Sarbanes-Oxley compliance

The US regulatory environment is continually changing. An awareness of the legal, regulatory and capital impacts of business decisions is needed. The Sarbanes-Oxley Act introduced requirements around internal control over financial reporting and corporate governance.

Sarbanes-Oxley compliance requirements have elevated the role and responsibility of auditors while taking aim at the C-suites with tough new rules that call for increased accountability from top company executives. Corporate disclosure, compliance oversight, controls monitoring, company training, and the practice of public accounting all have been impacted by Sarbanes-Oxley.

Most companies face a compliance concern related to Section 404 of the Sarbanes-Oxley Act. This rule requires management to assess the effectiveness of the company's internal control over financial reporting, including the appropriateness of the documentation to support these controls, and include its findings in the company's annual report to shareholders.

If this is your situation:

  • You’ve now become a US SEC subsidiary in Malaysia
  • You’ve identified potential controls issues that require remediation and additional manpower to test your controls
  • You require additional technical knowledge to plan and deliver a major controls implementation/enhancement project
  • Your initial attempts at documenting and evaluating effectiveness of controls have produced inconsistent, often poor quality results and your staffs need support
  • You want to know how to derive the greatest value from your efforts
  • You want to understand what constitutes best practice in this area

How we can help you

For all US SEC registered organisations — whether subsidiaries of US domestic registrants or foreign private issuers — that need to comply with the requirements of Section 404 of the Sarbanes-Oxley Act, PwC provides a range of services to help you achieve compliance, as follows:

  • Project management
  • Technical support including scoping, documentation, evaluation, and reporting
  • Risk assessment
  • Change management
  • Training
  • Control environment assessment/enhancement assistance
  • Documentation support
  • Design and execution of solutions
  • Quality assurance and review activities
  • Process improvement