Does this apply to my financial services business?
If your business stores or transmits financial data, you are required to comply with security standards passed in the Sarbanes-Oxley Act (SOX). The way in which your company stores electronic records changed as a result of SOX. While the act does not specify how a business should store records or establish a set of business practices, it does define which records should be stored and the length of time for the storage.
Why is SOX financial cybersecurity important?
The Sarbanes-Oxley (SOX) Act was established to protect the public from fraudulent or erroneous practices by corporations and other business entities. The goal of this legislation was to increase transparency in financial reporting and require a formalized system of checks and balances in each company.
Regardless of regulation and requirement, SOX compliance is a good, ethical business practice to follow. By implementing SOX financial security controls, your organization is protected from data theft and cyber threats.
Accent Consulting has extensive experience with security and compliance in many areas. With our knowledge on SOX requirements, we are equipped to help you prepare for a SOX audit and can work with you to build and maintain compliance.
Is This a Law?
In 2002, the United States Congress passed the Sarbanes-Oxley Act (SOX) to protect shareholders and the general public from accounting errors and fraudulent practices in enterprises, and to improve the accuracy of corporate disclosures. The act sets deadlines for compliance and publishes rules on requirements. Congressmen Paul Sarbanes and Michael Oxley drafted the act with the goal of improving accountability, in light of several financial scandals and compromises that have occurred in recent years.
To comply with SOX, companies must save all business records, including electronic records and electronic messages, for “not less than five years.” Consequences for noncompliance include fines or imprisonment, or both.