• House a Readiness Assessment that can be automated and sent to the CEO and CFO on a quarterly or annual basis, have their responses fed into a 302/906 certification report then printed out for final attestations to provide assurance over liability.
• Use our Reporting & Dashboard tools to generate visualizations like readiness summaries, 10-Q and 10-K reporting calendars and more to continually stay on top of due dates.
• Customize the LogicManager home screen to bring your CEO and CFO directly to the controls and attestations they must review to ensure certifications are completed in a timely manner.

Maintain a centralized repository

LogicManager is able to store the SOX controls, testing components and financial line items directly within the tool. It is also able to house a readiness assessment that can be automated and sent to the CEO and CFO on a quarterly or annual basis, where the officer must attest ‘Yes’ or ‘No’ to each readiness question (covered in the above section). These responses can then be fed into a 302/906 certification report signifying the officer’s attestations, and finally printed and signed by the CEO/CFO. This provides assurance to protect the signer’s personal and corporate liability by enforcing best-practice standards over the report’s preparation process that prevent the risks of inaccuracy, false or misleading statements or has omitted necessary material information.

Stay on top of due dates

Oftentimes, without a tool like LogicManager, the CEO and CFO are emailed these questionnaires to be filled out prior to deadlines. It can be difficult to keep track of this line of communication and additional follow-ups. LogicManager can ensure these questionnaires are sent on a yearly, automated basis with reminder emails being sent until the task is completed.

Section 302 / 906 / 404 of the Sarbanes-Oxley (SOX) Act focuses on disclosure of controls and attestations of signing officers, namely the CEO and the CFO. The CEO and CFO must attest that the financial statements of an organization are accurate, as these attestations are filed with the regulatory body, the SEC, and are available via the quarterly 10-Q report and annual 10-K report. The certification of Section 302 confirms that the signing officers have reviewed the report, that the report does not contain false or misleading information and that the financial statements are accurate. This indicates that these signing officers are accountable for the information provided therein.

SOX compliance is mandatory, but it isn’t the end goal; it’s the minimum operating standard for public companies. Given that SOX is heavily influenced by internal processes, it’s important to formalize your certification and attestation processes and engage with other departments across the organization to ensure accuracy, completeness and effectiveness during your financial reporting process.

SOX compliance has major implications for all public companies. If your organization is found guilty of noncompliance or negligence, it can lead to lawsuits and negative publicity. It can also lead to hefty fines and imprisonment for falsified information. Taking a risk-based, integrated approach helps prevent the potential materialization of these risks.

If any irregularities are detected in the reports signed by those making SOX certifications and attestations, those that certify them face serious consequences. Besides lawsuits and negative publicity, a corporate officer who does not comply or submits an inaccurate certification is subject to a fine of up to $1 million and/or ten years in prison, even if done mistakenly. Those caught willfully certifying a false report risk significantly greater penalties, including up to $5,000,000 in fines or 20 years in prison, or both.