How the Sarbanes-Oxley Act Fits into Your Private Company’s Growth

Since the passage of the Sarbanes-Oxley Act (SOX) in 2002, public companies have dealt firsthand with the heightened financial reporting, disclosure and corporate governance requirements imposed upon them by SOX, as well as by regulations promulgated by the New York Stock Exchange, Nasdaq and others in response to SOX. Although not expressly subject to SOX or these regulations, private companies also have been impacted as the effects of SOX have rippled throughout the business world. Private companies that are on a growth trajectory, including those considering exit strategies such as an initial public offering (IPO) or a sale of their assets or equity to third parties, should review the provisions of SOX and the exchange regulations and select those provisions that would make sense for them to adopt.

Although the start-up cost of Sarbanes-Oxley compliance can be great, the benefits for a growing company may be significant, both operationally and financially. By complying with the financial reporting and governance requirements, a private company can increase the accuracy and improve the timeliness of its information, thereby reducing the time and energy that management sometimes spends in this area. A company can enhance its books and records for potential or expected audits in the future. As discussed below, a company also can eliminate litigation or reduce damages that may be assessed in a lawsuit.

SOX has certain provisions that, by their terms, are directly applicable to all companies, including privately held ones. These provisions relate to document retention (and criminal liability for document destruction), liability for retaliation against whistleblowers, criminal and securities fraud and blackout notices (in the ERISA context). Other provisions are not mandatory for private companies, but should be considered by them in formulating their compliance policies. Some of the suggestions include establishing:

  • An audit committee (consisting of independent directors that are financially literate and including one member that has financial expertise) that is charged with reviewing and making decisions in regards to the company’s financial matters, including dealing with the company’s auditors
  • A compensation committee that reviews and makes determinations regarding the compensation of executive officers
  • Committee charters that set the policies and duties of the board committees
  • A ban on personal loans to directors and executive officers
  • An accounting complaint policy (in other words, a “whistleblower” procedure) whereby employees can anonymously bring accounting and financial problems to light
  • Adequate disclosure controls and procedures
  • Adequate internal controls and procedures for financial reporting, and
  • Compliance with generally accepted accounting principles (GAAP)

In some cases, key business partners, lenders, investors and others may demand that a company comply with one or more of these and other provisions before they will enter into any business arrangement with it. For instance, insurance companies may require the CEO and CFO of a private company to certify its financial statements before issuing director and officer insurance. In a lending context, banks may require a company to make representations and warranties that it complies with certain governance or financial provisions. Investors and buyers can insist on audited financials, controls over and disclosure of related party transactions, and the inclusion of a Management’s Discussion and Analysis (MD&A) section to provide management’s take on the financial performance of the company. This is particularly true if the company is the potential target of a public company in a merger or acquisition transaction as SOX requires the public company’s CEO and CFO to certify the consolidated financial statements that would include the financials of any private company that it acquires.

A director nominee also may make certain demands prior to accepting a nomination to the board of directors of a private company. SOX has raised the bar of what is considered “best practices” for a corporation. Where the fiduciary duties of a director have been elevated because of SOX, individuals who are directors of both public and private companies often insist that the private companies have similar corporate governance and financial control and reporting features. Rightfully so, these directors often believe that Sarbanes-Oxley compliance will help them fulfill their fiduciary duties of care and loyalty.

If a company is considering an IPO, it is very important to voluntarily comply with SOX as soon as possible before filing a registration statement with the Securities and Exchange Commission. Doing so would tell investors and underwriters that the company is serious and is knowledgeable about its obligations once it does file its registration statement. In addition, getting a jump start on Sarbanes-Oxley compliance can save precious time during the work-intensive IPO process. For example, it may be difficult to find enough independent directors or set up adequate internal accounting controls and procedures in time.

A private company also can use SOX to avoid litigation or to minimize any damages that may be imposed upon it in a litigation or alternative dispute resolution context. If a company adopts a code of conduct for its senior management and directors, and takes steps to enforce this code, it can show in a litigation context that, as a company, it has done everything in its power to prevent fraud or other criminal activity.

Private companies should view SOX as an opportunity to enhance themselves rather than viewing the panoply of provisions as cumbersome or daunting. In fact, one of the benefits of being a private company (and one reason some public companies choose to go private) is that private companies are not expressly subject to the financial reporting, disclosure and corporate governance provisions of SOX. Therefore, by picking and choosing the provisions of SOX that best suit their business needs, and keeping in mind their growth strategy or exit plans, private companies can make themselves more valuable, and therefore more attractive, to investors, lenders, business partners, buyers, directors, executives and others.

Please contact the author at


Skip to content