated to be created towards the end of 2023. However, the general approach by the Government is to implement its proposals over a number of years to give companies, auditors and other stakeholders time to prepare and adapt to the new regulations.
The proposed reforms are wide ranging and have been informally dubbed ‘UK’s version of Sarbanes Oxley’ after the US Sarbanes Oxley Act of 2002 which was designed to protect investors in the US by making corporate disclosures more reliable and accurate, in part by imposing personal liability for directors for certain acts. The UK’s version of Sarbanes Oxley has similar ambitions and will also impact the liability profiles of directors.
Lachlan Low, Counsel at White & Case LLP, states:
“The proposed reforms impose new reporting requirements on directors. In particular, directors will be required to make an explicit statement about whether they regard their internal controls to be effective and the basis for that assessment. In addition, they will be required to prepare an annual resilience statement, a statement on anti-fraud measures and statements around the legality of proposed dividends. Companies will also have to deliver an audit and assurance policy every three years and publish an annual implementation report showing how the assurance activity is working in practice.
As well as additional reporting, disclosure and monitoring responsibilities, the proposed reforms impose new regulatory duties, which will be in addition to existing directors’ duties (as set out in the Companies Act 2006 and common law) in relation to reporting and audit matters. On top of this, there will be a behaviour standard owed to ARGA.
It is unclear what this will look like, and whilst the new behavioural standard is intended to work alongside the existing regime of directors’ duties, there is no detail yet as to how this will happen in practice — there remains the possibility that the standards set by ARGA may conflict with the directors’ duties.
Whilst there remain some uncertainties as to what the proposed reforms will look like, there is sufficient certainty that companies can start preparing for the changes that are to come. For example, companies can start reviewing their system of governance and control, conduct a gap analysis of their existing internal controls architecture, assess training needs and assess the processes and practices in place in relation to corporate reporting and disclosure. When designing any road map, companies should remember that any response should be proportionate and will vary depending on the nature and size of the organisation.”
Shervin Binesh, Commercial Director at Cytec Solutions, shares his views on technology playing a key role in companies preparing for the UK’s version of Sarbanes Oxley:
“Technology solutions will undoubtedly act as an enabler for compliance, and I don’t see this being a surprise given the array of technology platforms already playing a key role within the corporate governance and compliance ecosystem.
We are encouraging our clients to consider how they want our technology solutions to connect with multiple stakeholders within their organisations, as well as integrating with third-party platforms to automate process and controls. Appreciating that many businesses will be using multiple technologies and applications, assessing the cooperability of these systems can be a challenge but the long-term efficiencies will be significant.
As a SaaS provider of solutions targeted towards the UK corporate governance and equity management space, data integrity and control has always been core to our offering. We are seeing a heightened assessment process from new clients looking to deploy our software into their financial reporting process, to ensure the right controls are in place to future-proof any requirements.”
As we progress into the latter half of 2023, we will be publishing further articles to share more detailed insights on the topic of the UK’s version of Sarbanes Oxley and navigating some of the challenges faced by our clients.
Authors: Lachlan Low, Counsel at White & Case LLP (left) Shervin Binesh, Commercial Director at Cytec Solutions (right)
Any views expressed in this publication are strictly those of the authors and should not be attributed in any way to White & Case LLP.